www.fireeye.com
Open in
urlscan Pro
2a02:e980:d::ba
Public Scan
URL:
https://www.fireeye.com/blog/threat-research/2018/07/microsoft-office-vulnerabilities-used-to-distribute-felixroot-backd...
Submission: On August 06 via api from CH
Submission: On August 06 via api from CH
Summary
This website contacted 38 IPs
in 6 countries
across 30 domains to perform 112 HTTP transactions.
The main IP is 2a02:e980:d::ba, located in
Israel and
belongs to INCAPSULA - Incapsula Inc, US.
The main domain is www.fireeye.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on May 7th 2018. Valid for: 2 years.
This is the only time www.fireeye.com was scanned on urlscan.io!
TLS certificate: Issued by Entrust Certification Authority - L1K on May 7th 2018. Valid for: 2 years.
This is the only time www.fireeye.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 43 | 2a02:e980:d::ba 2a02:e980:d::ba | 19551 (INCAPSULA) (INCAPSULA - Incapsula Inc) | |
| 1 1 | 2.19.35.110 2.19.35.110 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
| 6 | 104.17.74.206 104.17.74.206 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
| 2 | 104.111.242.254 104.111.242.254 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
| 1 | 172.217.16.162 172.217.16.162 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 2 | 2a00:1450:400... 2a00:1450:4001:810::2008 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 1 | 2400:cb00:204... 2400:cb00:2048:1::6810:262f | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
| 2 3 | 2a00:1450:400... 2a00:1450:400c:c0a::9b | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 3 | 2.18.232.23 2.18.232.23 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
| 2 3 | 2a00:1450:400... 2a00:1450:4001:81c::2004 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 2 | 2a00:1450:400... 2a00:1450:4001:810::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 1 | 2a02:26f0:6c0... 2a02:26f0:6c00:2bf::3adf | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
| 2 | 204.79.197.200 204.79.197.200 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation) | |
| 1 | 34.215.33.107 34.215.33.107 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
| 4 | 2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
| 1 2 | 172.217.22.70 172.217.22.70 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 1 | 104.109.87.116 104.109.87.116 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
| 3 | 2a03:2880:f11... 2a03:2880:f11c:8086:face:b00c:0:50fb | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
| 1 | 2a00:1288:80:... 2a00:1288:80:800::7000 | 203220 (YAHOO-DEB) (YAHOO-DEB) | |
| 1 | 205.185.216.10 205.185.216.10 | 20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group) | |
| 1 | 172.217.22.98 172.217.22.98 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 1 | 52.222.150.108 52.222.150.108 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
| 5 | 104.111.228.202 104.111.228.202 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
| 2 3 | 2a05:f500:10:... 2a05:f500:10:101::b93f:9105 | 14413 (LINKEDIN) (LINKEDIN - LinkedIn Corporation) | |
| 1 1 | 2a05:f500:10:... 2a05:f500:10:101::b93f:9101 | 14413 (LINKEDIN) (LINKEDIN - LinkedIn Corporation) | |
| 1 | 52.222.150.46 52.222.150.46 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
| 2 4 | 35.190.27.37 35.190.27.37 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 2 2 | 52.31.82.142 52.31.82.142 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
| 1 | 52.222.150.213 52.222.150.213 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
| 2 2 | 34.233.77.49 34.233.77.49 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
| 1 | 52.222.150.40 52.222.150.40 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
| 1 | 199.15.215.200 199.15.215.200 | 53580 (MARKETO) (MARKETO - MARKETO) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:81c::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 1 | 188.125.66.33 188.125.66.33 | 34010 (YAHOO-IRD) (YAHOO-IRD) | |
| 1 | 66.117.29.11 66.117.29.11 | 15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.) | |
| 3 | 172.82.228.19 172.82.228.19 | 15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.) | |
| 1 6 | 2a00:1450:400... 2a00:1450:4001:81c::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 4 | 2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694 | 15133 (EDGECAST) (EDGECAST - MCI Communications Services) | |
| 4 | 2a00:1450:400... 2a00:1450:4001:810::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 1 | 2606:2800:234... 2606:2800:234:59:254c:406:2366:268c | 15133 (EDGECAST) (EDGECAST - MCI Communications Services) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:81c::200d | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 1 1 | 104.244.42.8 104.244.42.8 | 13414 (TWITTER) (TWITTER - Twitter Inc.) | |
| 112 | 38 |
1
2.19.35.110
(European Union)
ASN20940 (AKAMAI-ASN1, US)
PTR: a2-19-35-110.deploy.static.akamaitechnologies.com
ASN20940 (AKAMAI-ASN1, US)
PTR: a2-19-35-110.deploy.static.akamaitechnologies.com
| cloud.typography.com |
6
104.17.74.206
(San Francisco, United States)
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
| www2.fireeye.com |
2
104.111.242.254
(Amsterdam, Netherlands)
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-242-254.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-242-254.deploy.static.akamaitechnologies.com
| munchkin.marketo.net |
1
172.217.16.162
(Mountain View, United States)
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s11-in-f2.1e100.net
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s11-in-f2.1e100.net
| www.googleadservices.com |
1
2400:cb00:2048:1::6810:262f
(United States)
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
| js.maxmind.com |
3
2.18.232.23
