URL: https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
Submission: On February 11 via manual

Summary

This website contacted 13 IPs in 2 countries across 9 domains to perform 58 HTTP transactions.
The main IP is 192.0.78.24, located in San Francisco, United States and belongs to AUTOMATTIC - Automattic, Inc, US. The main domain is threatreconblog.com.
The TLS certificate was issued by Let's Encrypt Authority X3 on January 27th 2019 with a validity of 3 months.
This is the first time this domain was scanned on urlscan.io!

Domain & IP information

IP Address AS Autonomous System
2 192.0.78.24 2635 (AUTOMATTIC)
1 192.0.78.18 2635 (AUTOMATTIC)
16 192.0.77.32 2635 (AUTOMATTIC)
1 2a00:1450:400... 15169 (GOOGLE)
6 192.0.72.22 2635 (AUTOMATTIC)
4 2a04:fa87:fff... 2635 (AUTOMATTIC)
5 192.0.76.3 2635 (AUTOMATTIC)
6 2a00:1450:400... 15169 (GOOGLE)
8 2606:2800:234... 15133 (EDGECAST)
1 2a03:2880:f01... 32934 (FACEBOOK)
6 151.101.120.159 54113 (FASTLY)
1 3 199.16.157.105 13414 (TWITTER)
58 13
Domain
Subdomains
Transfer
21 wp.com
219 KB
11 twitter.com
116 KB
7 wordpress.com
357 KB
6 twimg.com
23 KB
6 gstatic.com
93 KB
4 gravatar.com
11 KB
2 threatreconblog.com
19 KB
1 facebook.com
593 B
1 fonts.googleapis.com
886 B
58 9
Domain Requested by
8 platform.twitter.com s2.wp.com
platform.twitter.com
7 s2.wp.com threatreconblog.com
6 fonts.gstatic.com threatreconblog.com
6 ctiwagon.files.wordpress.com threatreconblog.com
5 pbs.twimg.com threatreconblog.com
4 pixel.wp.com threatreconblog.com
4 s0.wp.com threatreconblog.com
3 syndication.twitter.com 1 redirects threatreconblog.com
3 0.gravatar.com threatreconblog.com
s1.wp.com
3 s1.wp.com threatreconblog.com
2 widgets.wp.com threatreconblog.com
s1.wp.com
2 threatreconblog.com threatreconblog.com
1 cdn.syndication.twimg.com platform.twitter.com
1 graph.facebook.com s1.wp.com
1 stats.wp.com threatreconblog.com
1 1.gravatar.com threatreconblog.com
1 fonts.googleapis.com threatreconblog.com
1 r-login.wordpress.com threatreconblog.com
58 18
Subject / Issuer Validity Valid
tls.automattic.com
Let's Encrypt Authority X3
2019-01-27 -
2019-04-27
3 months
*.wordpress.com
COMODO RSA Domain Validation Secure Server CA
2018-09-06 -
2020-09-05
2 years
*.wp.com
Go Daddy Secure Certificate Authority - G2
2018-04-10 -
2020-05-11
2 years
*.googleapis.com
Google Internet Authority G3
2019-01-23 -
2019-04-17
3 months
*.files.wordpress.com
Sectigo RSA Domain Validation Secure Server CA
2019-01-15 -
2021-01-14
2 years
*.gravatar.com
COMODO RSA Domain Validation Secure Server CA
2018-09-06 -
2020-09-05
2 years
*.google.com
Google Internet Authority G3
2019-01-23 -
2019-04-17
3 months
*.twimg.com
DigiCert SHA2 High Assurance Server CA
2018-11-19 -
2019-11-27
a year
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2019-01-21 -
2019-04-21
3 months
cdn.syndication.twimg.com
DigiCert SHA2 High Assurance Server CA
2018-08-16 -
2019-08-21
a year
syndication.twitter.com
DigiCert SHA2 High Assurance Server CA
2016-06-29 -
2019-09-16
3 years

Screenshot


Detected technologies

Web
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
  • html /<link[^>]+s\d+\.wp\.com/i
  • script /\/wp-includes\//i
  • meta generator /WordPress( [\d.]+)?/i

Web
Overall confidence: 100%
Detected patterns
  • env /^twemoji$/i

Web
Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i

Web
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
  • html /<link[^>]+s\d+\.wp\.com/i
  • script /\/wp-includes\//i
  • meta generator /WordPress( [\d.]+)?/i

Web
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Web
Overall confidence: 100%
Detected patterns
  • env /^Gravatar$/i

Web
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Web
Overall confidence: 100%
Detected patterns
  • script /\/\/platform\.twitter\.com\/widgets\.js/i


Stats

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

58 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
/2017/02/05/kings-and-secrets-not-a-good-combo
64 KB
18 KB
Document
General
Full URL
https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.24 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
d6db870467c146406663e1dacca4a1af3bbbc6326ee081cdf204049ab90e6f0e
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

:method
GET
:authority
threatreconblog.com
:scheme
https
:path
/2017/02/05/kings-and-secrets-not-a-good-combo/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
nginx
date
Mon, 11 Feb 2019 16:57:09 GMT
content-type
text/html; charset=UTF-8
strict-transport-security
max-age=86400
vary
Accept-Encoding Cookie
x-hacker
If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
x-pingback
https://threatreconblog.com/xmlrpc.php
link
<https://wp.me/p7pvRG-lF>; rel=shortlink
content-encoding
gzip
x-ac
3.fra _dfw
remote-login.php?action=js&host=threatreconblog.com&id=109515044&t=1549904229&back=https%3A%2F%2Fthreatreconblog.com%2F2017%2F02%2F05%2Fkings-and-secrets-not-a-good-combo%2F
r-login.wordpress.com
0
66 B
Script
General
Full URL
https://r-login.wordpress.com/remote-login.php?action=js&host=threatreconblog.com&id=109515044&t=1549904229&back=https%3A%2F%2Fthreatreconblog.com%2F2017%2F02%2F05%2Fkings-and-secrets-not-a-good-combo%2F
Requested by
Host: threatreconblog.com
URL: https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.18 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Mon, 11 Feb 2019 16:57:09 GMT
server
nginx
content-length
0
vary
Cookie
content-type
text/javascript
E4vFy+AMgfqQM=?cssminify=yes
s2.wp.com/_static/??-eJx9kN1uwyAMhV9o1NrURbmZ9ixAvNYtBoTNqrz9nKSrtB/lBtmH82Ef4FZdLFkxK3B3NfUTZYFbjYWdMCWcf3WHKPIE/2OJrihwQa0+Xt3aPeyUY+qTXZsAE4lCSGV1hebbDKJzwgNT3hsQS0PTuXpdHIwTeUzIZtvDuA7f1FKebbvd...
109 KB
37 KB
Stylesheet
General
Full URL
https://s2.wp.com/_static/??-eJx9kN1uwyAMhV9o1NrURbmZ9ixAvNYtBoTNqrz9nKSrtB/lBtmH82Ef4FZdLFkxK3B3NfUTZYFbjYWdMCWcf3WHKPIE/2OJrihwQa0+Xt3aPeyUY+qTXZsAE4lCSGV1hebbDKJzwgNT3hsQS0PTuXpdHIwTeUzIZtvDuA7f1FKebbvdHFvgEGpDEWcnU2enZxu0yxm1rLIlX4P+UDaUIBclo+VR/HlzGwW1B0jlE2PzH3r/IbO+89vz63EYx/E4vFy+AMgfqQM=?cssminify=yes
Requested by
Host: threatreconblog.com
URL: https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
5c78deff7f5ebace5c1073b71aaf2e28fe2346f4c7ea5b3fd430ecd6551ad585

Request headers

Referer
https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc
HIT ams 32
date
Mon, 11 Feb 2019 16:57:09 GMT
content-encoding
gzip
last-modified
Mon, 07 Jan 2019 19:14:29 GMT
server
nginx
etag
W/"5c33a515-1b32b"
vary
Accept-Encoding
content-type
text/css;charset=utf-8
status
200
cache-control
max-age=31536000
x-ac
4.5am _dfw
expires
Tue, 04 Feb 2020 05:59:15 GMT
css?family=Playfair+Display%3A400%2C700%2C400italic%7CLato%3A400%2C400italic%2C700%2C700italic%2C900%2C900italic&subset=latin%2Clatin-ext&ver=5.1-beta2-44730
fonts.googleapis.com
9 KB
886 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Playfair+Display%3A400%2C700%2C400italic%7CLato%3A400%2C400italic%2C700%2C700italic%2C900%2C900italic&subset=latin%2Clatin-ext&ver=5.1-beta2-44730
Requested by
Host: threatreconblog.com
URL: https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:808::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
e2aafc9f49e06e222ba5acd0a91077b0ccaa9599e6c3e6bc307335ebde59b789
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 11 Feb 2019 16:57:09 GMT
server
ESF
access-control-allow-origin
*
date
Mon, 11 Feb 2019 16:57:09 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
1; mode=block
expires
Mon, 11 Feb 2019 16:57:09 GMT
HpbkSOJYMFiS8gVu4JDaktrowhLnGGFedfiWzvnkd8f95uD91t9f6fdwHw==?cssminify=yes
s2.wp.com/_static/??-eJx9jcEKAjEMRH/IGqqCehC/pcZsraRNabIu/r0rXiri3uYx8xiYqkMpRsUgj67yGFNRiFSopbn4E9eouoLOtRtlUqjjBVgehC0MBqkgqD2Z3FRR8o/UHU7pGskUVDAFdp+
31 KB
17 KB
Stylesheet
General
Full URL
https://s2.wp.com/_static/??-eJx9jcEKAjEMRH/IGqqCehC/pcZsraRNabIu/r0rXiri3uYx8xiYqkMpRsUgj67yGFNRiFSopbn4E9eouoLOtRtlUqjjBVgehC0MBqkgqD2Z3FRR8o/UHU7pGskUVDAFdp+/HpbkSOJYMFiS8gVu4JDaktrowhLnGGFedfiWzvnkd8f95uD91t9f6fdwHw==?cssminify=yes
Requested by
Host: threatreconblog.com
URL: https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
39082fac325df025d42b8ef04a4af8ba810e7a2e621298f7bac99f49cbd82569

