www.ihash.eu Open in urlscan Pro
2606:4700:30::681c:1a06 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.ihash.eu/2019/07/sweed-exposing-years-of-agent-tesla-campaigns/
Submission: On July 26 via api (July 26th 2019, 1:10:16 pm UTC) from US

Summary HTTP 56 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 10 domains to perform 56 HTTP transactions. The main IP is 2606:4700:30::681c:1a06, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is www.ihash.eu.

This is the only time www.ihash.eu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	2606:4700:30:... 2606:4700:30::681c:1a06	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
13	192.0.77.37 192.0.77.37	2635 (AUTOMATTIC) (AUTOMATTIC - Automattic)
1	2a00:1450:400... 2a00:1450:4001:820::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:81d::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2606:4700::68... 2606:4700::6813:c597	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
5	2a00:1450:400... 2a00:1450:4001:819::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC - Automattic)
1	192.0.77.32 192.0.77.32	2635 (AUTOMATTIC) (AUTOMATTIC - Automattic)
1	2a00:1450:400... 2a00:1450:4001:814::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
56	11

20 2606:4700:30::681c:1a06 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.ihash.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 192.0.77.37 (San Francisco, United States)

ASN2635 (AUTOMATTIC - Automattic, Inc, US)
PTR: wordpress.com

c0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:c597 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC - Automattic, Inc, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.32 (San Francisco, United States)

ASN2635 (AUTOMATTIC - Automattic, Inc, US)
PTR: wordpress.com

s0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	ihash.eu www.ihash.eu	136 KB
15	wp.com c0.wp.com i1.wp.com Failed i0.wp.com Failed stats.wp.com s0.wp.com	114 KB
5	gstatic.com fonts.gstatic.com	63 KB
2	google-analytics.com www.google-analytics.com	18 KB
1	googlesyndication.com pagead2.googlesyndication.com	34 KB
1	doubleclick.net stats.g.doubleclick.net	303 B
1	cloudflare.com ajax.cloudflare.com	4 KB
1	googleapis.com fonts.googleapis.com	1 KB
0	netdna-ssl.com Failed stacksocial-production-stacksocial.netdna-ssl.com Failed
0	wordpress.com Failed jetpack.wordpress.com Failed
56	10

	Domain	Requested by
20	www.ihash.eu	www.ihash.eu www.google-analytics.com ajax.cloudflare.com
13	c0.wp.com	www.ihash.eu ajax.cloudflare.com
5	fonts.gstatic.com	www.google-analytics.com
2	www.google-analytics.com	www.ihash.eu
1	pagead2.googlesyndication.com	ajax.cloudflare.com
1	s0.wp.com	ajax.cloudflare.com
1	stats.wp.com	ajax.cloudflare.com
1	stats.g.doubleclick.net	www.ihash.eu
1	ajax.cloudflare.com	www.ihash.eu
1	fonts.googleapis.com	www.ihash.eu
0	stacksocial-production-stacksocial.netdna-ssl.com Failed	ajax.cloudflare.com
0	jetpack.wordpress.com Failed	www.ihash.eu
0	i0.wp.com Failed	www.ihash.eu
0	i1.wp.com Failed	www.ihash.eu
56	14

This site contains links to these domains. Also see Links.

Domain
ihash.eu
www.blogger.com
blog.talosintelligence.com
blogs.cisco.com
akismet.com
www.linkev.com

Subject Issuer	Validity	Valid
	`1970-01-01` - `1970-01-01`	a few seconds	crt.sh
*.wp.com Go Daddy Secure Certificate Authority - G2	`2018-04-10` - `2020-05-11`	2 years	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-06-18` - `2019-09-10`	3 months	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-03-02` - `2019-09-08`	6 months	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2019-06-18` - `2019-09-10`	3 months	crt.sh

This page contains 2 frames:

Primary Page: http://www.ihash.eu/2019/07/sweed-exposing-years-of-agent-tesla-campaigns/
Frame ID: E6F9B2E36C7DDC9239B5C501F6721F9D
Requests: 57 HTTP requests in this frame

Frame: http://jetpack.wordpress.com/jetpack-comment/?blogid=51197186&postid=45607&comment_registration=0&require_name_email=1&stc_enabled=1&stb_enabled=1&show_avatars=0&avatar_default=blank&greeting=Leave+a+Reply&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en_US&jetpack_version=7.5.3&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=882986d682df8efc7c1f877096aff5aeb745694f
Frame ID: 3D483217CC6C06097616F9DB179C215D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
html /<link[^>]+s\d+\.wp\.com/i
script /\/wp-(?:content|includes)\//i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
html /<link[^>]+s\d+\.wp\.com/i
script /\/wp-(?:content|includes)\//i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
html /<link[^>]+s\d+\.wp\.com/i
script /\/wp-(?:content|includes)\//i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

56
Requests

34 %
HTTPS

70 %
IPv6

10
Domains

14
Subdomains

11
IPs

3
Countries

389 kB
Transfer

1022 kB
Size

0
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: http://ihash.eu/tag/free-apps/
Title: Free Apps

Search URL Search Domain Scan URL

URL: http://ihash.eu/tag/how-to
Title: Other

Search URL Search Domain Scan URL

URL: https://www.blogger.com/profile/10442669663667294759
Title: Edmund Brumaghin

Search URL Search Domain Scan URL

URL: https://blog.talosintelligence.com/2018/10/old-dog-new-tricks-analysing-new-rtf_15.html
Title: what we’ve seen in the past

Search URL Search Domain Scan URL

URL: https://blog.talosintelligence.com/2019/07/sweed-agent-tesla.html
Title: Read More >>

Search URL Search Domain Scan URL

URL: https://blogs.cisco.com/security/talos/sweed-exposing-years-of-agent-tesla-campaigns
Title: Source link

Search URL Search Domain Scan URL

URL: https://akismet.com/privacy/
Title: Learn how your comment data is processed

Search URL Search Domain Scan URL

URL: https://www.linkev.com/?a_aid=lotr3s5
Title: <img class="aligncenter size-full wp-image-44625" src="https://i2.wp.com/www.ihash.eu/wp-content/uploads/2019/05/expressVPN.gif?resize=300%2C250&ssl=1" alt="" width="300" height="250" data-recalc-dims="1" />

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

56 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
www.ihash.eu/2019/07/sweed-exposing-years-of-agent-tesla-campaigns/ 76 KB
16 KB 333ms
307ms Document
text/html 2606:4700:30::681c:1a06
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://www.ihash.eu/2019/07/sweed-exposing-years-of-agent-tesla-campaigns/
Protocol: HTTP/1.1
Server: 2606:4700:30::681c:1a06 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: df84fcb454ce8df1aa0a504f76d75f1eb48db2ba84718313b135bb5747057a8e

Request headers

Host: www.ihash.eu
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Date: Fri, 26 Jul 2019 13:09:41 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d1a9707dff33b2e1b7971dd68aaffa6c71564146581; expires=Sat, 25-Jul-20 13:09:41 GMT; path=/; domain=.ihash.eu; HttpOnly
Vary: User-Agent,Accept-Encoding
Last-Modified: Fri, 26 Jul 2019 10:59:32 GMT
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: Mon, 29 Oct 1923 20:30:00 GMT
CF-Cache-Status: EXPIRED
Server: cloudflare
CF-RAY: 4fc69c051e71d711-FRA
Content-Encoding: gzip