(European Union)
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-232-23.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-232-23.deploy.static.akamaitechnologies.com
| assets.adobedtm.com |
2
204.79.197.200
(Redmond, United States)
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
PTR: a-0001.a-msedge.net
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
PTR: a-0001.a-msedge.net
| bat.bing.com |
1
34.215.33.107
(Boardman, United States)
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-215-33-107.us-west-2.compute.amazonaws.com
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-215-33-107.us-west-2.compute.amazonaws.com
| dpm.demdex.net |
4
2a03:2880:f01c:8012:face:b00c:0:3
(Ireland)
ASN32934 (FACEBOOK - Facebook, Inc., US)
ASN32934 (FACEBOOK - Facebook, Inc., US)
| connect.facebook.net | |
| staticxx.facebook.com |
2
172.217.22.70
(Mountain View, United States)
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s17-in-f6.1e100.net
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s17-in-f6.1e100.net
| 8443343.fls.doubleclick.net |
1
104.109.87.116
(Amsterdam, Netherlands)
ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-87-116.deploy.static.akamaitechnologies.com
ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-87-116.deploy.static.akamaitechnologies.com
| cdn.tt.omtrdc.net |
3
2a03:2880:f11c:8086:face:b00c:0:50fb
(Ireland)
ASN32934 (FACEBOOK - Facebook, Inc., US)
ASN32934 (FACEBOOK - Facebook, Inc., US)
| www.facebook.com |
1
205.185.216.10
(Phoenix, United States)
ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: map2.hwcdn.net
ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: map2.hwcdn.net
| servedby.flashtalking.com |
1
172.217.22.98
(Mountain View, United States)
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s18-in-f2.1e100.net
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s18-in-f2.1e100.net
| googleads.g.doubleclick.net |
1
52.222.150.108
(Seattle, United States)
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-150-108.fra53.r.cloudfront.net
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-150-108.fra53.r.cloudfront.net
| tag.demandbase.com |
5
104.111.228.202
(Amsterdam, Netherlands)
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-228-202.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-228-202.deploy.static.akamaitechnologies.com
| s7.addthis.com | |
| m.addthisedge.com |
3
2a05:f500:10:101::b93f:9105
(Ireland)
ASN14413 (LINKEDIN - LinkedIn Corporation, US)
ASN14413 (LINKEDIN - LinkedIn Corporation, US)
| px.ads.linkedin.com |
1
2a05:f500:10:101::b93f:9101
(Ireland)
ASN14413 (LINKEDIN - LinkedIn Corporation, US)
ASN14413 (LINKEDIN - LinkedIn Corporation, US)
| www.linkedin.com |
1
52.222.150.46
(Seattle, United States)
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-150-46.fra53.r.cloudfront.net
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-150-46.fra53.r.cloudfront.net
| api.company-target.com |
4
35.190.27.37
(Mountain View, United States)
ASN15169 (GOOGLE - Google LLC, US)
PTR: 37.27.190.35.bc.googleusercontent.com
ASN15169 (GOOGLE - Google LLC, US)
PTR: 37.27.190.35.bc.googleusercontent.com
| d.company-target.com |
2
52.31.82.142
(Dublin, Ireland)
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-31-82-142.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-31-82-142.eu-west-1.compute.amazonaws.com
| match.prod.bidr.io |
1
52.222.150.213
(Seattle, United States)
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-150-213.fra53.r.cloudfront.net
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-150-213.fra53.r.cloudfront.net
| segments.company-target.com |
2
34.233.77.49
(Ashburn, United States)
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-233-77-49.compute-1.amazonaws.com
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-233-77-49.compute-1.amazonaws.com
| id.rlcdn.com |
1
52.222.150.40
(Seattle, United States)
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-150-40.fra53.r.cloudfront.net
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-150-40.fra53.r.cloudfront.net
| segments.company-target.com |
1
199.15.215.200
(San Mateo, United States)
ASN53580 (MARKETO - MARKETO, Inc., US)
ASN53580 (MARKETO - MARKETO, Inc., US)
| 848-did-242.mktoresp.com |
1
188.125.66.33
(Ireland)
ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com
ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com
| sp.analytics.yahoo.com |
1
66.117.29.11
(Lehi, United States)
ASN15224 (OMNITURE - Adobe Systems Inc., US)
ASN15224 (OMNITURE - Adobe Systems Inc., US)
| fireeye.tt.omtrdc.net |
3
172.82.228.19
(Lehi, United States)
ASN15224 (OMNITURE - Adobe Systems Inc., US)
PTR: *.sc.omtrdc.net
ASN15224 (OMNITURE - Adobe Systems Inc., US)
PTR: *.sc.omtrdc.net
| fireeye.sc.omtrdc.net |
4
2606:2800:234:46c:e8b:1e2f:2bd:694
(United States)
ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
| platform.twitter.com |
1
2606:2800:234:59:254c:406:2366:268c
(United States)
ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
| platform.twitter.com |
1
104.244.42.8
(San Francisco, United States)
ASN13414 (TWITTER - Twitter Inc., US)
ASN13414 (TWITTER - Twitter Inc., US)
| syndication.twitter.com |
| Domain | Requested by | |
|---|---|---|
| 43 | www.fireeye.com |
www.fireeye.com
|
| 6 | www.google-analytics.com |
1 redirects
www.googletagmanager.com
www.fireeye.com |
| 6 | www2.fireeye.com |
www.fireeye.com
www2.fireeye.com |
| 5 | platform.twitter.com |
s7.addthis.com
platform.twitter.com |
| 4 | apis.google.com |
s7.addthis.com
apis.google.com |
| 4 | d.company-target.com |
2 redirects
www.fireeye.com
|
| 4 | s7.addthis.com |
www.fireeye.com
s7.addthis.com |
| 3 | fireeye.sc.omtrdc.net |
assets.adobedtm.com
www.fireeye.com |
| 3 | px.ads.linkedin.com |