Request headers

Referer
https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc
HIT ams 32
date
Mon, 11 Feb 2019 16:57:09 GMT
content-encoding
gzip
last-modified
Mon, 12 Jun 2017 15:25:41 GMT
server
nginx
etag
W/"593eb275-7a67"
vary
Accept-Encoding
content-type
text/css;charset=utf-8
status
200
cache-control
max-age=31536000
x-ac
4.5am _dfw
expires
Tue, 04 Feb 2020 06:04:54 GMT
6rTDMhB9aqn+cr8lZ6MWgLVNYV+Slc+jmmQzrFtMTj7QHFQEmu?cssminify=yes
s0.wp.com/_static/??-eJx9i0EKQjEMBS9kDdVfXIlnyS+1jaRJafLx+uJCRBRXbx7MwH2ErOJFHPoWBm+VxACzk8qK8037bLaD3/pQ83BlpAnWcJLU1
54 KB
25 KB
Stylesheet
General
Full URL
https://s0.wp.com/_static/??-eJx9i0EKQjEMBS9kDdVfXIlnyS+1jaRJafLx+uJCRBRXbx7MwH2ErOJFHPoWBm+VxACzk8qK8037bLaD3/pQ83BlpAnWcJLU1/6rTDMhB9aqn+cr8lZ6MWgLVNYV+Slc+jmmQzrFtMTj7QHFQEmu?cssminify=yes
Requested by
Host: threatreconblog.com
URL: https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
db4d5fd4cb9d0adf12e70f3cd0155fd917561844aaed0ff596c18712c989757d

Request headers

Referer
https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc
HIT ams 32
date
Mon, 11 Feb 2019 16:57:09 GMT
content-encoding
gzip
last-modified
Mon, 07 May 2018 17:50:26 GMT
server
nginx
etag
W/"5af091e2-d8d3"
vary
Accept-Encoding
content-type
text/css;charset=utf-8
status
200
cache-control
max-age=31536000
x-ac
4.5am _dfw
expires
Tue, 04 Feb 2020 04:32:49 GMT
VvS
s1.wp.com/_static/??-eJyFztEKwjAMBdAfsquTiXsRv6XWOFKXtDbphn69HeiDMBQC9+EeuLFzMsh+LBcQG+rdC+THO5ogG/sLGMIhO4WGkD/YR1ZgXWyKogQiboCVluIZRzBFIFfAWmeuccV9v4Q8Icx/WQBNzt9MBsHnsn6iY9v1h13f7rtteAE4
155 KB
49 KB
Script
General
Full URL
https://s1.wp.com/_static/??-eJyFztEKwjAMBdAfsquTiXsRv6XWOFKXtDbphn69HeiDMBQC9+EeuLFzMsh+LBcQG+rdC+THO5ogG/sLGMIhO4WGkD/YR1ZgXWyKogQiboCVluIZRzBFIFfAWmeuccV9v4Q8Icx/WQBNzt9MBsHnsn6iY9v1h13f7rtteAE4/VvS
Requested by
Host: threatreconblog.com
URL: https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
ed51b6e097b80ac9a3f0164d935ac40581c1d54d6f94abb0c319471b3a05bd2b

Request headers

Referer
https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc
HIT ams 32
date
Mon, 11 Feb 2019 16:57:09 GMT
content-encoding
gzip
last-modified
Thu, 16 Feb 2017 21:47:59 GMT
server
nginx
etag
W/"58a61e0f-26d19"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=31536000
x-ac
4.5am _dfw
expires
Tue, 04 Feb 2020 04:32:49 GMT
style.css?m=1530132353h&cssminify=yes
s0.wp.com/wp-content/mu-plugins/highlander-comments
19 KB
3 KB
Stylesheet
General
Full URL
https://s0.wp.com/wp-content/mu-plugins/highlander-comments/style.css?m=1530132353h&cssminify=yes
Requested by
Host: threatreconblog.com
URL: https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
89d01b152beefa0885d7821cea6cc319054d5e272549b004479a6ac81ecafee3

Request headers

Referer
https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc
HIT ams 32
date
Mon, 11 Feb 2019 16:57:09 GMT
content-encoding
gzip
server
nginx
etag
W/"5b33f7b7-5e1f"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=31536000
x-ac
4.5am _dfw
expires
Tue, 04 Feb 2020 04:32:40 GMT
cropped-binary-1332816_1280.jpg
ctiwagon.files.wordpress.com/2016/10
110 KB
111 KB
Image
General
Full URL
https://ctiwagon.files.wordpress.com/2016/10/cropped-binary-1332816_1280.jpg
Requested by
Host: threatreconblog.com
URL: https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
1cc8b847a98eeed52a6ff290262820de6a3c58e95a3b81e61871613b3e12ede0

Request headers

Referer
https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc
HIT ams 22 np
date
Mon, 11 Feb 2019 16:57:09 GMT
last-modified
Thu, 06 Oct 2016 21:27:11 GMT
server
nginx
x-orig-src
01_mogdir
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
112971
expires
Mon, 11 Mar 2019 16:52:57 GMT
screen-shot-2017-02-04-at-8-35-41-am.png?w=640
ctiwagon.files.wordpress.com/2017/02
88 KB
88 KB
Image
General
Full URL
https://ctiwagon.files.wordpress.com/2017/02/screen-shot-2017-02-04-at-8-35-41-am.png?w=640
Requested by
Host: threatreconblog.com
URL: https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
1dc7db9b1a1c4fdd9c5d480dbaf73a6fdb4514224863fcc38b11d0ede27a79b4

Request headers

Referer
https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc
MISS ams 22 np
date
Mon, 11 Feb 2019 16:57:10 GMT
last-modified
Sat, 04 Feb 2017 16:36:27 GMT
server
nginx
vary
Accept
content-type
image/png
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
90319
expires
Sun, 17 Mar 2019 15:39:39 GMT
screen-shot-2017-02-04-at-8-36-58-am.png?w=320&h=206
ctiwagon.files.wordpress.com/2017/02
16 KB
16 KB
Image
General
Full URL
https://ctiwagon.files.wordpress.com/2017/02/screen-shot-2017-02-04-at-8-36-58-am.png?w=320&h=206
Requested by
Host: threatreconblog.com
URL: https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
8519c2fde48d440aa69d1b85f9fd4929ecd59f314fa5da7f387315ccb5529cc0

Request headers

Referer
https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc
MISS ams 22 np
date
Mon, 11 Feb 2019 16:57:10 GMT
last-modified
Sat, 04 Feb 2017 16:38:52 GMT
server
nginx
vary
Accept
content-type
image/png
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
16738
expires
Mon, 04 Mar 2019 23:38:47 GMT
screen-shot-2017-02-04-at-2-05-13-pm.png?w=640
ctiwagon.files.wordpress.com/2017/02
83 KB
83 KB
Image
General
Full URL
https://ctiwagon.files.wordpress.com/2017/02/screen-shot-2017-02-04-at-2-05-13-pm.png?w=640
Requested by
Host: threatreconblog.com
URL: https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
363f88feefad565ff1c832b6ac0416a4451b61eb23c9498a4405fc6967af6e51

Request headers

Referer
https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc
MISS ams 22 np
date
Mon, 11 Feb 2019 16:57:10 GMT
last-modified
Sat, 04 Feb 2017 22:06:05 GMT
server
nginx
vary
Accept
content-type
image/png
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
84622
expires
Mon, 04 Mar 2019 09:16:21 GMT
screen-shot-2017-02-08-at-9-15-52-am.png?w=636&h=195
ctiwagon.files.wordpress.com/2017/02
25 KB
25 KB
Image
General
Full URL
https://ctiwagon.files.wordpress.com/2017/02/screen-shot-2017-02-08-at-9-15-52-am.png?w=636&h=195
Requested by
Host: threatreconblog.com
URL: https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
ee774a15898e4380bbad747c216705b2783acf431ee0dfdfa7e8c684bcbc6026