GET
H/1.1 200
OK dgz9y.css
www.ihash.eu/wp-content/cache/wpfc-minified/ma5moh1r/ 33 KB
7 KB 11ms
10ms Stylesheet
text/css 2606:4700:30::681c:1a06
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://www.ihash.eu/wp-content/cache/wpfc-minified/ma5moh1r/dgz9y.css
Requested by: Host: www.ihash.eu
URL: http://www.ihash.eu/2019/07/sweed-exposing-years-of-agent-tesla-campaigns/
Protocol: HTTP/1.1
Security: , ,
Server: 2606:4700:30::681c:1a06 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b661b91f9a48767038b0546c9c7dd5088173081654d98cbf7a6789874777f8e

Request headers

Referer: http://www.ihash.eu/2019/07/sweed-exposing-years-of-agent-tesla-campaigns/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Date: Fri, 26 Jul 2019 13:09:41 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Sun, 21 Jul 2019 14:20:12 GMT
Server: cloudflare
Age: 56104
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=10368000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 4fc69c070c93d711-FRA
Content-Length: 6666
Expires: Sat, 23 Nov 2019 13:09:41 GMT

GET
H2 200 style.min.css
c0.wp.com/c/5.2.2/wp-includes/css/dist/block-library/ 29 KB
5 KB 7117ms
13ms Stylesheet
text/css 192.0.77.37
Automattic

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.2.2/wp-includes/css/dist/block-library/style.min.css

Requested by

Host: www.ihash.eu
URL: http://www.ihash.eu/2019/07/sweed-exposing-years-of-agent-tesla-campaigns/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

4b8fe5c3d0e5ef7a6582185cbf5c535b5d369c8df1da98c03ed69833e55f474d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: http://www.ihash.eu/2019/07/sweed-exposing-years-of-agent-tesla-campaigns/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

x-nc: HIT fra 2
date: Fri, 26 Jul 2019 13:09:48 GMT
content-encoding: br
last-modified: Mon, 22 Apr 2019 12:40:04 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Sat, 25 Jul 2020 13:09:48 GMT

GET
H/1.1 200
OK dgzb4.css
www.ihash.eu/wp-content/cache/wpfc-minified/qve9pxfe/ 32 KB
6 KB 27ms
21ms Stylesheet
text/css 2606:4700:30::681c:1a06
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://www.ihash.eu/wp-content/cache/wpfc-minified/qve9pxfe/dgzb4.css
Requested by: Host: www.ihash.eu
URL: http://www.ihash.eu/2019/07/sweed-exposing-years-of-agent-tesla-campaigns/
Protocol: HTTP/1.1
Security: , ,
Server: 2606:4700:30::681c:1a06 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fcaac1ff21b29886b1757efe24bacd73797a7c7c3bfd252d3a879b8e55b42e8

Request headers

Referer: http://www.ihash.eu/2019/07/sweed-exposing-years-of-agent-tesla-campaigns/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Date: Fri, 26 Jul 2019 13:09:41 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Sun, 21 Jul 2019 14:20:34 GMT
Server: cloudflare
Age: 415145
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=10368000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 4fc69c071c0ddfc7-FRA
Content-Length: 5749
Expires: Sat, 23 Nov 2019 13:09:41 GMT

GET
H2 200 dashicons.min.css
c0.wp.com/c/5.2.2/wp-includes/css/ 46 KB
28 KB 7118ms
14ms Stylesheet
text/css 192.0.77.37
Automattic

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.2.2/wp-includes/css/dashicons.min.css

Requested by

Host: www.ihash.eu
URL: http://www.ihash.eu/2019/07/sweed-exposing-years-of-agent-tesla-campaigns/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

18aa66c192cbef43a61b1398c292ae5c6c1d40d679428ee998b1c6bfaf61d75a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: http://www.ihash.eu/2019/07/sweed-exposing-years-of-agent-tesla-campaigns/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

x-nc: HIT fra 2
date: Fri, 26 Jul 2019 13:09:48 GMT
content-encoding: br
last-modified: Wed, 15 May 2019 19:47:55 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Sat, 25 Jul 2020 13:09:48 GMT

GET
H/1.1 200
OK css
fonts.googleapis.com/ 7 KB
1 KB 21ms
15ms Stylesheet
text/css 2a00:1450:4001:820::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Roboto%3A300%2C400%7CRaleway%3A400%2C500%2C900&ver=3.2.4

Requested by

Host: www.ihash.eu
URL: http://www.ihash.eu/2019/07/sweed-exposing-years-of-agent-tesla-campaigns/

Protocol

HTTP/1.1

Security

, ,

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

697b839fbb1bddf8f8c7eeeb47e1f6ad5d431a4a285a66d9b37f37779967fb52

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: http://www.ihash.eu/2019/07/sweed-exposing-years-of-agent-tesla-campaigns/
Origin: http://www.ihash.eu

Response headers

Date: Fri, 26 Jul 2019 13:09:41 GMT
Content-Encoding: gzip
Last-Modified: Fri, 26 Jul 2019 13:09:41 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding: chunked
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 0
Expires: Fri, 26 Jul 2019 13:09:41 GMT

GET
H/1.1 200
OK dgz9y.css
www.ihash.eu/wp-content/cache/wpfc-minified/rbkh9al/ 141 KB
42 KB 19ms
13ms Stylesheet
text/css 2606:4700:30::681c:1a06
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://www.ihash.eu/wp-content/cache/wpfc-minified/rbkh9al/dgz9y.css
Requested by: Host: www.ihash.eu
URL: http://www.ihash.eu/2019/07/sweed-exposing-years-of-agent-tesla-campaigns/
Protocol: HTTP/1.1
Security: , ,
Server: 2606:4700:30::681c:1a06 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03fdf74fe6b7e30ade525326a5eae897ff4a1e961e6e6aa0bbd94159849981ae

Request headers

Referer: http://www.ihash.eu/2019/07/sweed-exposing-years-of-agent-tesla-campaigns/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Date: Fri, 26 Jul 2019 13:09:41 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Sun, 21 Jul 2019 14:20:12 GMT
Server: cloudflare
Age: 56104
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=10368000
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 4fc69c071a61d6e5-FRA
Expires: Sat, 23 Nov 2019 13:09:41 GMT

GET
H2 200 social-logos.min.css
c0.wp.com/p/jetpack/7.5.3/_inc/social-logos/ 26 KB
18 KB 7117ms
14ms Stylesheet
text/css 192.0.77.37
Automattic

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/7.5.3/_inc/social-logos/social-logos.min.css

Requested by

Host: www.ihash.eu
URL: http://www.ihash.eu/2019/07/sweed-exposing-years-of-agent-tesla-campaigns/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