2 redirects
www.fireeye.com
|
| 3 | www.facebook.com |
www.fireeye.com
www.googletagmanager.com connect.facebook.net |
| 3 | connect.facebook.net |
www.fireeye.com
connect.facebook.net s7.addthis.com |
| 3 | www.google.com |
2 redirects
www.fireeye.com
|
| 3 | assets.adobedtm.com |
www.fireeye.com
assets.adobedtm.com |
| 3 | stats.g.doubleclick.net |
2 redirects
www.fireeye.com
|
| 2 | id.rlcdn.com | 2 redirects |
| 2 | segments.company-target.com |
www.fireeye.com
|
| 2 | match.prod.bidr.io | 2 redirects |
| 2 | 8443343.fls.doubleclick.net |
1 redirects
www.googletagmanager.com
|
| 2 | bat.bing.com |
www.googletagmanager.com
www.fireeye.com |
| 2 | www.google.de |
www.fireeye.com
|
| 2 | www.googletagmanager.com |
www.fireeye.com
www.googletagmanager.com |
| 2 | munchkin.marketo.net |
www.fireeye.com
munchkin.marketo.net |
| 1 | syndication.twitter.com | 1 redirects |
| 1 | accounts.google.com |
apis.google.com
|
| 1 | staticxx.facebook.com |
connect.facebook.net
|
| 1 | m.addthisedge.com |
s7.addthis.com
|
| 1 | fireeye.tt.omtrdc.net |
assets.adobedtm.com
|
| 1 | sp.analytics.yahoo.com |
s.yimg.com
|
| 1 | www.google.com.ua |
www.fireeye.com
|
| 1 | 848-did-242.mktoresp.com |
munchkin.marketo.net
|
| 1 | api.company-target.com |
tag.demandbase.com
|
| 1 | www.linkedin.com | 1 redirects |
| 1 | tag.demandbase.com |
www.fireeye.com
|
| 1 | googleads.g.doubleclick.net |
www.googleadservices.com
|
| 1 | servedby.flashtalking.com |
www.fireeye.com
|
| 1 | s.yimg.com |
www.fireeye.com
|
| 1 | cdn.tt.omtrdc.net |
assets.adobedtm.com
|
| 1 | dpm.demdex.net |
assets.adobedtm.com
|
| 1 | sjs.bizographics.com |
www.googletagmanager.com
|
| 1 | js.maxmind.com |
www.fireeye.com
|
| 1 | www.googleadservices.com |
www.fireeye.com
|
| 1 | cloud.typography.com | 1 redirects |
| 112 | 42 |
This site contains links to these domains. Also see Links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| fireeye.com Entrust Certification Authority - L1K |
2018-05-07 - 2020-05-06 |
2 years | crt.sh |
| www2.fireeye.com CloudFlare Inc ECC CA-2 |
2018-05-07 - 2019-05-07 |
a year | crt.sh |
| *.doubleclick.net Google Internet Authority G3 |
2018-07-24 - 2018-10-02 |
2 months | crt.sh |
| servedby.flashtalking.com GeoTrust RSA CA 2018 |
2018-02-13 - 2019-02-13 |
a year | crt.sh |
| *.facebook.com DigiCert SHA2 High Assurance Server CA |
2017-12-15 - 2019-03-22 |
a year | crt.sh |
| odc-prod-01.oracle.com DigiCert ECC Secure Server CA |
2018-05-06 - 2019-08-05 |
a year | crt.sh |
| *.twimg.com DigiCert SHA2 High Assurance Server CA |
2017-12-02 - 2018-12-05 |
a year | crt.sh |
| *.apis.google.com Google Internet Authority G3 |
2018-07-24 - 2018-10-02 |
2 months | crt.sh |
| accounts.google.com Google Internet Authority G3 |
2018-07-24 - 2018-10-02 |
2 months | crt.sh |
This page contains 13 frames:
Primary Page:
https://www.fireeye.com/blog/threat-research/2018/07/microsoft-office-vulnerabilities-used-to-distribute-felixroot-backdoor.html
Frame ID: A67528735CC4CAFC9D449FA8B98DED99
Requests: 108 HTTP requests in this frame
Frame:
https://8443343.fls.doubleclick.net/activityi;dc_pre=CMiDvv-J2NwCFTeI7Qod-bYLMA;src=8443343;type=sitew0;cat=firee0;ord=6584040823777;gtm=d7n;u1=https%3A%2F%2Fwww.fireeye.com%2Fblog%2Fthreat-research%2F2018%2F07%2Fmicrosoft-office-vulnerabilities-used-to-distribute-felixroot-backdoor.html;~oref=https%3A%2F%2Fwww.fireeye.com%2Fblog%2Fthreat-research%2F2018%2F07%2Fmicrosoft-office-vulnerabilities-used-to-distribute-felixroot-backdoor.html
Frame ID: EFC8E55E535E9D84B7B23C4CF3A43F5A
Requests: 1 HTTP requests in this frame
Frame:
https://servedby.flashtalking.com/container/6639;55678;5918;iframe/?ft_referrer=https%3A//www.fireeye.com/blog/threat-research/2018/07/microsoft-office-vulnerabilities-used-to-distribute-felixroot-backdoor.html&ns=&cb=812288.1987518704
Frame ID: ECA442514E201EF1A3BD20FC708A637B
Requests: 1 HTTP requests in this frame
Frame:
https://www.facebook.com/tr/
Frame ID: A71E1AC5C75D7235DA3A8BCD9BE081FD
Requests: 1 HTTP requests in this frame
Frame:
https://www2.fireeye.com/index.php/form/XDFrame
Frame ID: 711605E018000F4488AFE09A9AFB97E8
Requests: 2 HTTP requests in this frame
Frame:
https://s7.addthis.com/static/linkedin.html
Frame ID: 4373AE129BF6D8593E3686A2175A281D
Requests: 1 HTTP requests in this frame
Frame:
https://platform.twitter.com/widgets/widget_iframe.cb6df5c11eb74c4885e17101a777cb60.html?origin=https%3A%2F%2Fwww.fireeye.com&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings
Frame ID: 2C3BF3C71C81346047495F0F6E430D4B
Requests: 1 HTTP requests in this frame
Frame:
https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=tall&annotation=none&hl=en-US&origin=https%3A%2F%2Fwww.fireeye.com&url=https%3A%2F%2Fwww.fireeye.com%2Fblog%2Fthreat-research%2F2018%2F07%2Fmicrosoft-office-vulnerabilities-used-to-distribute-felixroot-backdoor.html&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.TqaQNVeFxMU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCPytoJJIUVdyWIQSRWhwiNEvVkh0g%2Fm%3D__features__
Frame ID: 6CA10E9EE42F0C1934C5150B2188EB88
Requests: 1 HTTP requests in this frame
Frame:
https://platform.twitter.com/widgets/tweet_button.cb6df5c11eb74c4885e17101a777cb60.en.html
Frame ID: C5489EC9FE3C13B066D6C6E66E4723E5
Requests: 1 HTTP requests in this frame
Frame:
https://staticxx.facebook.com/connect/xd_arbiter/r/QX17B8fU-Vm.js?version=42
Frame ID: 47969F3F07D73D7B32F0C7EC7AA04354
Requests: 1 HTTP requests in this frame
Frame:
https://www.facebook.com/v2.6/plugins/share_button.php?app_id=172525162793917&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FQX17B8fU-Vm.js%3Fversion%3D42%23cb%3Df3d28855dbf04a4%26domain%3Dwww.fireeye.com%26origin%3Dhttps%253A%252F%252Fwww.fireeye.com%252Ff274da3c653414%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.fireeye.com%2Fblog%2Fthreat-research%2F2018%2F07%2Fmicrosoft-office-vulnerabilities-used-to-distribute-felixroot-backdoor.html&layout=button&locale=en_US&sdk=joey