Request headers

Referer
https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc
MISS ams 22 np
date
Mon, 11 Feb 2019 16:57:10 GMT
last-modified
Wed, 08 Feb 2017 22:48:51 GMT
server
nginx
vary
Accept
content-type
image/png
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
25153
expires
Wed, 13 Mar 2019 16:41:51 GMT
screen-shot-2017-02-08-at-9-41-07-am.png
ctiwagon.files.wordpress.com/2017/02
34 KB
34 KB
Image
General
Full URL
https://ctiwagon.files.wordpress.com/2017/02/screen-shot-2017-02-08-at-9-41-07-am.png
Requested by
Host: threatreconblog.com
URL: https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
da0fd1d3de6c9d577f2f6d2706653e75614277a9bb837a6692e8715aa2bb728d

Request headers

Referer
https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc
MISS ams 22 np
date
Mon, 11 Feb 2019 16:57:10 GMT
last-modified
Wed, 08 Feb 2017 22:48:52 GMT
server
nginx
x-orig-src
01_mogdir
content-type
image/png
status
200
accept-ranges
bytes
content-length
34461
expires
Tue, 19 Mar 2019 14:47:46 GMT
ad516503a11cd5ca435acc9bb6523536?s=25&d=identicon&forcedefault=y&r=G
1.gravatar.com/avatar
2 KB
2 KB
Image
General
Full URL
https://1.gravatar.com/avatar/ad516503a11cd5ca435acc9bb6523536?s=25&d=identicon&forcedefault=y&r=G
Requested by
Host: threatreconblog.com
URL: https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
cb3e87ff58a5e66937ffb6013c8265ed549658a4ff59c1f8d8ae193f488390a5

Request headers

Referer
https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc
HIT vie 3
date
Mon, 11 Feb 2019 16:57:10 GMT
last-modified
Sat, 01 Mar 2008 02:44:06 GMT
server
nginx
access-control-allow-origin
*
source-age
9558342
content-type
image/png
status
200
cache-control
max-age=300
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/ad516503a11cd5ca435acc9bb6523536?s=25&d=identicon&forcedefault=y&r=G>; rel="canonical"
content-length
1792
expires
Mon, 11 Feb 2019 17:02:10 GMT
red-small.png
/i/rss
654 B
796 B
Image
General
Full URL
https://threatreconblog.com/i/rss/red-small.png
Requested by
Host: threatreconblog.com
URL: https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.24 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
5f8e21998371f848f3f62f7a549314cb6ed3097dc28e55b8d24d6df2a68c50e2
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

:path
/i/rss/red-small.png
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
threatreconblog.com
referer
https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
:scheme
https
:method
GET
Referer
https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 11 Feb 2019 16:57:10 GMT
x-ac
3.fra _dfw
last-modified
Sat, 31 Dec 2016 05:32:45 GMT
server
nginx
etag
"586742fd-28e"
strict-transport-security
max-age=86400
content-type
image/png
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-length
654
expires
Tue, 11 Feb 2020 16:57:10 GMT
gprofiles.js?ver=201907y
0.gravatar.com/js
20 KB
7 KB
Script
General
Full URL
https://0.gravatar.com/js/gprofiles.js?ver=201907y
Requested by
Host: threatreconblog.com
URL: https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
9c42615b9f87888a452f177c5ea19899fb8a835b8f6d0b458824e6c332a0adce

Request headers

Referer
https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 11 Feb 2019 16:57:09 GMT
content-encoding
gzip
last-modified
Thu, 23 Aug 2018 15:01:14 GMT
server
nginx
etag
W/"5b7ecc3a-50bc"
content-type
application/x-javascript
status
200
cache-control
max-age=604800
expires
Mon, 18 Feb 2019 16:57:09 GMT
wpgroho.js?m=1380573781h
s1.wp.com/wp-content/mu-plugins/gravatar-hovercards
582 B
388 B
Script
General
Full URL
https://s1.wp.com/wp-content/mu-plugins/gravatar-hovercards/wpgroho.js?m=1380573781h
Requested by
Host: threatreconblog.com
URL: https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
21c557180f1bd074974eb41ae4228b6aa9c41234ab1729d780bc8f05761110bb

Request headers

Referer
https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc
HIT ams 32
date
Mon, 11 Feb 2019 16:57:10 GMT
content-encoding
gzip
server
nginx
etag
W/"57391252-2f0"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=31536000
x-ac
4.5am _dfw
expires
Tue, 04 Feb 2020 04:32:40 GMT
script.js?m=1521806916j
s2.wp.com/_static/??/wp-content/js/jquery/jquery.autoresize.js,/wp-content/mu-plugins/highlander-comments
42 KB
11 KB
Script
General
Full URL
https://s2.wp.com/_static/??/wp-content/js/jquery/jquery.autoresize.js,/wp-content/mu-plugins/highlander-comments/script.js?m=1521806916j
Requested by
Host: threatreconblog.com
URL: https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
e006b2e9c836d246df8e779c911d71302fc8c17dcb0320b386c3f2ee3e6e04ae

Request headers

Referer
https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc
HIT ams 32
date
Mon, 11 Feb 2019 16:57:10 GMT
content-encoding
gzip
last-modified
Fri, 23 Mar 2018 12:08:53 GMT
server
nginx
etag
W/"5ab4ee55-a6ba"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=31536000
x-ac
4.5am _dfw
expires
Tue, 04 Feb 2020 04:32:40 GMT
jetpack-carousel.css?m=1524699534h&cssminify=yes
s0.wp.com/wp-content/mu-plugins/carousel
22 KB
4 KB
Stylesheet
General
Full URL
https://s0.wp.com/wp-content/mu-plugins/carousel/jetpack-carousel.css?m=1524699534h&cssminify=yes
Requested by
Host: threatreconblog.com
URL: https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
ff3ae511ad442902d07cda794ab776342099fc909a06e630b758bd9a99109b50

Request headers

Referer
https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc
HIT ams 32
date
Mon, 11 Feb 2019 16:57:09 GMT
content-encoding
gzip
server
nginx
etag
W/"5ae111c8-6483"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=31536000
x-ac
4.5am _dfw
expires
Tue, 04 Feb 2020 04:32:40 GMT
tiled-gallery.css?m=1443731146h&cssminify=yes
s2.wp.com/wp-content/mu-plugins/tiled-gallery
1 KB
557 B
Stylesheet
General
Full URL
https://s2.wp.com/wp-content/mu-plugins/tiled-gallery/tiled-gallery.css?m=1443731146h&cssminify=yes
Requested by
Host: threatreconblog.com
URL: https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
b156b5d24f65e76cfff6123c837215362fd186996f49ebf793b0297fc37acfc1

Request headers

Referer
https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc
HIT ams 32
date
Mon, 11 Feb 2019 16:57:09 GMT
content-encoding
gzip
server
nginx
etag
W/"58674605-950"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=31536000
x-ac
4.5am _dfw
expires
Tue, 04 Feb 2020 04:32:43 GMT
BrMCSNw=
s2.wp.com/_static/??-eJyVkl1SwzAMhC+E4zKUgT4wHIVxHCVVIv8gyym9PQ6lJaWdTPtkZ61PXm2sd1HZ4AW86D7pBka0EL+qPj3o2ZHLKlLu0CdNOEDSnxkybI1vCHih2AbniqQOUD/RtU47jHAPdCb8B2ULrpTFXGsKI1g27c8o3ozYGcHgbyU6CrWhW6vT...
188 KB
51 KB
Script
General
Full URL
https://s2.wp.com/_static/??-eJyVkl1SwzAMhC+E4zKUgT4wHIVxHCVVIv8gyym9PQ6lJaWdTPtkZ61PXm2sd1HZ4AW86D7pBka0EL+qPj3o2ZHLKlLu0CdNOEDSnxkybI1vCHih2AbniqQOUD/RtU47jHAPdCb8B2ULrpTFXGsKI1g27c8o3ozYGcHgbyU6CrWhW6vTgLE48oNqg81JtXhKDb2l3Jx7Z4i0rxxeuJkN3oNEYwf9URpo2aEIsBJ0UK5ZCsw0pa+qDWtnUmHKThWrzDiZOGl3dhAuXi7inkN2SneCTrtrCaT4N/Rc78sb4v3vUs2rrr0JwyEnoGNG6igsMIIEjeoM0XTP2dfSVAMmB6KeqtXhR7SB3UJ9DElUSwZZp61h9N1xLdC7e3t8Xm82q9Xr+qX/BrMCSNw=
Requested by
Host: threatreconblog.com
URL: https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
0390ab2474c1d710f9ebebcec85c71cbb7366c2a44cbe51ce48a4642fdb9c13e