2e1ced1bd0736a56a0c44fd7b3bf8134850398ecddd52a0f5e6e437c5d527999

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: http://www.ihash.eu/2019/07/sweed-exposing-years-of-agent-tesla-campaigns/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

x-nc: HIT fra 2
date: Fri, 26 Jul 2019 13:09:48 GMT
content-encoding: br
last-modified: Wed, 27 Jun 2018 01:03:44 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Sat, 25 Jul 2020 13:09:48 GMT

GET
H2 200 jetpack.css
c0.wp.com/p/jetpack/7.5.3/css/ 70 KB
12 KB 7117ms
14ms Stylesheet
text/css 192.0.77.37
Automattic

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/7.5.3/css/jetpack.css

Requested by

Host: www.ihash.eu
URL: http://www.ihash.eu/2019/07/sweed-exposing-years-of-agent-tesla-campaigns/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

ca98f67f4ee42fbc2ddb637f9dbabcc48ac6885bc72f79beccb6ab3285931ff1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: http://www.ihash.eu/2019/07/sweed-exposing-years-of-agent-tesla-campaigns/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

x-nc: HIT fra 2
date: Fri, 26 Jul 2019 13:09:48 GMT
content-encoding: br
last-modified: Fri, 21 Jun 2019 10:15:39 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Sat, 25 Jul 2020 13:09:48 GMT

GET
H/1.1 200
OK dgz9y.css
www.ihash.eu/wp-content/cache/wpfc-minified/f69z9n9q/ 3 KB
1 KB 20ms
13ms Stylesheet
text/css 2606:4700:30::681c:1a06
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://www.ihash.eu/wp-content/cache/wpfc-minified/f69z9n9q/dgz9y.css
Requested by: Host: www.ihash.eu
URL: http://www.ihash.eu/2019/07/sweed-exposing-years-of-agent-tesla-campaigns/
Protocol: HTTP/1.1
Security: , ,
Server: 2606:4700:30::681c:1a06 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a56e24c98341fbdc7587c6f8142d813dc535c0d75e1d8b5e50ebd6ff30a0d16

Request headers

Referer: http://www.ihash.eu/2019/07/sweed-exposing-years-of-agent-tesla-campaigns/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Date: Fri, 26 Jul 2019 13:09:41 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Sun, 21 Jul 2019 14:20:12 GMT
Server: cloudflare
Age: 415145
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=10368000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 4fc69c071ae5d729-FRA
Content-Length: 1050
Expires: Sat, 23 Nov 2019 13:09:41 GMT

GET ThunderDrive-Cloud-Storage-Lifetime-Subscription-for-59.jpg
i1.wp.com/www.ihash.eu/wp-content/uploads/2019/07/ 0
0

GET Google-Analytics-Certification-Get-Certified-In-2-Days-for-13.jpg
i0.wp.com/www.ihash.eu/wp-content/uploads/2019/07/ 0
0

GET KeepSolid-VPN-Unlimited-Lifetime-Subscription-for-39.jpg
i0.wp.com/www.ihash.eu/wp-content/uploads/2019/07/ 0
0

GET The-Complete-SEO-amp-Digital-Mega-Marketing-Bundle-for-49.jpg
i0.wp.com/www.ihash.eu/wp-content/uploads/2019/07/ 0
0

GET The-Complete-Entrepreneurship-Mastery-Bundle-for-29.jpg
i0.wp.com/www.ihash.eu/wp-content/uploads/2019/07/ 0
0

GET mac-video.jpg
i1.wp.com/www.ihash.eu/wp-content/uploads/2017/08/ 0
0

GET optimus-head-logo1.jpg
i1.wp.com/www.ihash.eu/wp-content/uploads/2015/11/ 0
0

GET pst-mbox-mac-box.png
i1.wp.com/www.ihash.eu/wp-content/uploads/2015/02/ 0
0

GET
H/1.1 200
OK dgz9y.css
www.ihash.eu/wp-content/cache/wpfc-minified/1xxnsz0/ 21 KB
5 KB 25ms
19ms Stylesheet
text/css 2606:4700:30::681c:1a06
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://www.ihash.eu/wp-content/cache/wpfc-minified/1xxnsz0/dgz9y.css
Requested by: Host: www.ihash.eu
URL: http://www.ihash.eu/2019/07/sweed-exposing-years-of-agent-tesla-campaigns/
Protocol: HTTP/1.1
Security: , ,
Server: 2606:4700:30::681c:1a06 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59eeaa71deba88027ee9b327c67f38051b720e0d5d6354b1f7c87f1e36a9d18a

Request headers

Referer: http://www.ihash.eu/2019/07/sweed-exposing-years-of-agent-tesla-campaigns/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Date: Fri, 26 Jul 2019 13:09:41 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Sun, 21 Jul 2019 14:20:12 GMT
Server: cloudflare
Age: 415145
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=10368000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 4fc69c0718586479-FRA
Content-Length: 4513
Expires: Sat, 23 Nov 2019 13:09:41 GMT

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

43 KB
18 KB

18ms
6ms

Script
text/javascript

2a00:1450:4001:81d::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.ihash.eu
URL: http://www.ihash.eu/2019/07/sweed-exposing-years-of-agent-tesla-campaigns/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a4883cce814b6793c5bd6dd3639d6048ecab39a93a90b560d39a9fd0aff6e263

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.ihash.eu/2019/07/sweed-exposing-years-of-agent-tesla-campaigns/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 20 Jun 2019 21:35:04 GMT
server: Golfe2
age: 2521
date: Fri, 26 Jul 2019 12:27:40 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 17707
expires: Fri, 26 Jul 2019 14:27:40 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET /
jetpack.wordpress.com/jetpack-comment/ Frame 3D48 0
0

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://www.ihash.eu/2019/07/sweed-exposing-years-of-agent-tesla-campaigns/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/ 12 KB
4 KB 23ms
9ms Script
application/javascript 2606:4700::6813:c597
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.ihash.eu
URL: http://www.ihash.eu/2019/07/sweed-exposing-years-of-agent-tesla-campaigns/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c597 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ebb1042972496d60bb6555b9622f7e23201bbfe5d25b33d1096f1b61d659045

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://www.ihash.eu/2019/07/sweed-exposing-years-of-agent-tesla-campaigns/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Fri, 26 Jul 2019 13:09:41 GMT
content-encoding: gzip
last-modified: Wed, 24 Jul 2019 16:41:58 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5d388a56-2fb5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
strict-transport-security: max-age=15780000; includeSubDomains
cf-ray: 4fc69c072c66c2ef-FRA
expires: Sun, 28 Jul 2019 13:09:41 GMT

GET
H/1.1 200
OK ihash_logo3-300x100.png
www.ihash.eu/wp-content/uploads/2014/11/ 7 KB
7 KB 12ms
12ms Image
image/png 2606:4700:30::681c:1a06
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.ihash.eu/wp-content/uploads/2014/11/ihash_logo3-300x100.png
Requested by: Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol: HTTP/1.1
Security: , ,
Server: 2606:4700:30::681c:1a06 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 202ed1c38d81f38fdb5445a2705b0d571b5fe42b67cda100c63103ad0d0d0505