Frame ID: DC6BAF783A6E52CCE5C3712AD67D40F9
Requests: 1 HTTP requests in this frame
Frame:
https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.fireeye.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.TqaQNVeFxMU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCPytoJJIUVdyWIQSRWhwiNEvVkh0g%2Fm%3D__features__
Frame ID: 15267879881CE6EC0395EB8E183272D4
Requests: 1 HTTP requests in this frame
Frame:
https://platform.twitter.com/jot.html
Frame ID: 7BBECD619CE508960B4FBC59D72C1ADE
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
Adobe Experience Manager
(CMS)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /\/etc\/designs\//i
Java
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /\/etc\/designs\//i
AddThis
(Widgets)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /addthis\.com\/js\//i
- env /^addthis/i
Facebook
(Widgets)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
- env /^gaGlobal$/i
Google Plus
(Widgets)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /apis\.google\.com\/js\/[a-z]*\.js/i
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- env /^google_tag_manager$/i
Marketo
(Marketing Automation)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- env /^Munchkin$/i
Modernizr
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- env /^Modernizr$/i
SiteCatalyst
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /\/s[_-]code.*\.js/i
- env /^s_(?:account|objectID|code|INST)$/i
Twitter
(Widgets)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /\/\/platform\.twitter\.com\/widgets\.js/i
YUI
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- env /^YAHOO$/i
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /jquery.*\.js/i
- env /^jQuery$/i
Page Statistics
22 Outgoing links
These are links going to different origins than the main page.
URL: https://tfs.fireeye.com/
Title: Partner Enablement
Title: Partner Enablement
Search URL Search Domain Scan URL
URL: http://partnerportal.fireeye.com/
Title: Partner Portal
Title: Partner Portal
Search URL Search Domain Scan URL
URL: http://training.fireeye.com/
Title: Partner Education Center
Title: Partner Education Center
Search URL Search Domain Scan URL
URL: https://www2.fireeye.com/Partner-Request-LP-New.html
Title: Become a Partner
Title: Become a Partner
Search URL Search Domain Scan URL
URL: https://csportal.fireeye.com/secur/login_portal.jsp?orgId=00D3000000063LS&portalId=06030000000pSNE
Title: Customer Portal
Title: Customer Portal
Search URL Search Domain Scan URL
URL: https://community.fireeye.com/
Title: Communities
Title: Communities
Search URL Search Domain Scan URL
URL: https://docs.fireeye.com/
Title: Documentation Portal
Title: Documentation Portal
Search URL Search Domain Scan URL
URL: http://investors.fireeye.com/
Title: Investor Relations
Title: Investor Relations
Search URL Search Domain Scan URL
URL: http://universityrelations.fireeye.com/
Title: University Relations
Title: University Relations
Search URL Search Domain Scan URL
URL: https://www2.fireeye.com/manage-your-preferences.html
Title: Email Preferences
Title: Email Preferences
Search URL Search Domain Scan URL
URL: https://community.fireeye.com/welcome
Title: Communities
Title: Communities
Search URL Search Domain Scan URL
URL: https://www.linkedin.com/company/fireeye
Title: LinkedIn
Title: LinkedIn
Search URL Search Domain Scan URL
URL: https://twitter.com/fireeye
Title: Twitter
Title: Twitter
Search URL Search Domain Scan URL
URL: https://www.facebook.com/FireEye
Title: Facebook
Title: Facebook
Search URL Search Domain Scan URL
URL: https://plus.google.com/+Fireeye
Title: Google+
Title: Google+
Search URL Search Domain Scan URL
URL: https://www.youtube.com/user/FireEyeInc
Title: YouTube
Title: YouTube
Search URL Search Domain Scan URL
URL: https://itunes.apple.com/us/podcast/eye-on-security/id1073779629?mt=2
Title: Podcast
Title: Podcast
Search URL Search Domain Scan URL
URL: https://www.fireeye.fr/
Title: French (Français)
Title: French (Français)
Search URL Search Domain Scan URL
URL: https://www.fireeye.de/
Title: German (Deutsch)
Title: German (Deutsch)
Search URL Search Domain Scan URL
URL: https://www.fireeye.jp/
Title: Japanese (日本語)
Title: Japanese (日本語)
Search URL Search Domain Scan URL
URL: https://www.fireeye.kr/
Title: Korean (í•œêµì–´)
Title: Korean (í•œêµì–´)
Search URL Search Domain Scan URL
URL: https://www.addthis.com/website-tools/overview?utm_source=AddThis%20Tools&utm_medium=image
Title: AddThis
Title: AddThis
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 3- https://cloud.typography.com/6746836/6977592/css/fonts.css HTTP 302
- https://www.fireeye.com/content/dam/fireeye-www/fw/f/651819/F3FCCD5E6343B3320.css
- https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=498229334&utmhn=www.fireeye.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Microsoft%20Office%20Vulnerabilities%20Used%20to%20Distribute%20FELIXROOT%20Backdoor%20in%20Recent%20Campaign%20%C2%AB%20Microsoft%20Office%20Vulnerabilities%20Used%20to%20Distribute%20FELIXROOT%20Backdoor%20in%20Recent%20Campaign%20%7C%20FireEye%20Inc&utmhid=85355523&utmr=-&utmp=%2Fblog%2Fthreat-research%2F2018%2F07%2Fmicrosoft-office-vulnerabilities-used-to-distribute-felixroot-backdoor.html&utmht=1533546525999&utmac=UA-363943-1&utmcc=__utma%3D214676736.1017023161.1533546526.1533546526.1533546526.1%3B%2B__utmz%3D214676736.1533546526.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=804648996&utmredir=3&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-363943-1&cid=1017023161.1533546526&jid=804648996&_v=5.7.2dc&z=498229334 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-363943-1&cid=1017023161.1533546526&jid=804648996&_v=5.7.2dc&z=498229334&slf_rd=1&random=892289282