Request headers

Referer
https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc
MISS ams 32
date
Mon, 11 Feb 2019 16:57:10 GMT
content-encoding
gzip
last-modified
Mon, 11 Feb 2019 16:01:29 GMT
server
nginx
etag
W/"5c619c59-2efc4"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=31536000
x-ac
2.ams _dfw
expires
Tue, 11 Feb 2020 16:57:10 GMT
Adblocked w.js?59
stats.wp.com
13 KB
4 KB
Script
General
Full URL
https://stats.wp.com/w.js?59
Requested by
Host: threatreconblog.com
URL: https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
df2f1b708c0dcd1b45b7924c9ee58a8374301fab275d46ea6b846ebddc0f67df
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Referer
https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 11 Feb 2019 16:57:10 GMT
content-encoding
gzip
server
nginx
etag
W/"5c363707-4dba"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=31536000
expires
Thu, 06 Feb 2020 16:12:15 GMT
wp-emoji-release.min.js?m=1532082729h&ver=5.1-beta2-44730
s1.wp.com/wp-includes/js
12 KB
4 KB
Script
General
Full URL
https://s1.wp.com/wp-includes/js/wp-emoji-release.min.js?m=1532082729h&ver=5.1-beta2-44730
Requested by
Host: threatreconblog.com
URL: https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5

Request headers

Referer
https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc
HIT ams 32
date
Mon, 11 Feb 2019 16:57:10 GMT
content-encoding
gzip
server
nginx
etag
W/"5b51ba56-2efa"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=31536000
x-ac
2.ams _dfw
expires
Fri, 07 Feb 2020 17:29:40 GMT
global-print.css?m=1465851035h&cssminify=yes
s2.wp.com/wp-content/mu-plugins/global-print
5 KB
2 KB
Stylesheet
General
Full URL
https://s2.wp.com/wp-content/mu-plugins/global-print/global-print.css?m=1465851035h&cssminify=yes
Requested by
Host: threatreconblog.com
URL: https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
7d08e9159f7d2bf0835085cbd1ffb0252b0e11de45ed07db4447f8e63f181dbf

Request headers

Referer
https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc
HIT ams 32
date
Mon, 11 Feb 2019 16:57:10 GMT
content-encoding
gzip
server
nginx
etag
W/"575f1ca1-1f6c"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=31536000
x-ac
4.5am _dfw
expires
Tue, 04 Feb 2020 04:32:44 GMT
nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgEM86xQ.woff2
fonts.gstatic.com/s/playfairdisplay/v13
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/playfairdisplay/v13/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgEM86xQ.woff2
Requested by
Host: threatreconblog.com
URL: https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:818::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
d1a301f4dd52945b5cf0f0c018af9779de11a70d82c26edb17139756af5a16d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Playfair+Display%3A400%2C700%2C400italic%7CLato%3A400%2C400italic%2C700%2C700italic%2C900%2C900italic&subset=latin%2Clatin-ext&ver=5.1-beta2-44730
Origin
https://threatreconblog.com

Response headers

date
Tue, 22 Jan 2019 18:17:58 GMT
x-content-type-options
nosniff
last-modified
Tue, 07 Nov 2017 15:20:15 GMT
server
sffe
age
1723152
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
16652
x-xss-protection
1; mode=block
expires
Wed, 22 Jan 2020 18:17:58 GMT
nuFlD-vYSZviVYUb_rj3ij__anPXBYf9lW4e5j5hNKc.woff2
fonts.gstatic.com/s/playfairdisplay/v13
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/playfairdisplay/v13/nuFlD-vYSZviVYUb_rj3ij__anPXBYf9lW4e5j5hNKc.woff2
Requested by
Host: threatreconblog.com
URL: https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:818::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
aa7281b1ca00d97d58c69337fe4e75a8e780041fe2b89407a03c2e2c5f7f00ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Playfair+Display%3A400%2C700%2C400italic%7CLato%3A400%2C400italic%2C700%2C700italic%2C900%2C900italic&subset=latin%2Clatin-ext&ver=5.1-beta2-44730
Origin
https://threatreconblog.com

Response headers

date
Mon, 21 Jan 2019 15:44:43 GMT
x-content-type-options
nosniff
last-modified
Tue, 07 Nov 2017 15:20:37 GMT
server
sffe
age
1818747
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
18156
x-xss-protection
1; mode=block
expires
Tue, 21 Jan 2020 15:44:43 GMT
nuFkD-vYSZviVYUb_rj3ij__anPXDTnogkk7yRZrPA.woff2
fonts.gstatic.com/s/playfairdisplay/v13
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/playfairdisplay/v13/nuFkD-vYSZviVYUb_rj3ij__anPXDTnogkk7yRZrPA.woff2
Requested by
Host: threatreconblog.com
URL: https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:818::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b3d96d61e0766027a2675475a6981713e4ccc4fe1dd7f11eb1148fff2d027727
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Playfair+Display%3A400%2C700%2C400italic%7CLato%3A400%2C400italic%2C700%2C700italic%2C900%2C900italic&subset=latin%2Clatin-ext&ver=5.1-beta2-44730
Origin
https://threatreconblog.com

Response headers

date
Mon, 04 Feb 2019 18:54:54 GMT
x-content-type-options
nosniff
last-modified
Tue, 07 Nov 2017 15:20:23 GMT
server
sffe
age
597736
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
17932
x-xss-protection
1; mode=block
expires
Tue, 04 Feb 2020 18:54:54 GMT
S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v14
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v14/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
Requested by
Host: threatreconblog.com
URL: https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:818::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
a3b3c4f67bf2b44294215e2be76f12794e6b142edec201e199c93c38739f2bfc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Playfair+Display%3A400%2C700%2C400italic%7CLato%3A400%2C400italic%2C700%2C700italic%2C900%2C900italic&subset=latin%2Clatin-ext&ver=5.1-beta2-44730
Origin
https://threatreconblog.com

Response headers

date
Thu, 03 Jan 2019 03:31:30 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 18:24:00 GMT
server
sffe
age
3417940
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
14076
x-xss-protection
1; mode=block
expires
Fri, 03 Jan 2020 03:31:30 GMT
S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v14
13 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v14/S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2
Requested by
Host: threatreconblog.com
URL: https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:818::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b907cd5b9c690c51dffd25fed156e1f024bf46db2ed8778273cf7657b4f35a05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Playfair+Display%3A400%2C700%2C400italic%7CLato%3A400%2C400italic%2C700%2C700italic%2C900%2C900italic&subset=latin%2Clatin-ext&ver=5.1-beta2-44730
Origin
https://threatreconblog.com

Response headers

date
Thu, 20 Dec 2018 10:05:28 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 18:23:58 GMT
server
sffe
age
4603902
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13604
x-xss-protection
1; mode=block
expires
Fri, 20 Dec 2019 10:05:28 GMT
data:truncated
data:truncated
18 KB
0
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
895964971ebdb56ee76d08850bcb4c5a88ec4c65e6a235882304e8ff6767cd7c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin
https://threatreconblog.com

Response headers

Content-Type
application/x-font-woff;charset=utf-8
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v14
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v14/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: threatreconblog.com
URL: https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:818::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
52726fb580d6bffc46615863ddbf4c319524b5a68fb484be2972bdad4fd0310d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Playfair+Display%3A400%2C700%2C400italic%7CLato%3A400%2C400italic%2C700%2C700italic%2C900%2C900italic&subset=latin%2Clatin-ext&ver=5.1-beta2-44730
Origin
https://threatreconblog.com

Response headers

date
Mon, 21 Jan 2019 15:44:25 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 18:23:20 GMT
server
sffe
age
1818765
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13944
x-xss-protection
1; mode=block
expires
Tue, 21 Jan 2020 15:44:25 GMT
button-back.gif
s0.wp.com/wp-content/mu-plugins/highlander-comments/images
1 KB
1 KB
Image
General
Full URL
https://s0.wp.com/wp-content/mu-plugins/highlander-comments/images/button-back.gif
Requested by
Host: threatreconblog.com
URL: https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
0dab369eac5fd3a06420395d02d292bc3e3ab0bf62add857c72804fd9f4edd35

Request headers

Referer
https://s0.wp.com/wp-content/mu-plugins/highlander-comments/style.css?m=1530132353h&cssminify=yes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc
HIT ams 32
date
Mon, 11 Feb 2019 16:57:10 GMT
x-ac
4.5am _dfw
last-modified
Sat, 31 Dec 2016 05:45:43 GMT
server
nginx
etag
"58674607-4d0"
content-type
image/gif
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1232
expires
Tue, 04 Feb 2020 04:32:42 GMT
data:truncated
data:truncated
14 KB
0
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
970a3fa15876d16dcc0fd70eb7c9ab44d733108b3ddca1a449edd0356c1b79a7

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin
https://threatreconblog.com