Request headers

Referer: http://www.ihash.eu/2019/07/sweed-exposing-years-of-agent-tesla-campaigns/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Date: Fri, 26 Jul 2019 13:09:41 GMT
CF-Cache-Status: HIT
Last-Modified: Thu, 07 Sep 2017 05:02:40 GMT
Server: cloudflare
Age: 3644232
Vary: Accept, Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=10368000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 4fc69c074c81dfc7-FRA
Content-Length: 6797
Expires: Sat, 23 Nov 2019 13:09:41 GMT

GET
H/1.1 200
OK 1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
fonts.gstatic.com/s/raleway/v14/ 13 KB
13 KB 12ms
7ms Font
font/woff2 2a00:1450:4001:819::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/raleway/v14/1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

HTTP/1.1

Security

, ,

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

7e347b66fb1145f780600551e06778b33ecaca5c45897ac90eb96eb4b6afd082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: http://fonts.googleapis.com/css?family=Roboto%3A300%2C400%7CRaleway%3A400%2C500%2C900&ver=3.2.4
Origin: http://www.ihash.eu

Response headers

Date: Tue, 23 Jul 2019 05:45:47 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 23 Jul 2019 03:48:04 GMT
Server: sffe
Age: 285834
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 13428
X-XSS-Protection: 0
Expires: Wed, 22 Jul 2020 05:45:47 GMT

GET
H/1.1 200
OK close.png
www.ihash.eu/wp-content/plugins/wp-product-review/assets/img/ 280 B
850 B 207ms
207ms Image
image/png 2606:4700:30::681c:1a06
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.ihash.eu/wp-content/plugins/wp-product-review/assets/img/close.png
Requested by: Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol: HTTP/1.1
Security: , ,
Server: 2606:4700:30::681c:1a06 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d62e6c90005bfb71f6abb440f9e4753681cb23bbd5e60477ab6f442d2f0e69c

Request headers

Referer: http://www.ihash.eu/wp-content/cache/wpfc-minified/1xxnsz0/dgz9y.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 Jul 2019 13:09:41 GMT
CF-Cache-Status: MISS
Last-Modified: Sun, 21 Jul 2019 12:03:40 GMT
Server: cloudflare
Accept-Ranges: bytes
Vary: Accept, Accept-Encoding
Content-Type: image/png
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: keep-alive
X-WebP-Convert-Log: Converting (there were no file at destination), None of the converters in the stack could convert the image., Performing fail action: original
CF-RAY: 4fc69c07587a6479-FRA
Content-Length: 280

GET
H/1.1 200
OK loading.gif
www.ihash.eu/wp-content/plugins/wp-product-review/assets/img/ 8 KB
9 KB 24ms
24ms Image
image/gif 2606:4700:30::681c:1a06
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.ihash.eu/wp-content/plugins/wp-product-review/assets/img/loading.gif
Requested by: Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol: HTTP/1.1
Security: , ,
Server: 2606:4700:30::681c:1a06 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 225aa88b6ab02c06222ec9468d62e15fa188e39cdb9431d1f55401ad380753ed

Request headers

Referer: http://www.ihash.eu/wp-content/cache/wpfc-minified/1xxnsz0/dgz9y.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Date: Fri, 26 Jul 2019 13:09:41 GMT
CF-Cache-Status: HIT
Last-Modified: Sun, 21 Jul 2019 12:03:40 GMT
Server: cloudflare
Age: 56103
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: public, max-age=10368000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 4fc69c075cb2dfc7-FRA
Content-Length: 8476
Expires: Sat, 23 Nov 2019 13:09:41 GMT

GET
H/1.1 200
OK prev.png
www.ihash.eu/wp-content/plugins/wp-product-review/assets/img/ 1 KB
2 KB 226ms
226ms Image
image/png 2606:4700:30::681c:1a06
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.ihash.eu/wp-content/plugins/wp-product-review/assets/img/prev.png
Requested by: Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol: HTTP/1.1
Security: , ,
Server: 2606:4700:30::681c:1a06 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7fd9273f20fdb1229c224341271a119020a5eee74ccf6b4605730917c864caf2

Request headers

Referer: http://www.ihash.eu/wp-content/cache/wpfc-minified/1xxnsz0/dgz9y.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 Jul 2019 13:09:41 GMT
CF-Cache-Status: MISS
Last-Modified: Sun, 21 Jul 2019 12:03:40 GMT
Server: cloudflare
Accept-Ranges: bytes
Vary: Accept, Accept-Encoding
Content-Type: image/png
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: keep-alive
X-WebP-Convert-Log: Converting (there were no file at destination), None of the converters in the stack could convert the image., Performing fail action: original
CF-RAY: 4fc69c078d12dfc7-FRA
Content-Length: 1360

GET
H/1.1 200
OK next.png
www.ihash.eu/wp-content/plugins/wp-product-review/assets/img/ 1 KB
2 KB 210ms
210ms Image
image/png 2606:4700:30::681c:1a06
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.ihash.eu/wp-content/plugins/wp-product-review/assets/img/next.png
Requested by: Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol: HTTP/1.1
Security: , ,
Server: 2606:4700:30::681c:1a06 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15b869b02c6fbaa8c6c26445a2dd2d9bad80fd27b1409f8179e5dd89dc89d90a

Request headers

Referer: http://www.ihash.eu/wp-content/cache/wpfc-minified/1xxnsz0/dgz9y.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 Jul 2019 13:09:42 GMT
CF-Cache-Status: MISS
Last-Modified: Sun, 21 Jul 2019 12:03:40 GMT
Server: cloudflare
Accept-Ranges: bytes
Vary: Accept, Accept-Encoding
Content-Type: image/png
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: keep-alive
X-WebP-Convert-Log: Converting (there were no file at destination), None of the converters in the stack could convert the image., Performing fail action: original
CF-RAY: 4fc69c0899bb6479-FRA
Content-Length: 1350

GET
H/1.1 200
OK KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 10ms
5ms Font
font/woff2 2a00:1450:4001:819::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

HTTP/1.1

Security

, ,

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: http://fonts.googleapis.com/css?family=Roboto%3A300%2C400%7CRaleway%3A400%2C500%2C900&ver=3.2.4
Origin: http://www.ihash.eu

Response headers

Date: Wed, 24 Jul 2019 01:28:48 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 24 Jul 2019 01:18:50 GMT
Server: sffe
Age: 214853
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 11016
X-XSS-Protection: 0
Expires: Thu, 23 Jul 2020 01:28:48 GMT

GET
H/1.1 200
OK 1Ptrg8zYS_SKggPNwK4vWqZPANqczVs.woff2
fonts.gstatic.com/s/raleway/v14/ 13 KB
14 KB 11ms
6ms Font
font/woff2 2a00:1450:4001:819::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/raleway/v14/1Ptrg8zYS_SKggPNwK4vWqZPANqczVs.woff2

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

HTTP/1.1

Security

, ,

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

9c695acb1fb9e1a8739e6ae5621d41fc1ff3d13bbf370ea9c1fc95e879109890

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: http://fonts.googleapis.com/css?family=Roboto%3A300%2C400%7CRaleway%3A400%2C500%2C900&ver=3.2.4
Origin: http://www.ihash.eu

Response headers

Date: Tue, 23 Jul 2019 06:39:15 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 23 Jul 2019 03:47:41 GMT
Server: sffe
Age: 282626
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 13564
X-XSS-Protection: 0
Expires: Wed, 22 Jul 2020 06:39:15 GMT