- https://8443343.fls.doubleclick.net/activityi;src=8443343;type=sitew0;cat=firee0;ord=6584040823777;gtm=d7n;u1=https%3A%2F%2Fwww.fireeye.com%2Fblog%2Fthreat-research%2F2018%2F07%2Fmicrosoft-office-vulnerabilities-used-to-distribute-felixroot-backdoor.html;~oref=https%3A%2F%2Fwww.fireeye.com%2Fblog%2Fthreat-research%2F2018%2F07%2Fmicrosoft-office-vulnerabilities-used-to-distribute-felixroot-backdoor.html HTTP 302
- https://8443343.fls.doubleclick.net/activityi;dc_pre=CMiDvv-J2NwCFTeI7Qod-bYLMA;src=8443343;type=sitew0;cat=firee0;ord=6584040823777;gtm=d7n;u1=https%3A%2F%2Fwww.fireeye.com%2Fblog%2Fthreat-research%2F2018%2F07%2Fmicrosoft-office-vulnerabilities-used-to-distribute-felixroot-backdoor.html;~oref=https%3A%2F%2Fwww.fireeye.com%2Fblog%2Fthreat-research%2F2018%2F07%2Fmicrosoft-office-vulnerabilities-used-to-distribute-felixroot-backdoor.html
- https://px.ads.linkedin.com/collect/?time=1533546526391&pid=6572&url=https%3A%2F%2Fwww.fireeye.com%2Fblog%2Fthreat-research%2F2018%2F07%2Fmicrosoft-office-vulnerabilities-used-to-distribute-felixroot-backdoor.html&pageUrl=https%3A%2F%2Fwww.fireeye.com%2Fblog%2Fthreat-research%2F2018%2F07%2Fmicrosoft-office-vulnerabilities-used-to-distribute-felixroot-backdoor.html&ref=&fmt=js&s=1 HTTP 302
- https://px.ads.linkedin.com/collect/?time=1533546526391&pid=6572&url=https%3A%2F%2Fwww.fireeye.com%2Fblog%2Fthreat-research%2F2018%2F07%2Fmicrosoft-office-vulnerabilities-used-to-distribute-felixroot-backdoor.html&pageUrl=https%3A%2F%2Fwww.fireeye.com%2Fblog%2Fthreat-research%2F2018%2F07%2Fmicrosoft-office-vulnerabilities-used-to-distribute-felixroot-backdoor.html&ref=&fmt=js&s=1&cookiesTest=true HTTP 302
- https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%2F%3Ftime%3D1533546526391%26pid%3D6572%26url%3Dhttps%253A%252F%252Fwww.fireeye.com%252Fblog%252Fthreat-research%252F2018%252F07%252Fmicrosoft-office-vulnerabilities-used-to-distribute-felixroot-backdoor.html%26pageUrl%3Dhttps%253A%252F%252Fwww.fireeye.com%252Fblog%252Fthreat-research%252F2018%252F07%252Fmicrosoft-office-vulnerabilities-used-to-distribute-felixroot-backdoor.html%26ref%3D%26fmt%3Djs%26s%3D1%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
- https://px.ads.linkedin.com/collect/?time=1533546526391&pid=6572&url=https%3A%2F%2Fwww.fireeye.com%2Fblog%2Fthreat-research%2F2018%2F07%2Fmicrosoft-office-vulnerabilities-used-to-distribute-felixroot-backdoor.html&pageUrl=https%3A%2F%2Fwww.fireeye.com%2Fblog%2Fthreat-research%2F2018%2F07%2Fmicrosoft-office-vulnerabilities-used-to-distribute-felixroot-backdoor.html&ref=&fmt=js&s=1&cookiesTest=true&liSync=true
- https://d.company-target.com/pixel?type=js&id=15318698543518&page=https%3A%2F%2Fwww.fireeye.com%2Fblog%2Fthreat-research%2F2018%2F07%2Fmicrosoft-office-vulnerabilities-used-to-distribute-felixroot-backdoor.html HTTP 302
- https://d.company-target.com/ul_cb/pixel?type=js&id=15318698543518&page=https%3A%2F%2Fwww.fireeye.com%2Fblog%2Fthreat-research%2F2018%2F07%2Fmicrosoft-office-vulnerabilities-used-to-distribute-felixroot-backdoor.html
- https://d.company-target.com/pixel?type=js&id=15318698546646&page=https%3A%2F%2Fwww.fireeye.com%2Fblog%2Fthreat-research%2F2018%2F07%2Fmicrosoft-office-vulnerabilities-used-to-distribute-felixroot-backdoor.html HTTP 302
- https://d.company-target.com/ul_cb/pixel?type=js&id=15318698546646&page=https%3A%2F%2Fwww.fireeye.com%2Fblog%2Fthreat-research%2F2018%2F07%2Fmicrosoft-office-vulnerabilities-used-to-distribute-felixroot-backdoor.html
- https://match.prod.bidr.io/cookie-sync/demandbase HTTP 303
- https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1 HTTP 303
- https://segments.company-target.com/log?vendor=choca&user_id=AAFptU620CAAACwXEAEUiw
- https://id.rlcdn.com/464526.gif HTTP 302
- https://id.rlcdn.com/464526.gif?redirect=1 HTTP 302
- https://segments.company-target.com/wtk?vendor=liveramp&lrid=Xc1297vrw7Wz_x9Ipi38gpP7RjgFeVbLVrNoA7u1hWOOKfInU
- https://www.google-analytics.com/r/collect?v=1&_v=j68&a=85355523&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.fireeye.com%2Fblog%2Fthreat-research%2F2018%2F07%2Fmicrosoft-office-vulnerabilities-used-to-distribute-felixroot-backdoor.html&ul=en-us&de=UTF-8&dt=Microsoft%20Office%20Vulnerabilities%20Used%20to%20Distribute%20FELIXROOT%20Backdoor%20in%20Recent%20Campaign%20%C2%AB%20Microsoft%20Office%20Vulnerabilities%20Used%20to%20Distribute%20FELIXROOT%20Backdoor%20in%20Recent%20Campaign%20%7C%20FireEye%20Inc&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Forms&ea=WhitePaper%20Download&el=%2Fblog%2Fthreat-research%2F2018%2F07%2Fmicrosoft-office-vulnerabilities-used-to-distribute-felixroot-backdoor.html&_utma=214676736.1017023161.1533546526.1533546526.1533546526.1&_utmz=214676736.1533546526.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1533546527682&_u=YQBCAEAB~&jid=64580476&gjid=725738076&cid=1017023161.1533546526&tid=UA-363943-1&_gid=567808633.1533546528&_r=1>m=G7nMVGC8KK&z=996838896 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-363943-1&cid=1017023161.1533546526&jid=64580476&_gid=567808633.1533546528&gjid=725738076&_v=j68&z=996838896 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-363943-1&cid=1017023161.1533546526&jid=64580476&_v=j68&z=996838896 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-363943-1&cid=1017023161.1533546526&jid=64580476&_v=j68&z=996838896&slf_rd=1&random=2725176498
- https://syndication.twitter.com/i/jot HTTP 302
- https://platform.twitter.com/jot.html
112 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
microsoft-office-vulnerabilities-used-to-distribute-felixroot-backdoor.html