Response headers

Content-Type
application/x-font-woff;charset=utf-8
widgets.js
platform.twitter.com
93 KB
28 KB
Script
General
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: s2.wp.com
URL: https://s2.wp.com/_static/??-eJyVkl1SwzAMhC+E4zKUgT4wHIVxHCVVIv8gyym9PQ6lJaWdTPtkZ61PXm2sd1HZ4AW86D7pBka0EL+qPj3o2ZHLKlLu0CdNOEDSnxkybI1vCHih2AbniqQOUD/RtU47jHAPdCb8B2ULrpTFXGsKI1g27c8o3ozYGcHgbyU6CrWhW6vTgLE48oNqg81JtXhKDb2l3Jx7Z4i0rxxeuJkN3oNEYwf9URpo2aEIsBJ0UK5ZCsw0pa+qDWtnUmHKThWrzDiZOGl3dhAuXi7inkN2SneCTrtrCaT4N/Rc78sb4v3vUs2rrr0JwyEnoGNG6igsMIIEjeoM0XTP2dfSVAMmB6KeqtXhR7SB3UJ9DElUSwZZp61h9N1xLdC7e3t8Xm82q9Xr+qX/BrMCSNw=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/4199) /
Resource Hash
edec3d5d129ff6f29ef5211d16862b9e6390227e6712e5dcf90b46023a19073b

Request headers

Referer
https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 11 Feb 2019 16:57:10 GMT
Content-Encoding
gzip
Last-Modified
Wed, 06 Feb 2019 23:37:50 GMT
Server
ECS (fcn/4199)
Etag
"bd29d9845873b291d46dd0df9ef27aa6+gzip"
Vary
Accept-Encoding
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control
public, max-age=1800
Content-Type
application/javascript; charset=utf-8
Content-Length
27996
wpcom-gray-white.png
s2.wp.com/i/logo
8 KB
8 KB
Image
General
Full URL
https://s2.wp.com/i/logo/wpcom-gray-white.png
Requested by
Host: threatreconblog.com
URL: https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
c0e93b5ebf107af77d9e7d101d186b3b93e9d5ad4fbb6a74e2dea60173cc04f8

Request headers

Referer
https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc
HIT ams 32
date
Mon, 11 Feb 2019 16:57:10 GMT
x-ac
4.5am _dfw
last-modified
Sat, 31 Dec 2016 05:32:45 GMT
server
nginx
etag
"586742fd-200b"
content-type
image/png
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-length
8203
expires
Tue, 04 Feb 2020 04:32:43 GMT
Adblocked master.html?ver=20180319
widgets.wp.com/likes
0
0
Document
General
Full URL
https://widgets.wp.com/likes/master.html?ver=20180319
Requested by
Host: threatreconblog.com
URL: https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
Blocked
Source: easylist, Type: annoyance (This would have been blocked)

Request headers

:method
GET
:authority
widgets.wp.com
:scheme
https
:path
/likes/master.html?ver=20180319
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/

Response headers

status
200
server
nginx
date
Mon, 11 Feb 2019 16:57:10 GMT
content-type
text/html
last-modified
Thu, 03 May 2018 03:31:23 GMT
vary
Accept-Encoding
etag
W/"5aea828b-84e"
content-encoding
gzip
x-ac
4.5am _dfw
x-nc
HIT ams 32
hovercard.min.css?ver=201907y
0.gravatar.com/dist/css
7 KB
2 KB
Stylesheet
General
Full URL
https://0.gravatar.com/dist/css/hovercard.min.css?ver=201907y
Requested by
Host: s1.wp.com
URL: https://s1.wp.com/_static/??-eJyFztEKwjAMBdAfsquTiXsRv6XWOFKXtDbphn69HeiDMBQC9+EeuLFzMsh+LBcQG+rdC+THO5ogG/sLGMIhO4WGkD/YR1ZgXWyKogQiboCVluIZRzBFIFfAWmeuccV9v4Q8Icx/WQBNzt9MBsHnsn6iY9v1h13f7rtteAE4/VvS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
7b5e32cb325e9aaef357a421cd16ddf6d6ddb70fec74b6c35a73eccc6817664c

Request headers

Referer
https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 11 Feb 2019 16:57:11 GMT
content-encoding
gzip
last-modified
Thu, 22 Mar 2018 09:46:04 GMT
server
nginx
etag
W/"5ab37b5c-1a2e"
content-type
text/css
status
200
cache-control
max-age=604800
expires
Mon, 18 Feb 2019 16:57:11 GMT
services.min.css?ver=201907y
0.gravatar.com/dist/css
3 KB
550 B
Stylesheet
General
Full URL
https://0.gravatar.com/dist/css/services.min.css?ver=201907y
Requested by
Host: s1.wp.com
URL: https://s1.wp.com/_static/??-eJyFztEKwjAMBdAfsquTiXsRv6XWOFKXtDbphn69HeiDMBQC9+EeuLFzMsh+LBcQG+rdC+THO5ogG/sLGMIhO4WGkD/YR1ZgXWyKogQiboCVluIZRzBFIFfAWmeuccV9v4Q8Icx/WQBNzt9MBsHnsn6iY9v1h13f7rtteAE4/VvS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
e9fc9b1878db1b13b973252b048d19a17abb34a8da464a552c6d401728ed1e86

Request headers

Referer
https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 11 Feb 2019 16:57:11 GMT
content-encoding
gzip
last-modified
Thu, 22 Mar 2018 09:46:04 GMT
server
nginx
etag
W/"5ab37b5c-a54"
content-type
text/css
status
200
cache-control
max-age=604800
expires
Mon, 18 Feb 2019 16:57:11 GMT
?callback=WPCOMSharing.update_facebook_count&ids=https%3A%2F%2Fthreatreconblog.com%2F2017%2F02%2F05%2Fkings-and-secrets-not-a-good-combo%2F&_=1549904230028
graph.facebook.com
303 B
593 B
Script
General
Full URL
https://graph.facebook.com/?callback=WPCOMSharing.update_facebook_count&ids=https%3A%2F%2Fthreatreconblog.com%2F2017%2F02%2F05%2Fkings-and-secrets-not-a-good-combo%2F&_=1549904230028
Requested by
Host: s1.wp.com
URL: https://s1.wp.com/_static/??-eJyFztEKwjAMBdAfsquTiXsRv6XWOFKXtDbphn69HeiDMBQC9+EeuLFzMsh+LBcQG+rdC+THO5ogG/sLGMIhO4WGkD/YR1ZgXWyKogQiboCVluIZRzBFIFfAWmeuccV9v4Q8Icx/WQBNzt9MBsHnsn6iY9v1h13f7rtteAE4/VvS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:20e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
7796cd8b8e91502c5e22a5ae9eb62877b5e07a90183d83a2d4a7e044474eb975
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

Referer
https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-app-usage
{"call_count":0,"total_cputime":0,"total_time":0}
status
200
date
Mon, 11 Feb 2019 16:57:11 GMT
x-fb-rev
4753627
content-length
150
pragma
no-cache
x-fb-debug
oxI/ZxAo//4wtLwZG84x9DBuOsPLBh0tS2RZN1Az/Xsv4yn7XdsL5ztNkM0b9NnQLH8a/boekpGlbU19w3SDIQ==
x-fb-trace-id
Ek0xygnMNLU
etag
"71117bd95cd52a85e43ca46ffaf8aff62f7ad2d6"
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-fb-request-id
A2F_TJnfolIgCK6zUZelr5s
cache-control
private, no-cache, no-store, must-revalidate
facebook-api-version
v2.8
expires
Sat, 01 Jan 2000 00:00:00 GMT
Adblocked g.gif?v=wpcom-no-pv&x_sharing-count-request=facebook&r=0.32552828691200375
pixel.wp.com
50 B
97 B
Image
General
Full URL
https://pixel.wp.com/g.gif?v=wpcom-no-pv&x_sharing-count-request=facebook&r=0.32552828691200375
Requested by
Host: threatreconblog.com
URL: https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Referer
https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Mon, 11 Feb 2019 16:57:11 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
Adblocked g.gif?x_stats-initial-visibility=visible&v=wpcom-no-pv&rand=0.007963631663784554
pixel.wp.com
50 B
74 B
Image
General
Full URL
https://pixel.wp.com/g.gif?x_stats-initial-visibility=visible&v=wpcom-no-pv&rand=0.007963631663784554
Requested by
Host: threatreconblog.com
URL: https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Referer
https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Mon, 11 Feb 2019 16:57:11 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
Adblocked g.gif?blog=109515044&v=wpcom&tz=-5&user_id=0&post=1343&subd=ctiwagon&host=threatreconblog.com&ref=&fcp=1452&rand=0.12775819837565705
pixel.wp.com
50 B
74 B
Image
General
Full URL
https://pixel.wp.com/g.gif?blog=109515044&v=wpcom&tz=-5&user_id=0&post=1343&subd=ctiwagon&host=threatreconblog.com&ref=&fcp=1452&rand=0.12775819837565705
Requested by
Host: threatreconblog.com
URL: https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Referer
https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Mon, 11 Feb 2019 16:57:11 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
Adblocked g.gif?crypt=UE40eW5QN0p8M2Y%2FRE1TaVhzUzFMbjdWNHpwZGhTayxPSUFCMGRVYVNrSFguN3FwSmQ5RGtNX3VQcj1yVzhiflM1THQtLGFdQ2toOXYlVH5XclFjcktRMXhfUFFKZTlQd290eWMtZmU%2FVX5CMm56eGtXTFBbdThHSHVkZT98JVhqUlhqWVBYN...
pixel.wp.com
50 B
74 B
Image
General
Full URL
https://pixel.wp.com/g.gif?crypt=UE40eW5QN0p8M2Y%2FRE1TaVhzUzFMbjdWNHpwZGhTayxPSUFCMGRVYVNrSFguN3FwSmQ5RGtNX3VQcj1yVzhiflM1THQtLGFdQ2toOXYlVH5XclFjcktRMXhfUFFKZTlQd290eWMtZmU%2FVX5CMm56eGtXTFBbdThHSHVkZT98JVhqUlhqWVBYNmY0JX5lbWZLMCtMdltffkNxcVZbUlAxSzlaK1hRWCVtP3Z4ekplWFNqJk1FYUZDL0x4LGk0ZVV3ZmFSbGomRFFkRGZsfmJlRnpjM35QS2Z4Yl0yZUpXNSwwOVdPMWRoNiVlWjVOM1JMTXBwTVFoSEllTm9pYmxMOXEvTHxtR34vMn5NP01aRnVscWZIbmwsVThyfmdkTmcuQWhqalY3LllvTXoyT19SLywrXWs2QUk%3D&v=wpcom-no-pv&rand=0.37224858904411096
Requested by
Host: threatreconblog.com
URL: https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Referer
https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Mon, 11 Feb 2019 16:57:11 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
widget_iframe.5b0c4d3ea3997aa2c22eac39be510646.html?origin=https%3A%2F%2Fthreatreconblog.com&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings
platform.twitter.com/widgets
0
0
Document
General
Full URL
https://platform.twitter.com/widgets/widget_iframe.5b0c4d3ea3997aa2c22eac39be510646.html?origin=https%3A%2F%2Fthreatreconblog.com&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41A6) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/