GET
H/1.1 200
OK KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 11ms
6ms Font
font/woff2 2a00:1450:4001:819::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

HTTP/1.1

Security

, ,

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: http://fonts.googleapis.com/css?family=Roboto%3A300%2C400%7CRaleway%3A400%2C500%2C900&ver=3.2.4
Origin: http://www.ihash.eu

Response headers

Date: Wed, 24 Jul 2019 05:22:17 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 24 Jul 2019 01:18:52 GMT
Server: sffe
Age: 200844
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 11180
X-XSS-Protection: 0
Expires: Thu, 23 Jul 2020 05:22:17 GMT

GET
H/1.1 200
OK 1Ptrg8zYS_SKggPNwN4rWqZPANqczVs.woff2
fonts.gstatic.com/s/raleway/v14/ 13 KB
14 KB 10ms
5ms Font
font/woff2 2a00:1450:4001:819::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/raleway/v14/1Ptrg8zYS_SKggPNwN4rWqZPANqczVs.woff2

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

HTTP/1.1

Security

, ,

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

046fa5c62e3b17b46ea2f8c601465dacfd5c153aee7a71754a9be582de74a385

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: http://fonts.googleapis.com/css?family=Roboto%3A300%2C400%7CRaleway%3A400%2C500%2C900&ver=3.2.4
Origin: http://www.ihash.eu

Response headers

Date: Tue, 23 Jul 2019 06:09:43 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 23 Jul 2019 03:47:47 GMT
Server: sffe
Age: 284398
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 13752
X-XSS-Protection: 0
Expires: Wed, 22 Jul 2020 06:09:43 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
198 B 6ms
6ms Image
image/gif 2a00:1450:4001:81d::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j77&a=542403507&t=pageview&_s=1&dl=http%3A%2F%2Fwww.ihash.eu%2F2019%2F07%2Fsweed-exposing-years-of-agent-tesla-campaigns%2F&ul=en-us&de=UTF-8&dt=SWEED%3A%20Exposing%20years%20of%20Agent%20Tesla%20campaigns%20-%20iHash&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YGBAgUABC~&jid=575400492&gjid=591801410&cid=1734951679.1564146582&tid=UA-40491499-1&_gid=513212304.1564146582&z=1579966451

Requested by

Host: www.ihash.eu
URL: http://www.ihash.eu/2019/07/sweed-exposing-years-of-agent-tesla-campaigns/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.ihash.eu/2019/07/sweed-exposing-years-of-agent-tesla-campaigns/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jun 2019 20:48:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 3687693
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
stats.g.doubleclick.net/r/ 35 B
303 B 44ms
15ms Image
image/gif 2a00:1450:400c:c00::9a
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j77&tid=UA-40491499-1&cid=1734951679.1564146582&jid=575400492&gjid=591801410&_gid=513212304.1564146582&_u=YGBAgUABC~&z=349407788

Requested by

Host: www.ihash.eu
URL: http://www.ihash.eu/2019/07/sweed-exposing-years-of-agent-tesla-campaigns/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.ihash.eu/2019/07/sweed-exposing-years-of-agent-tesla-campaigns/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Fri, 26 Jul 2019 13:09:41 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 e-201930.js Show response
stats.wp.com/ 9 KB
3 KB 1049ms
7ms Script
application/x-javascript 192.0.76.3
Automattic

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-201930.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer: http://www.ihash.eu/2019/07/sweed-exposing-years-of-agent-tesla-campaigns/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Fri, 26 Jul 2019 13:09:49 GMT
content-encoding: gzip
server: nginx
etag: W/"5c6340e3-350a"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=31536000
expires: Sat, 04 Apr 2020 17:11:51 GMT

GET
H2 200 sharing.min.js Show response
c0.wp.com/p/jetpack/7.5.3/_inc/build/sharedaddy/ 8 KB
2 KB 9ms
6ms Script
application/javascript 192.0.77.37
Automattic

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/7.5.3/_inc/build/sharedaddy/sharing.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

59842a2e19c5471be1eb2fc9c8509b539add5f30e152fa4ca714189cf9afb904

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: http://www.ihash.eu/2019/07/sweed-exposing-years-of-agent-tesla-campaigns/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

x-nc: HIT fra 2
date: Fri, 26 Jul 2019 13:09:48 GMT
content-encoding: br
last-modified: Wed, 01 May 2019 01:21:49 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Sat, 25 Jul 2020 13:09:48 GMT

GET
H/1.1 200
OK lightbox.min.js Show response
www.ihash.eu/wp-content/plugins/wp-product-review/assets/js/ 8 KB
3 KB 13ms
11ms Script
application/javascript 2606:4700:30::681c:1a06
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://www.ihash.eu/wp-content/plugins/wp-product-review/assets/js/lightbox.min.js?ver=3.7.0
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: , ,
Server: 2606:4700:30::681c:1a06 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2511f75192a08d5299d3fc9a35706c2f2b26909cda6479bba0f8b03a22cab3d7

Request headers

Referer: http://www.ihash.eu/2019/07/sweed-exposing-years-of-agent-tesla-campaigns/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Date: Fri, 26 Jul 2019 13:09:48 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Sun, 21 Jul 2019 12:03:40 GMT
Server: cloudflare
Age: 415151
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=10368000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 4fc69c33cf4f6479-FRA
Content-Length: 2342
Expires: Sat, 23 Nov 2019 13:09:48 GMT

GET
H/1.1 200
OK form.js Show response
www.ihash.eu/wp-content/plugins/akismet/_inc/ 700 B
739 B 14ms
12ms Script
application/javascript 2606:4700:30::681c:1a06
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://www.ihash.eu/wp-content/plugins/akismet/_inc/form.js?ver=4.1.2
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: , ,
Server: 2606:4700:30::681c:1a06 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0515cbd1f8aee97e1c8e0d1d015ca96c86def13e90d2e73bf813072ccc23d531

Request headers

Referer: http://www.ihash.eu/2019/07/sweed-exposing-years-of-agent-tesla-campaigns/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Date: Fri, 26 Jul 2019 13:09:48 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Fri, 17 May 2019 20:21:52 GMT
Server: cloudflare
Age: 4974181
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=10368000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 4fc69c33cb5bdfc7-FRA
Content-Length: 318
Expires: Sat, 23 Nov 2019 13:09:48 GMT

GET
H2 200 wp-embed.min.js Show response
c0.wp.com/c/5.2.2/wp-includes/js/ 1 KB
690 B 10ms
6ms Script
application/javascript 192.0.77.37
Automattic

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.2.2/wp-includes/js/wp-embed.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: http://www.ihash.eu/2019/07/sweed-exposing-years-of-agent-tesla-campaigns/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

x-nc: HIT fra 2
date: Fri, 26 Jul 2019 13:09:48 GMT
content-encoding: br
last-modified: Thu, 30 Aug 2018 12:40:26 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Sat, 25 Jul 2020 13:09:48 GMT