www.fireeye.com/blog/threat-research/2018/07/ |
69 KB 20 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.js
www.fireeye.com/etc.clientlibs/clientlibs/granite/ |
107 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
clientlibs_nav.min.js
www.fireeye.com/etc/designs/fireeye-www/ |
10 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cds.css
www.fireeye.com/etc/designs/fireeye-www/clientlibs_fw/css/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
F3FCCD5E6343B3320.css
www.fireeye.com/content/dam/fireeye-www/fw/f/651819/ Redirect Chain
|
245 KB 184 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
clientlibs_fw.min.css
www.fireeye.com/etc/designs/fireeye-www/ |
183 KB 36 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
clientlibs_base.min.css
www.fireeye.com/etc/clientlibs/fireeye-blog/ |
287 B 310 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
clientlibs_analytics.min.js
www.fireeye.com/etc/designs/fireeye-www/ |
2 KB 907 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utils.min.js
www.fireeye.com/etc.clientlibs/clientlibs/granite/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
granite.min.js
www.fireeye.com/etc.clientlibs/clientlibs/granite/jquery/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.js
www.fireeye.com/etc/clientlibs/foundation/ |
16 B 137 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
shared.min.js
www.fireeye.com/etc/clientlibs/foundation/ |
23 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
modern.min.js
www.fireeye.com/etc.clientlibs/clientlibs/granite/lodash/ |
33 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
kernel.min.js
www.fireeye.com/etc/clientlibs/foundation/personalization/ |
113 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fireeye-2-color.png
www.fireeye.com/content/dam/fireeye-www/fw/images/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Fig1a.png
www.fireeye.com/content/dam/fireeye-www/blog/images/FELIXROOT/ |
53 KB 54 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Fig2.png
www.fireeye.com/content/dam/fireeye-www/blog/images/FELIXROOT/ |
131 KB 132 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Fig3.png
www.fireeye.com/content/dam/fireeye-www/blog/images/FELIXROOT/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Fig4.png
www.fireeye.com/content/dam/fireeye-www/blog/images/FELIXROOT/ |
22 KB 22 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Fig5.png
www.fireeye.com/content/dam/fireeye-www/blog/images/FELIXROOT/ |
21 KB 22 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Fig6.png
www.fireeye.com/content/dam/fireeye-www/blog/images/FELIXROOT/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Fig7.png
www.fireeye.com/content/dam/fireeye-www/blog/images/FELIXROOT/ |
13 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Fig8.png
www.fireeye.com/content/dam/fireeye-www/blog/images/FELIXROOT/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Fig9.png
www.fireeye.com/content/dam/fireeye-www/blog/images/FELIXROOT/ |
78 KB 79 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Fig10.png
www.fireeye.com/content/dam/fireeye-www/blog/images/FELIXROOT/ |
191 KB 192 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Fig11.png
www.fireeye.com/content/dam/fireeye-www/blog/images/FELIXROOT/ |
19 KB 19 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Fig12.png
www.fireeye.com/content/dam/fireeye-www/blog/images/FELIXROOT/ |
244 KB 245 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Fig13.png
www.fireeye.com/content/dam/fireeye-www/blog/images/FELIXROOT/ |
256 KB 258 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Fig14.png
www.fireeye.com/content/dam/fireeye-www/blog/images/FELIXROOT/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Fig15.png
www.fireeye.com/content/dam/fireeye-www/blog/images/FELIXROOT/ |
28 KB 28 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Fig16.png
www.fireeye.com/content/dam/fireeye-www/blog/images/FELIXROOT/ |
107 KB 108 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
forms2.min.js
www2.fireeye.com/js/forms2/js/ |
169 KB 57 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rss.png
www.fireeye.com/content/dam/legacy/images/blog/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
clientlibs_fw.min.js
www.fireeye.com/etc/designs/fireeye-www/ |
145 KB 44 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
munchkin.js
munchkin.marketo.net/ |
1 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
conversion.js
www.googleadservices.com/pagead/ |
19 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
gtm.js
www.googletagmanager.com/ |
113 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
me
js.maxmind.com/geoip/v2.1/country/ |
93 B 410 B |
XHR
application/vnd.maxmind.com-error+json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
dc.js
stats.g.doubleclick.net/ |
45 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
satelliteLib-018e5c8fee015d61f6e2636ab102f2624be19551.js
assets.adobedtm.com/1790e736b614e0afecbbbf9be7069b90b875fdd6/ |
110 KB 34 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
insight.min.js
sjs.bizographics.com/ |
13 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
bat.js
bat.bing.com/ |
22 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
js
www.googletagmanager.com/gtag/ |
72 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
id
dpm.demdex.net/ |
219 B 965 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
mbox-contents-b8c0af0f30e70fb0504427e46d7b77a937a9d4a7.js
assets.adobedtm.com/1790e736b614e0afecbbbf9be7069b90b875fdd6/ |
40 KB 12 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
fbevents.js
connect.facebook.net/en_US/ |
43 KB 13 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