Response headers

Content-Encoding
gzip
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Mon, 11 Feb 2019 16:57:11 GMT
Etag
"347ce5de96d97a02c18244967b8b6532+gzip"
Last-Modified
Wed, 06 Feb 2019 23:36:53 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/41A6)
Vary
Accept-Encoding
X-Cache
HIT
Content-Length
5783
grid~moment~timeline~tweet.e6c6c9e1c7f05a1ab5b34fc90a421fbc.js
platform.twitter.com/js
15 KB
5 KB
Script
General
Full URL
https://platform.twitter.com/js/grid~moment~timeline~tweet.e6c6c9e1c7f05a1ab5b34fc90a421fbc.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/419A) /
Resource Hash
c593bc7f38a0af012800c9d078d6ad158ebaf21c5db11e1a4b41ac21eea162d8

Request headers

Referer
https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 11 Feb 2019 16:57:11 GMT
Content-Encoding
gzip
Last-Modified
Wed, 06 Feb 2019 23:36:45 GMT
Server
ECS (fcn/419A)
Etag
"85ec66664d77dad7f3237042434f5719+gzip"
Vary
Accept-Encoding
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control
public, max-age=315360000
Content-Type
application/javascript; charset=utf-8
Content-Length
5151
moment~timeline~tweet.50bff1a04f1f37b6a41fa15859518e07.js
platform.twitter.com/js
9 KB
4 KB
Script
General
Full URL
https://platform.twitter.com/js/moment~timeline~tweet.50bff1a04f1f37b6a41fa15859518e07.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/4195) /
Resource Hash
1da3db939ce70f4489f44f7466d79bdd91568aedba46ff3d8598b982e215c3a7

Request headers

Referer
https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 11 Feb 2019 16:57:11 GMT
Content-Encoding
gzip
Last-Modified
Wed, 06 Feb 2019 23:36:46 GMT
Server
ECS (fcn/4195)
Etag
"198d51c94e63ef08344a7234cb425aa1+gzip"
Vary
Accept-Encoding
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control
public, max-age=315360000
Content-Type
application/javascript; charset=utf-8
Content-Length
3164
Adblocked timeline.aaa11362f8b0ee98bfaaea3b20412494.js
platform.twitter.com/js
37 KB
11 KB
Script
General
Full URL
https://platform.twitter.com/js/timeline.aaa11362f8b0ee98bfaaea3b20412494.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/4195) /
Resource Hash
34dd2d02e2078de476cc59a2393a726f4e73eabe678304e08875a9e520ff8eac
Blocked
Source: easylist, Type: annoyance (This would have been blocked)

Request headers

Referer
https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 11 Feb 2019 16:57:11 GMT
Content-Encoding
gzip
Last-Modified
Wed, 06 Feb 2019 23:36:46 GMT
Server
ECS (fcn/4195)
Etag
"83efe9ce5e6a6086325808a67470baa5+gzip"
Vary
Accept-Encoding
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control
public, max-age=315360000
Content-Type
application/javascript; charset=utf-8
Content-Length
11195
profile?callback=__twttr.callbacks.tl_i0_profile_threat_recon_old&dnt=false&domain=threatreconblog.com&lang=en&screen_name=threat_recon&suppress_response_codes=true&t=1722115&tweet_limit=5&tz=GMT%2...
cdn.syndication.twimg.com/timeline
31 KB
5 KB
Script
General
Full URL
https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i0_profile_threat_recon_old&dnt=false&domain=threatreconblog.com&lang=en&screen_name=threat_recon&suppress_response_codes=true&t=1722115&tweet_limit=5&tz=GMT%2B0000&with_replies=false
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.120.159 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
100d7b4aa6f2b2b8994968d98d458f52bc303e1431794db29069f5ef6a4ac285
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer
https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
content-encoding
gzip
x-content-type-options
nosniff
age
0
x-cache
MISS
status
200
content-disposition
attachment; filename=jsonp.jsonp
vary
Accept-Encoding
content-length
4269
x-xss-protection
1; mode=block; report=https://twitter.com/i/xss_report
x-served-by
cache-cdg20728-CDG
x-response-time
161
last-modified
Mon, 11 Feb 2019 16:57:11 GMT
x-timer
S1549904232.542852,VS0,VE170
date
Mon, 11 Feb 2019 16:57:11 GMT
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=utf-8
via
1.1 varnish
cache-control
must-revalidate, max-age=300
x-connection-hash
5298666bf5b2842071695c22c7adf38d
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 11 Feb 2019 17:02:11 GMT
Adblocked syndication?l=%7B%22_category_%22%3A%22syndicated_impression%22%2C%22triggered_on%22%3A1549904231431%2C%22dnt%22%3Afalse%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22time...
syndication.twitter.com/i/jot
43 B
123 B
Image
General
Full URL
https://syndication.twitter.com/i/jot/syndication?l=%7B%22_category_%22%3A%22syndicated_impression%22%2C%22triggered_on%22%3A1549904231431%2C%22dnt%22%3Afalse%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline%22%2C%22action%22%3A%22impression%22%7D%7D
Requested by
Host: threatreconblog.com
URL: https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.16.157.105 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer
https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 11 Feb 2019 16:57:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
strict-transport-security
max-age=631138519
content-length
65
x-xss-protection
1; mode=block; report=https://twitter.com/i/xss_report
x-response-time
11
pragma
no-cache
last-modified
Mon, 11 Feb 2019 16:57:11 GMT
server
tsa_b
x-frame-options
SAMEORIGIN
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
df5a1fa199774e70c179828cf9d9ccf9
x-transaction
002013d100088582
expires
Tue, 31 Mar 1981 05:00:00 GMT
Adblocked index.html?ver=20180319
widgets.wp.com/likes
0
0
Document
General
Full URL
https://widgets.wp.com/likes/index.html?ver=20180319
Requested by
Host: s1.wp.com
URL: https://s1.wp.com/_static/??-eJyFztEKwjAMBdAfsquTiXsRv6XWOFKXtDbphn69HeiDMBQC9+EeuLFzMsh+LBcQG+rdC+THO5ogG/sLGMIhO4WGkD/YR1ZgXWyKogQiboCVluIZRzBFIFfAWmeuccV9v4Q8Icx/WQBNzt9MBsHnsn6iY9v1h13f7rtteAE4/VvS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
Blocked
Source: easylist, Type: annoyance (This would have been blocked)

Request headers

:method
GET
:authority
widgets.wp.com
:scheme
https
:path
/likes/index.html?ver=20180319
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/

Response headers

status
200
server
nginx
date
Mon, 11 Feb 2019 16:57:11 GMT
content-type
text/html
content-length
126
last-modified
Sat, 23 Dec 2017 00:24:47 GMT
etag
"5a3da24f-7e"
x-ac
4.5am _dfw
x-nc
HIT ams 32
accept-ranges
bytes
timeline.0940efb0bc0eb82a2de893b3e7b414bf.light.ltr.css
platform.twitter.com/css
55 KB
13 KB
Stylesheet
General
Full URL
https://platform.twitter.com/css/timeline.0940efb0bc0eb82a2de893b3e7b414bf.light.ltr.css
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41A4) /
Resource Hash
7cbb0e141a91d2c3c30c06148c1a32c2437ea6452f107a4e1fb0c032708a1295