GET
H2 200 lazy-images.min.js Show response
c0.wp.com/p/jetpack/7.5.3/_inc/build/lazy-images/js/ 9 KB
3 KB 10ms
6ms Script
application/javascript 192.0.77.37
Automattic

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/7.5.3/_inc/build/lazy-images/js/lazy-images.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

4c2d889ee46270fb2ae51c5ef8804efb7f03b4d5f2ab24a9fdd7a6400f75ea6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: http://www.ihash.eu/2019/07/sweed-exposing-years-of-agent-tesla-campaigns/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

x-nc: HIT fra 2
date: Fri, 26 Jul 2019 13:09:48 GMT
content-encoding: br
last-modified: Fri, 21 Jun 2019 10:15:39 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Sat, 25 Jul 2020 13:09:48 GMT

GET
H/1.1 200
OK jquery.flexslider.js Show response
www.ihash.eu/wp-content/plugins/genesis-responsive-slider/assets/js/ 27 KB
6 KB 13ms
10ms Script
application/javascript 2606:4700:30::681c:1a06
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://www.ihash.eu/wp-content/plugins/genesis-responsive-slider/assets/js/jquery.flexslider.js?ver=1.0.0
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: , ,
Server: 2606:4700:30::681c:1a06 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee509bb1c57d79983d9b61bc0df4ffba2307f8bcae447efa74c311e2f615dda1

Request headers

Referer: http://www.ihash.eu/2019/07/sweed-exposing-years-of-agent-tesla-campaigns/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Date: Fri, 26 Jul 2019 13:09:48 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Mon, 22 Apr 2019 10:58:18 GMT
Server: cloudflare
Age: 5022104
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 4fc69c33caebd6e5-FRA
Content-Length: 5652
Expires: Sat, 25 Jul 2020 13:09:48 GMT

GET
H/1.1 200
OK responsive-menus.min.js Show response
www.ihash.eu/wp-content/themes/magazine-pro/js/ 4 KB
2 KB 18ms
15ms Script
application/javascript 2606:4700:30::681c:1a06
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://www.ihash.eu/wp-content/themes/magazine-pro/js/responsive-menus.min.js?ver=3.2.4
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: , ,
Server: 2606:4700:30::681c:1a06 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce0e81b6a3315a2bc4da2c35329f773884b8c7a8896070c590af3462951e0a2a

Request headers

Referer: http://www.ihash.eu/2019/07/sweed-exposing-years-of-agent-tesla-campaigns/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Date: Fri, 26 Jul 2019 13:09:48 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Mon, 22 Apr 2019 12:06:48 GMT
Server: cloudflare
Age: 56107
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=10368000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 4fc69c33c9a8d729-FRA
Content-Length: 1420
Expires: Sat, 23 Nov 2019 13:09:48 GMT

GET
H/1.1 200
OK skip-links.min.js Show response
www.ihash.eu/wp-content/themes/genesis/lib/js/ 386 B
670 B 15ms
13ms Script
application/javascript 2606:4700:30::681c:1a06
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://www.ihash.eu/wp-content/themes/genesis/lib/js/skip-links.min.js?ver=3.0.1
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: , ,
Server: 2606:4700:30::681c:1a06 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ade38136058fcd75880d3673855aff859ee377d5915e59cccf24a973d418bebb

Request headers

Referer: http://www.ihash.eu/2019/07/sweed-exposing-years-of-agent-tesla-campaigns/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Date: Fri, 26 Jul 2019 13:09:48 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Wed, 26 Jun 2019 21:26:18 GMT
Server: cloudflare
Age: 56107
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=10368000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 4fc69c33ccc2d711-FRA
Content-Length: 251
Expires: Sat, 23 Nov 2019 13:09:48 GMT

GET
H/1.1 200
OK superfish.args.min.js Show response
www.ihash.eu/wp-content/themes/genesis/lib/js/menu/ 132 B
551 B 26ms
19ms Script
application/javascript 2606:4700:30::681c:1a06
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://www.ihash.eu/wp-content/themes/genesis/lib/js/menu/superfish.args.min.js?ver=3.0.1
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: , ,
Server: 2606:4700:30::681c:1a06 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20550f7bcb2a817ac9a5879e04260da8268e971c0b8031a6b7a2f48a55ee60d5

Request headers

Referer: http://www.ihash.eu/2019/07/sweed-exposing-years-of-agent-tesla-campaigns/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Date: Fri, 26 Jul 2019 13:09:48 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Wed, 26 Jun 2019 21:26:18 GMT
Server: cloudflare
Age: 56107
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=10368000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 4fc69c33ccb8c2b8-FRA
Content-Length: 132
Expires: Sat, 23 Nov 2019 13:09:48 GMT

GET
H/1.1 200
OK superfish.min.js Show response
www.ihash.eu/wp-content/themes/genesis/lib/js/menu/ 4 KB
2 KB 21ms
9ms Script
application/javascript 2606:4700:30::681c:1a06
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://www.ihash.eu/wp-content/themes/genesis/lib/js/menu/superfish.min.js?ver=1.7.10
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: , ,
Server: 2606:4700:30::681c:1a06 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ece565a1f66a32347dfed83562c428ff7736648de72b0027dd8f0e0f27e0c327

Request headers

Referer: http://www.ihash.eu/2019/07/sweed-exposing-years-of-agent-tesla-campaigns/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Date: Fri, 26 Jul 2019 13:09:48 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Fri, 17 May 2019 20:24:42 GMT
Server: cloudflare
Age: 5761624
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 4fc69c33df5e6479-FRA
Content-Length: 1894
Expires: Sat, 25 Jul 2020 13:09:48 GMT

GET
H2 200 hoverIntent.min.js Show response
c0.wp.com/c/5.2.2/wp-includes/js/ 1 KB
486 B 9ms
6ms Script
application/javascript 192.0.77.37
Automattic

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.2.2/wp-includes/js/hoverIntent.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

c0df99d896f6b409b47703361145068963f76a08b8d49d4053a9f6d11628f9ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: http://www.ihash.eu/2019/07/sweed-exposing-years-of-agent-tesla-campaigns/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

x-nc: HIT fra 2
date: Fri, 26 Jul 2019 13:09:48 GMT
content-encoding: br
last-modified: Wed, 11 Mar 2015 17:15:27 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Sat, 25 Jul 2020 13:09:48 GMT

GET
H2 200 comment-reply.min.js Show response
c0.wp.com/c/5.2.2/wp-includes/js/ 2 KB
1023 B 14ms
11ms Script
application/javascript 192.0.77.37
Automattic

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.2.2/wp-includes/js/comment-reply.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

31cb76c05cbf5d71466f93078e8ba0f6e39cd92d0acc86d385b8cf2899963695

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: http://www.ihash.eu/2019/07/sweed-exposing-years-of-agent-tesla-campaigns/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

x-nc: HIT fra 2
date: Fri, 26 Jul 2019 13:09:48 GMT
content-encoding: br
last-modified: Tue, 05 Mar 2019 01:52:51 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Sat, 25 Jul 2020 13:09:48 GMT

GET
H2 200 devicepx-jetpack.js Show response
s0.wp.com/wp-content/js/ 10 KB
3 KB 1063ms
12ms Script
application/x-javascript 192.0.77.32
Automattic