activityi;dc_pre=CMiDvv-J2NwCFTeI7Qod-bYLMA;src=8443343;type=sitew0;cat=firee0;ord=6584040823777;gtm=d7n;u1=https%3A%2F%2Fwww.fireeye.com%2Fblog%2Fthreat-research%2F2018%2F07%2Fmicrosoft-office-vul...
8443343.fls.doubleclick.net/ Frame EFC8 Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
0
bat.bing.com/action/ |
0 93 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
target.js
cdn.tt.omtrdc.net/cdn/ |
43 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
1847206522249226
connect.facebook.net/signals/config/ |
80 KB 16 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
hpb-bg-testimonial-blue.jpg
www.fireeye.com/content/dam/fireeye-www/brand/homepage-banner-images/ |
35 KB 35 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
13 KB 0 |
Font
application/x-font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
13 KB 0 |
Font
application/x-font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
13 KB 0 |
Font
application/x-font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fireicons.woff
www.fireeye.com/content/dam/fireeye-www/fw/f/ |
70 KB 35 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
13 KB 0 |
Font
application/x-font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
4 KB 0 |
Font
application/x-font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
4 KB 0 |
Font
application/x-font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
4 KB 0 |
Font
application/x-font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
4 KB 0 |
Font
application/x-font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
getForm
www2.fireeye.com/index.php/form/ |
12 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
/
www.facebook.com/tr/ |
44 B 245 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
ytc.js
s.yimg.com/wi/ |
15 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
servedby.flashtalking.com/container/6639;55678;5918;iframe/ Frame ECA4 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1063990389/ |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
41dad6d0.min.js
tag.demandbase.com/ |
54 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
addthis_widget.js
s7.addthis.com/js/300/ |
349 KB 112 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
_Incapsula_Resource
www.fireeye.com/ |
105 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
parsys-navigation.html
www.fireeye.com/shared/megamenus/jcr:content/ |
15 KB 2 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
segmentation.segment.js
www.fireeye.com/etc/ |
12 KB 1 KB |
XHR
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
stores.init.js
www.fireeye.com/etc/clientcontext/default/content/jcr:content/ |
5 KB 2 KB |
XHR
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
munchkin.js
munchkin.marketo.net/154/ |
8 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
s-code-contents-9ce38d55235aac587fd33aff852adda8ed05817d.js
assets.adobedtm.com/1790e736b614e0afecbbbf9be7069b90b875fdd6/ |
56 KB 21 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
/
px.ads.linkedin.com/collect/ Redirect Chain
|
0 111 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
ip.json
api.company-target.com/api/v2/ |
420 B 908 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
pixel
d.company-target.com/ul_cb/ Redirect Chain
|
283 B 283 B |
Image
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
pixel
d.company-target.com/ul_cb/ Redirect Chain
|
283 B 283 B |
Image
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
log
segments.company-target.com/ Redirect Chain
|
26 B 483 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
wtk
segments.company-target.com/ Redirect Chain
|
26 B 483 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
visitWebPage
848-did-242.mktoresp.com/webevents/ |
43 B 622 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
_Incapsula_Resource
www.fireeye.com/ |
1 B 34 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
/
www.google.com/ads/user-lists/1063990389/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
/
www.google.com.ua/ads/user-lists/1063990389/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
sp.pl
sp.analytics.yahoo.com/ |
0 1 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
ajax
fireeye.tt.omtrdc.net/m2/fireeye/mbox/ |
259 B 321 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
loader.json
www.fireeye.com/etc/clientcontext/default/contextstores/twitterprofiledata/ |
64 B 287 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
loader.json
www.fireeye.com/etc/clientcontext/default/contextstores/fbprofiledata/ |
63 B 319 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
loader.json
www.fireeye.com/etc/clientcontext/default/contextstores/fbinterestsdata/ |
5 B 113 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
id
fireeye.sc.omtrdc.net/ |
3 B 523 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
analytics.js
www.google-analytics.com/ |
34 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
forms2.css
www2.fireeye.com/js/forms2/css/ |
13 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
forms2-theme-simple.css
www2.fireeye.com/js/forms2/css/ |
826 B 326 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
/
www.facebook.com/tr/ Frame A71E |
0 0 |
Document
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
collect
www.google-analytics.com/ |
35 B 103 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
collect
www.google-analytics.com/ |
35 B 103 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
collect
www.google-analytics.com/ |
35 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
s52572758571194
fireeye.sc.omtrdc.net/b/ss/fireeyev1prod/1/JS-1.6.2-D7QN/ |
43 B 590 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
s52253084377799
fireeye.sc.omtrdc.net/b/ss/fireeyev1prod/1/JS-1.6.2-D7QN/ |