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 11 Feb 2019 16:57:11 GMT
Content-Encoding
gzip
Last-Modified
Wed, 06 Feb 2019 23:36:43 GMT
Server
ECS (fcn/41A4)
Etag
"db7cf7a65ee339eb82d0f17892ef631f+gzip"
Vary
Accept-Encoding
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control
public, max-age=315360000
Content-Type
text/css; charset=utf-8
Content-Length
12542
timeline.0940efb0bc0eb82a2de893b3e7b414bf.light.ltr.css
platform.twitter.com/css
55 KB
55 KB
Image
General
Full URL
https://platform.twitter.com/css/timeline.0940efb0bc0eb82a2de893b3e7b414bf.light.ltr.css
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41A4) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 11 Feb 2019 16:57:11 GMT
Content-Encoding
gzip
Last-Modified
Wed, 06 Feb 2019 23:36:43 GMT
Server
ECS (fcn/41A4)
Etag
"db7cf7a65ee339eb82d0f17892ef631f+gzip"
Vary
Accept-Encoding
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control
public, max-age=315360000
Content-Type
text/css; charset=utf-8
Content-Length
12542
v499oH59_normal.jpg
pbs.twimg.com/profile_images/816863627705622528
2 KB
2 KB
Image
General
Full URL
https://pbs.twimg.com/profile_images/816863627705622528/v499oH59_normal.jpg
Requested by
Host: threatreconblog.com
URL: https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.120.159 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
1a6a361be5e4f031e089d664ccf0698f9b5ab56bb62324eabc35ef0be3aa722a
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Thu, 05 Jan 2017 04:25:20 GMT
access-control-allow-origin
*
date
Mon, 11 Feb 2019 16:57:12 GMT
tw-cdn
FT
x-cache
MISS, MISS
content-type
image/jpeg
status
200
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
accept-ranges
bytes
content-length
2187
x-served-by
cache-tw-lon2-cr1-23-TWLON2, cache-cdg20744-CDG
A4mG0U5P_normal.jpg
pbs.twimg.com/profile_images/885169621795565573
2 KB
2 KB
Image
General
Full URL
https://pbs.twimg.com/profile_images/885169621795565573/A4mG0U5P_normal.jpg
Requested by
Host: threatreconblog.com
URL: https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.120.159 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
25b438de3e944547e69c6de98e403f46a9aa4fb98e6d1bb34954fd30ebc19b56
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Wed, 12 Jul 2017 16:08:58 GMT
access-control-allow-origin
*
date
Mon, 11 Feb 2019 16:57:11 GMT
tw-cdn
FT
x-cache
HIT, HIT
content-type
image/jpeg
status
200
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
accept-ranges
bytes
content-length
1883
x-served-by
mtc-tw-lon2-2-TWLON2, cache-cdg20744-CDG
DnuEXe4M_normal.jpeg
pbs.twimg.com/profile_images/533001970626621440
2 KB
2 KB
Image
General
Full URL
https://pbs.twimg.com/profile_images/533001970626621440/DnuEXe4M_normal.jpeg
Requested by
Host: threatreconblog.com
URL: https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.120.159 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
e7eea5490ae4a16d6d01274135f05102f04afdea4b6a5d5667932fa831ce75d1
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Thu, 13 Nov 2014 21:00:27 GMT
access-control-allow-origin
*
date
Mon, 11 Feb 2019 16:57:11 GMT
tw-cdn
FT
x-cache
HIT, MISS
content-type
image/jpeg
status
200
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
accept-ranges
bytes
content-length
1655
x-served-by
mtc-tw-lon2-5-TWLON2, cache-cdg20744-CDG
G1ZAMGxV_normal.jpg
pbs.twimg.com/profile_images/1030261804801249281
2 KB
2 KB
Image
General
Full URL
https://pbs.twimg.com/profile_images/1030261804801249281/G1ZAMGxV_normal.jpg
Requested by
Host: threatreconblog.com
URL: https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.120.159 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
f6d4ce565828a2aa11f5c80e0fc56c165a2630704ca24160dc5c05abaf298e60
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Fri, 17 Aug 2018 01:13:30 GMT
access-control-allow-origin
*
date
Mon, 11 Feb 2019 16:57:11 GMT
tw-cdn
FT
x-cache
HIT, HIT
content-type
image/jpeg
status
200
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
accept-ranges
bytes
content-length
2187
x-served-by
mtc-tw-lon2-cr1-10-TWLON2, cache-cdg20744-CDG
io4rCEZja6HqDrHF?format=jpg&name=360x360
pbs.twimg.com/ext_tw_video_thumb/845263076991668226/pu/img
10 KB
10 KB
Image
General
Full URL
https://pbs.twimg.com/ext_tw_video_thumb/845263076991668226/pu/img/io4rCEZja6HqDrHF?format=jpg&name=360x360
Requested by
Host: threatreconblog.com
URL: https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.120.159 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
26b1a512ad826aaa0ea004233add43a61946855dc531b7eb2ab3e4462a686204
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Fri, 24 Mar 2017 13:14:36 GMT
access-control-allow-origin
*
date
Mon, 11 Feb 2019 16:57:12 GMT
tw-cdn
FT
x-cache
MISS, MISS
content-type
image/jpeg
status
200
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
accept-ranges
bytes
content-length
9914
x-served-by
cache-tw-lon2-cr1-25-TWLON2, cache-cdg20744-CDG
data:truncated
data:truncated
707 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
338e5578a7b3021caec1db415b93b214c378029d3cd8d19adc833d8b85ea7d29

Request headers

Response headers

Content-Type
image/svg+xml;charset=utf-8
data:truncated
data:truncated
825 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc

Request headers

Response headers

Content-Type
image/svg+xml;charset=utf-8
data:truncated
data:truncated
572 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
abd2a457215e60ab60b2a6b4f25a17583c5d80e13935f76e097236f729c5dcd6

Request headers

Response headers

Content-Type
image/svg+xml;charset=utf-8
data:truncated
data:truncated
644 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a87f4fd815fc95288f2da6efc536c950ef940bd9eb52176fd9e8e56107cc65e2

Request headers

Response headers

Content-Type
image/svg+xml;charset=utf-8
data:truncated
data:truncated
739 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ed07f590bdfa9aa775dbfdef617d98e1e972d102d4289c7a68d3bd9118c280b

Request headers

Response headers

Content-Type
image/svg+xml;charset=utf-8
data:truncated
data:truncated
607 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
059d7f76a7662405100374530359da8f439f4b945864fafab45b834320a429e2

Request headers

Response headers

Content-Type
image/svg+xml;charset=utf-8
Adblocked jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fthreatreconblog.com%2F2017%2F02%2F05%2Fkings-and-secrets-not-a-good-combo%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_partner%22%3A%22jetpack%22%2...
syndication.twitter.com/i
43 B
166 B
Image
General
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fthreatreconblog.com%2F2017%2F02%2F05%2Fkings-and-secrets-not-a-good-combo%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_partner%22%3A%22jetpack%22%2C%22widget_site_screen_name%22%3A%22wordpressdotcom%22%2C%22widget_data_source%22%3A%22profile%3Athreat_recon%22%2C%22query%22%3Anull%2C%22profile_id%22%3Anull%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1549904232126%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22c904644%3A1549479674056%22%2C%22format_version%22%3A%22c904644%3A1549479674056%22%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline%22%2C%22element%22%3A%22notice%22%2C%22section%22%3A%22header%22%2C%22action%22%3A%22seen%22%7D%7D&notice_seen=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.16.157.105 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer
https://threatreconblog.com/2017/02/05/kings-and-secrets-not-a-good-combo/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 11 Feb 2019 16:57:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
strict-transport-security
max-age=631138519
content-length
65
x-xss-protection
1; mode=block; report=https://twitter.com/i/xss_report
x-response-time
7
pragma
no-cache
last-modified
Mon, 11 Feb 2019 16:57:12 GMT
server
tsa_b
x-frame-options
SAMEORIGIN
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
df5a1fa199774e70c179828cf9d9ccf9
x-transaction
0074d19500ab1aef
expires
Tue, 31 Mar 1981 05:00:00 GMT
Adblocked jot.html
platform.twitter.com
Redirect Chain
  • https://syndication.twitter.com/i/jot
  • https://platform.twitter.com/jot.html
0
0
Document
General
Full URL
https://platform.twitter.com/jot.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41AD) /
Resource Hash
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
Origin
null
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Accept-Ranges
bytes
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Mon, 11 Feb 2019 16:57:12 GMT
Etag
"d9592a6c704736fa4da218d4357976dd"
Last-Modified
Wed, 06 Feb 2019 23:37:50 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/41AD)
X-Cache
HIT
Content-Length
80

Redirect headers

status
302 302 Found
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length
0
content-type
text/html;charset=utf-8
date
Mon, 11 Feb 2019 16:57:12 GMT
expires
Tue, 31 Mar 1981 05:00:00 GMT
last-modified
Mon, 11 Feb 2019 16:57:12 GMT
location
https://platform.twitter.com/jot.html
pragma
no-cache
server
tsa_b
strict-transport-security
max-age=631138519
x-connection-hash
df5a1fa199774e70c179828cf9d9ccf9
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-response-time
11
x-transaction
003e63d900cfd30a
x-tsa-request-body-time
0
x-twitter-response-tags
BouncerCompliant
x-xss-protection
0