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/wp-content/js/devicepx-jetpack.js?ver=201930
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: f32d41f2099a0be20e6b57c5e0d1b71c079d3e1345827b0f5c5b97c6e5e3f78d

Request headers

Referer: http://www.ihash.eu/2019/07/sweed-exposing-years-of-agent-tesla-campaigns/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Fri, 26 Jul 2019 13:09:49 GMT
content-encoding: gzip
server: nginx
etag: W/"5841a56f-52b6"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=31536000
x-ac: 2.ams _dfw
expires: Mon, 20 Jul 2020 03:50:04 GMT

GET
H2 200 photon.min.js Show response
c0.wp.com/p/jetpack/7.5.3/_inc/build/photon/ 782 B
414 B 14ms
11ms Script
application/javascript 192.0.77.37
Automattic

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/7.5.3/_inc/build/photon/photon.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

50deeb5590f52d9e52c82f0aa04d34371b4a89770452e41e68503a9fcd551eba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: http://www.ihash.eu/2019/07/sweed-exposing-years-of-agent-tesla-campaigns/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

x-nc: HIT fra 2
date: Fri, 26 Jul 2019 13:09:48 GMT
content-encoding: br
last-modified: Wed, 01 May 2019 01:21:49 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Sat, 25 Jul 2020 13:09:48 GMT

GET dealOfTheDay.js
stacksocial-production-stacksocial.netdna-ssl.com/assets/ 0
0

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 92 KB
34 KB 28ms
21ms Script
text/javascript 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/rocket-loader.min.js

Protocol

HTTP/1.1

Security

, ,

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

beecf12bd0cf0a7732e4b94cbd5b0b9d3ed6c6a08347470b7ffda5545de2d8c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.ihash.eu/2019/07/sweed-exposing-years-of-agent-tesla-campaigns/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Date: Fri, 26 Jul 2019 13:09:48 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript; charset=UTF-8
Server: cafe
ETag: 6448310626073321194
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 34439
X-XSS-Protection: 0
Expires: Fri, 26 Jul 2019 13:09:48 GMT

GET
H/1.1 200
OK dgzb4.js Show response
www.ihash.eu/wp-content/cache/wpfc-minified/kc7r3q93/ 92 KB
21 KB 25ms
12ms Script
application/javascript 2606:4700:30::681c:1a06
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://www.ihash.eu/wp-content/cache/wpfc-minified/kc7r3q93/dgzb4.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: , ,
Server: 2606:4700:30::681c:1a06 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c66c335656c1a16a682c03135692127221be54bbfdd505e3dfca441c01fd3b05

Request headers

Referer: http://www.ihash.eu/2019/07/sweed-exposing-years-of-agent-tesla-campaigns/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Date: Fri, 26 Jul 2019 13:09:48 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Sun, 21 Jul 2019 14:20:34 GMT
Server: cloudflare
Age: 56107
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=10368000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 4fc69c33db98dfc7-FRA
Content-Length: 21246
Expires: Sat, 23 Nov 2019 13:09:48 GMT

GET
H/1.1 200
OK dgz9y.js Show response
www.ihash.eu/wp-content/cache/wpfc-minified/e4og8e07/ 8 KB
3 KB 21ms
9ms Script
application/javascript 2606:4700:30::681c:1a06
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://www.ihash.eu/wp-content/cache/wpfc-minified/e4og8e07/dgz9y.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: , ,
Server: 2606:4700:30::681c:1a06 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef0406816d379d758a3456acb9b4fd27d928bbbd31ba5ad239178df841fca227

Request headers

Referer: http://www.ihash.eu/2019/07/sweed-exposing-years-of-agent-tesla-campaigns/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Date: Fri, 26 Jul 2019 13:09:48 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Sun, 21 Jul 2019 14:20:12 GMT
Server: cloudflare
Age: 56107
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=10368000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 4fc69c33db2bd6e5-FRA
Content-Length: 2681
Expires: Sat, 23 Nov 2019 13:09:48 GMT

GET
H2 200 related-posts.min.js Show response
c0.wp.com/p/jetpack/7.5.3/_inc/build/related-posts/ 5 KB
2 KB 13ms
11ms Script
application/javascript 192.0.77.37
Automattic

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/7.5.3/_inc/build/related-posts/related-posts.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

4537c1e997550fb96592550335bdf1ce1129792e8d26c3797198443396761c31

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: http://www.ihash.eu/2019/07/sweed-exposing-years-of-agent-tesla-campaigns/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

x-nc: HIT fra 2
date: Fri, 26 Jul 2019 13:09:48 GMT
content-encoding: br
last-modified: Wed, 01 May 2019 01:21:49 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Sat, 25 Jul 2020 13:09:48 GMT

GET
H2 200 jquery-migrate.min.js Show response
c0.wp.com/c/5.2.2/wp-includes/js/jquery/ 10 KB
4 KB 13ms
11ms Script
application/javascript 192.0.77.37
Automattic

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.2.2/wp-includes/js/jquery/jquery-migrate.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: http://www.ihash.eu/2019/07/sweed-exposing-years-of-agent-tesla-campaigns/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

x-nc: HIT fra 2
date: Fri, 26 Jul 2019 13:09:48 GMT
content-encoding: br
last-modified: Fri, 20 May 2016 06:11:28 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Sat, 25 Jul 2020 13:09:48 GMT

GET
H2 200 jquery.js Show response
c0.wp.com/c/5.2.2/wp-includes/js/jquery/ 95 KB
32 KB 13ms
11ms Script
application/javascript 192.0.77.37
Automattic

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.2.2/wp-includes/js/jquery/jquery.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: http://www.ihash.eu/2019/07/sweed-exposing-years-of-agent-tesla-campaigns/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

x-nc: HIT fra 2
date: Fri, 26 Jul 2019 13:09:48 GMT
content-encoding: br
last-modified: Fri, 17 May 2019 17:08:53 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Sat, 25 Jul 2020 13:09:48 GMT

GET
DATA 200
OK truncated
/ 18 KB
18 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 895964971ebdb56ee76d08850bcb4c5a88ec4c65e6a235882304e8ff6767cd7c

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Origin: http://www.ihash.eu

Response headers

Content-Type: application/font-woff;charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: i1.wp.com
URL: https://i1.wp.com/www.ihash.eu/wp-content/uploads/2019/07/ThunderDrive-Cloud-Storage-Lifetime-Subscription-for-59.jpg?resize=630%2C420

Domain: i0.wp.com
URL: https://i0.wp.com/www.ihash.eu/wp-content/uploads/2019/07/Google-Analytics-Certification-Get-Certified-In-2-Days-for-13.jpg?resize=630%2C420

Domain: i0.wp.com
URL: https://i0.wp.com/www.ihash.eu/wp-content/uploads/2019/07/KeepSolid-VPN-Unlimited-Lifetime-Subscription-for-39.jpg?resize=630%2C420

Domain: i0.wp.com
URL: https://i0.wp.com/www.ihash.eu/wp-content/uploads/2019/07/The-Complete-SEO-amp-Digital-Mega-Marketing-Bundle-for-49.jpg?resize=630%2C420

Domain: i0.wp.com
URL: https://i0.wp.com/www.ihash.eu/wp-content/uploads/2019/07/The-Complete-Entrepreneurship-Mastery-Bundle-for-29.jpg?resize=630%2C420

Domain: i1.wp.com
URL: https://i1.wp.com/www.ihash.eu/wp-content/uploads/2017/08/mac-video.jpg?fit=50%2C28

Domain: i1.wp.com
URL: https://i1.wp.com/www.ihash.eu/wp-content/uploads/2015/11/optimus-head-logo1.jpg?fit=44%2C50

Domain: i1.wp.com
URL: https://i1.wp.com/www.ihash.eu/wp-content/uploads/2015/02/pst-mbox-mac-box.png?fit=37%2C50

Domain: jetpack.wordpress.com
URL: http://jetpack.wordpress.com/jetpack-comment/?blogid=51197186&postid=45607&comment_registration=0&require_name_email=1&stc_enabled=1&stb_enabled=1&show_avatars=0&avatar_default=blank&greeting=Leave+a+Reply&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en_US&jetpack_version=7.5.3&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=882986d682df8efc7c1f877096aff5aeb745694f

Domain: stacksocial-production-stacksocial.netdna-ssl.com
URL: https://stacksocial-production-stacksocial.netdna-ssl.com/assets/dealOfTheDay.js

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.cloudflare.com
c0.wp.com
fonts.googleapis.com
fonts.gstatic.com
i0.wp.com
i1.wp.com
jetpack.wordpress.com
pagead2.googlesyndication.com
s0.wp.com
stacksocial-production-stacksocial.netdna-ssl.com
stats.g.doubleclick.net
stats.wp.com
www.google-analytics.com
www.ihash.eu
i0.wp.com
i1.wp.com
jetpack.wordpress.com
stacksocial-production-stacksocial.netdna-ssl.com
192.0.76.3
192.0.77.32
192.0.77.37
2606:4700:30::681c:1a06
2606:4700::6813:c597
2a00:1450:4001:814::2002
2a00:1450:4001:819::2003
2a00:1450:4001:81d::200e
2a00:1450:4001:820::200a
2a00:1450:400c:c00::9a
03fdf74fe6b7e30ade525326a5eae897ff4a1e961e6e6aa0bbd94159849981ae
046fa5c62e3b17b46ea2f8c601465dacfd5c153aee7a71754a9be582de74a385
0515cbd1f8aee97e1c8e0d1d015ca96c86def13e90d2e73bf813072ccc23d531
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
15b869b02c6fbaa8c6c26445a2dd2d9bad80fd27b1409f8179e5dd89dc89d90a
18aa66c192cbef43a61b1398c292ae5c6c1d40d679428ee998b1c6bfaf61d75a
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1fcaac1ff21b29886b1757efe24bacd73797a7c7c3bfd252d3a879b8e55b42e8
202ed1c38d81f38fdb5445a2705b0d571b5fe42b67cda100c63103ad0d0d0505
20550f7bcb2a817ac9a5879e04260da8268e971c0b8031a6b7a2f48a55ee60d5
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7
225aa88b6ab02c06222ec9468d62e15fa188e39cdb9431d1f55401ad380753ed
2511f75192a08d5299d3fc9a35706c2f2b26909cda6479bba0f8b03a22cab3d7
2e1ced1bd0736a56a0c44fd7b3bf8134850398ecddd52a0f5e6e437c5d527999
31cb76c05cbf5d71466f93078e8ba0f6e39cd92d0acc86d385b8cf2899963695
4537c1e997550fb96592550335bdf1ce1129792e8d26c3797198443396761c31
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4b8fe5c3d0e5ef7a6582185cbf5c535b5d369c8df1da98c03ed69833e55f474d
4c2d889ee46270fb2ae51c5ef8804efb7f03b4d5f2ab24a9fdd7a6400f75ea6c
50deeb5590f52d9e52c82f0aa04d34371b4a89770452e41e68503a9fcd551eba
59842a2e19c5471be1eb2fc9c8509b539add5f30e152fa4ca714189cf9afb904
59eeaa71deba88027ee9b327c67f38051b720e0d5d6354b1f7c87f1e36a9d18a
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5d62e6c90005bfb71f6abb440f9e4753681cb23bbd5e60477ab6f442d2f0e69c
697b839fbb1bddf8f8c7eeeb47e1f6ad5d431a4a285a66d9b37f37779967fb52
6a56e24c98341fbdc7587c6f8142d813dc535c0d75e1d8b5e50ebd6ff30a0d16
7b661b91f9a48767038b0546c9c7dd5088173081654d98cbf7a6789874777f8e
7e347b66fb1145f780600551e06778b33ecaca5c45897ac90eb96eb4b6afd082
7ebb1042972496d60bb6555b9622f7e23201bbfe5d25b33d1096f1b61d659045
7fd9273f20fdb1229c224341271a119020a5eee74ccf6b4605730917c864caf2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
895964971ebdb56ee76d08850bcb4c5a88ec4c65e6a235882304e8ff6767cd7c
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
9c695acb1fb9e1a8739e6ae5621d41fc1ff3d13bbf370ea9c1fc95e879109890
a4883cce814b6793c5bd6dd3639d6048ecab39a93a90b560d39a9fd0aff6e263
ade38136058fcd75880d3673855aff859ee377d5915e59cccf24a973d418bebb
beecf12bd0cf0a7732e4b94cbd5b0b9d3ed6c6a08347470b7ffda5545de2d8c9
c0df99d896f6b409b47703361145068963f76a08b8d49d4053a9f6d11628f9ef
c66c335656c1a16a682c03135692127221be54bbfdd505e3dfca441c01fd3b05
ca98f67f4ee42fbc2ddb637f9dbabcc48ac6885bc72f79beccb6ab3285931ff1
ce0e81b6a3315a2bc4da2c35329f773884b8c7a8896070c590af3462951e0a2a
df84fcb454ce8df1aa0a504f76d75f1eb48db2ba84718313b135bb5747057a8e
ece565a1f66a32347dfed83562c428ff7736648de72b0027dd8f0e0f27e0c327
ee509bb1c57d79983d9b61bc0df4ffba2307f8bcae447efa74c311e2f615dda1
ef0406816d379d758a3456acb9b4fd27d928bbbd31ba5ad239178df841fca227
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f32d41f2099a0be20e6b57c5e0d1b71c079d3e1345827b0f5c5b97c6e5e3f78d

www.ihash.eu Open in urlscan Pro 2606:4700:30::681c:1a06 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

56 Requests

34 %HTTPS

70 %IPv6

10 Domains

14 Subdomains

11 IPs

3 Countries

389 kBTransfer

1022 kBSize

0 Cookies

8 Outgoing links

Redirected requests

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.ihash.eu Open in urlscan Pro
2606:4700:30::681c:1a06 Public Scan

Screenshot
Live screenshot

Full Image

56
Requests

34 %
HTTPS

70 %
IPv6

10
Domains

14
Subdomains

11
IPs

3
Countries

389 kB
Transfer

1022 kB
Size

0
Cookies

56 HTTP transactions
2 data transactions