Redirect requests

There were HTTP redirects (301, 302) for the following requests:

Request 65
  • https://syndication.twitter.com/i/jot
  • https://platform.twitter.com/jot.html

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| addLoadEvent object| _wpemojiSettings object| NO_JQUERY object| wpcom_mobile_user_agent_info undefined| $ function| jQuery function| pm object| jQuery112406000140029071586 object| Jetpack function| highlander_expando_javascript object| twemoji object| wp function| hex_md5 function| b64_md5 function| str_md5 function| hex_hmac_md5 function| b64_hmac_md5 function| str_hmac_md5 function| md5_vm_test function| core_md5 function| md5_cmn function| md5_ff function| md5_gg function| md5_hh function| md5_ii function| core_hmac_md5 function| safe_add function| bit_rol function| str2binl function| binl2str function| binl2hex function| binl2b64 object| Gravatar object| GProfile number| hexcase string| b64pad number| chrsz object| WPGroHo object| HighlanderComments object| WPCOM_sharing_counts object| comment_like_text object| actionbardata object| jetpackCarouselStrings object| sharing_js_options object| wpcom_img_zoomer object| jetpackLikesWidgetQueue object| jetpackLikesWidgetBatch boolean| jetpackLikesMasterReady function| JetpackLikespostMessage function| JetpackLikesBatchHandler function| JetpackLikesMessageListener function| JetpackLikesWidgetQueueHandler function| Swipe object| wpcom object| ak_js object| commentForm undefined| replyRowContainer undefined| children object| WPCOMSharing object| detectZoom object| addComment function| Spinner undefined| windowOpen object| _tkq object| _stq string| mobileStatsQueryString string| new_css boolean| comment_likes_loaded function| st_go function| ex_go function| re_go function| linktracker_init object| __twttrll object| twttr object| __twttr

0 Cookies

1 Console Messages

Source Level URL
Text
console-api log URL: https://s1.wp.com/_static/??-eJyFztEKwjAMBdAfsquTiXsRv6XWOFKXtDbphn69HeiDMBQC9+EeuLFzMsh+LBcQG+rdC+THO5ogG/sLGMIhO4WGkD/YR1ZgXWyKogQiboCVluIZRzBFIFfAWmeuccV9v4Q8Icx/WQBNzt9MBsHnsn6iY9v1h13f7rtteAE4/VvS, Line 9, Column552
Message:
JQMIGRATE: Migrate is installed, version 1.4.1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=86400

Indicators of compromise (IoCs)

This is a term in the security industry to describe indicators around an attack. This includes IPs, hashes, domains, etc.

0.gravatar.com
1.gravatar.com
cdn.syndication.twimg.com
ctiwagon.files.wordpress.com
fonts.googleapis.com
fonts.gstatic.com
graph.facebook.com
pbs.twimg.com
pixel.wp.com
platform.twitter.com
r-login.wordpress.com
s0.wp.com
s1.wp.com
s2.wp.com
stats.wp.com
syndication.twitter.com
threatreconblog.com
widgets.wp.com


151.101.120.159
192.0.72.22
192.0.76.3
192.0.77.32
192.0.78.18
192.0.78.24
199.16.157.105
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:808::200a
2a00:1450:4001:818::2003
2a03:2880:f01c:20e:face:b00c:0:2
2a04:fa87:fffe::c000:4902

0390ab2474c1d710f9ebebcec85c71cbb7366c2a44cbe51ce48a4642fdb9c13e
059d7f76a7662405100374530359da8f439f4b945864fafab45b834320a429e2
0dab369eac5fd3a06420395d02d292bc3e3ab0bf62add857c72804fd9f4edd35
100d7b4aa6f2b2b8994968d98d458f52bc303e1431794db29069f5ef6a4ac285
1a6a361be5e4f031e089d664ccf0698f9b5ab56bb62324eabc35ef0be3aa722a
1cc8b847a98eeed52a6ff290262820de6a3c58e95a3b81e61871613b3e12ede0
1da3db939ce70f4489f44f7466d79bdd91568aedba46ff3d8598b982e215c3a7
1dc7db9b1a1c4fdd9c5d480dbaf73a6fdb4514224863fcc38b11d0ede27a79b4
21c557180f1bd074974eb41ae4228b6aa9c41234ab1729d780bc8f05761110bb
25b438de3e944547e69c6de98e403f46a9aa4fb98e6d1bb34954fd30ebc19b56
26b1a512ad826aaa0ea004233add43a61946855dc531b7eb2ab3e4462a686204
338e5578a7b3021caec1db415b93b214c378029d3cd8d19adc833d8b85ea7d29
34dd2d02e2078de476cc59a2393a726f4e73eabe678304e08875a9e520ff8eac
363f88feefad565ff1c832b6ac0416a4451b61eb23c9498a4405fc6967af6e51
39082fac325df025d42b8ef04a4af8ba810e7a2e621298f7bac99f49cbd82569
45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc
4ed07f590bdfa9aa775dbfdef617d98e1e972d102d4289c7a68d3bd9118c280b
52726fb580d6bffc46615863ddbf4c319524b5a68fb484be2972bdad4fd0310d
5c78deff7f5ebace5c1073b71aaf2e28fe2346f4c7ea5b3fd430ecd6551ad585
5f8e21998371f848f3f62f7a549314cb6ed3097dc28e55b8d24d6df2a68c50e2
7796cd8b8e91502c5e22a5ae9eb62877b5e07a90183d83a2d4a7e044474eb975
7b5e32cb325e9aaef357a421cd16ddf6d6ddb70fec74b6c35a73eccc6817664c
7cbb0e141a91d2c3c30c06148c1a32c2437ea6452f107a4e1fb0c032708a1295
7d08e9159f7d2bf0835085cbd1ffb0252b0e11de45ed07db4447f8e63f181dbf
8519c2fde48d440aa69d1b85f9fd4929ecd59f314fa5da7f387315ccb5529cc0
895964971ebdb56ee76d08850bcb4c5a88ec4c65e6a235882304e8ff6767cd7c
89d01b152beefa0885d7821cea6cc319054d5e272549b004479a6ac81ecafee3
970a3fa15876d16dcc0fd70eb7c9ab44d733108b3ddca1a449edd0356c1b79a7
9c42615b9f87888a452f177c5ea19899fb8a835b8f6d0b458824e6c332a0adce
a3b3c4f67bf2b44294215e2be76f12794e6b142edec201e199c93c38739f2bfc
a87f4fd815fc95288f2da6efc536c950ef940bd9eb52176fd9e8e56107cc65e2
aa7281b1ca00d97d58c69337fe4e75a8e780041fe2b89407a03c2e2c5f7f00ab
abd2a457215e60ab60b2a6b4f25a17583c5d80e13935f76e097236f729c5dcd6
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b156b5d24f65e76cfff6123c837215362fd186996f49ebf793b0297fc37acfc1
b3d96d61e0766027a2675475a6981713e4ccc4fe1dd7f11eb1148fff2d027727
b907cd5b9c690c51dffd25fed156e1f024bf46db2ed8778273cf7657b4f35a05
c0e93b5ebf107af77d9e7d101d186b3b93e9d5ad4fbb6a74e2dea60173cc04f8
c593bc7f38a0af012800c9d078d6ad158ebaf21c5db11e1a4b41ac21eea162d8
cb3e87ff58a5e66937ffb6013c8265ed549658a4ff59c1f8d8ae193f488390a5
d1a301f4dd52945b5cf0f0c018af9779de11a70d82c26edb17139756af5a16d5
d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5
d6db870467c146406663e1dacca4a1af3bbbc6326ee081cdf204049ab90e6f0e
da0fd1d3de6c9d577f2f6d2706653e75614277a9bb837a6692e8715aa2bb728d
db4d5fd4cb9d0adf12e70f3cd0155fd917561844aaed0ff596c18712c989757d
df2f1b708c0dcd1b45b7924c9ee58a8374301fab275d46ea6b846ebddc0f67df
e006b2e9c836d246df8e779c911d71302fc8c17dcb0320b386c3f2ee3e6e04ae
e2aafc9f49e06e222ba5acd0a91077b0ccaa9599e6c3e6bc307335ebde59b789
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7eea5490ae4a16d6d01274135f05102f04afdea4b6a5d5667932fa831ce75d1
e9fc9b1878db1b13b973252b048d19a17abb34a8da464a552c6d401728ed1e86
ed51b6e097b80ac9a3f0164d935ac40581c1d54d6f94abb0c319471b3a05bd2b
edec3d5d129ff6f29ef5211d16862b9e6390227e6712e5dcf90b46023a19073b
ee774a15898e4380bbad747c216705b2783acf431ee0dfdfa7e8c684bcbc6026
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f6d4ce565828a2aa11f5c80e0fc56c165a2630704ca24160dc5c05abaf298e60
ff3ae511ad442902d07cda794ab776342099fc909a06e630b758bd9a99109b50