43 B 591 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
XDFrame
www2.fireeye.com/index.php/form/ Frame 7116 |
2 KB 740 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
forms2.min.js
www2.fireeye.com/js/forms2/js/ Frame 7116 |
169 KB 57 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
_ate.track.config_resp
m.addthisedge.com/live/boost/fewebadmin/ |
2 KB 909 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
collect
www.google-analytics.com/ |
35 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
layers.b01bacf303e2cf5c81a0.js
s7.addthis.com/static/ |
260 KB 74 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
sdk.js
connect.facebook.net/en_US/ |
218 KB 66 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
widgets.js
platform.twitter.com/ |
118 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
plusone.js
apis.google.com/js/ |
43 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
linkedin.html
s7.addthis.com/static/ Frame 4373 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
widget_iframe.cb6df5c11eb74c4885e17101a777cb60.html
platform.twitter.com/widgets/ Frame 2C3B |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
button.bf357a6ba1a5f1fa0ddb61377ae3add5.js
platform.twitter.com/js/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.TqaQNVeFxMU.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCPytoJJIUVdyWIQSRWhwiNEvVkh0g/ |
131 KB 46 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
cb=gapi.loaded_1
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.TqaQNVeFxMU.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCPytoJJIUVdyWIQSRWhwiNEvVkh0g/ |
98 KB 35 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fastbutton
apis.google.com/se/0/_/+1/ Frame 6CA1 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tweet_button.cb6df5c11eb74c4885e17101a777cb60.en.html
platform.twitter.com/widgets/ Frame C548 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
QX17B8fU-Vm.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame 4796 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
share_button.php
www.facebook.com/v2.6/plugins/ Frame DC6B |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
postmessageRelay
accounts.google.com/o/oauth2/ Frame 1526 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
132.43c7365b6d0b57a8b41f.js
s7.addthis.com/static/ |
418 B 602 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
443 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headersResponse headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jot.html
platform.twitter.com/ Frame 7BBE Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
291 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery object| matched object| browser object| dataLayer object| fdc object| geoip2 undefined| cookiesOK function| onAccept function| onDecline function| ipLocation string| userAgent boolean| gomezAgent boolean| prtgAgent object| _gaq object| addthis_config object| addthis_share string| host boolean| sputnikbotAgent boolean| uptimerobotAgent boolean| slackbotbingbotAgent boolean| ahcAgent boolean| rogerbotAgent boolean| caliperbotAgent boolean| scoutjetAgent boolean| ahrefsbotAgent boolean| superfeedrAgent boolean| twitterbotAgent boolean| mj12botAgent boolean| yandexbotAgent boolean| yahooslurpAgent boolean| googlebotAgent boolean| bingbotAgent object| Configuration object| _gat object| gaGlobal object| google_tag_manager string| _bizo_data_partner_id undefined| _bizo_data_partner_title undefined| _bizo_data_partner_domain undefined| _bizo_data_partner_company undefined| _bizo_data_partner_location undefined| _bizo_data_partner_employee_range undefined| _bizo_data_partner_sics undefined| _bizo_data_partner_email object| uetq function| onYouTubeIframeAPIReady function| Visitor boolean| A boolean| B object| _satellite object| s_c_il number| s_c_in function| targetPageParams object| digitalData function| gtag function| fbq function| _fbq function| UET string| mboxCopyright object| TNT function| se function| we function| ye function| Re function| mboxUrlBuilder function| mboxStandardFetcher function| mboxAjaxFetcher function| mboxMap function| mboxList function| mboxSignaler function| mboxLocatorDefault function| mboxLocatorNode function| mboxOfferContent function| mboxOfferAjax function| mboxOfferDefault function| mboxCookieManager function| mboxSession function| mboxPC function| mboxGetPageParameter function| mboxCookiePageDomain function| mboxShiftArray function| mboxGenerateId function| mboxScreenHeight function| mboxScreenWidth function| mboxBrowserWidth function| mboxBrowserHeight function| mboxBrowserTimeOffset function| mboxScreenColorDepth function| mbox function| mboxFactory object| mboxFactories object| mboxFactoryDefault number| mboxVersion function| mboxCreate function| mboxDefine function| mboxUpdate function| mboxVizTargetUrl function| mboxSetCookie function| mboxGetCookie object| _AT function| getSizzleForTarget object| Granite object| _g function| $CQ object| CQ undefined| G_XHR_HOOK undefined| G_RELOAD_HOOK undefined| G_IS_HOOKED undefined| G_CONTENT_PATH function| _ function| generateURLSignature function| initializeTeaserLoader function| initializeLandingPageLoader object| CQ_Analytics object| CQ_Context boolean| CQ_trackTeasersStats boolean| CQ_trackLandingPagesStats object| ClientContext object| ContextCloud object| MktoForms2 function| replaceQueryParam number| slideTotal number| currentSlide string| target function| getCurrentSlide function| showHideControls string| activeLbox function| calculateTopMargin function| closec08 function| updatec08 function| fixCta function| showNav function| showNavSub function| showNavMore function| initNav number| totalSlides function| changeSlide function| initCarousel function| msieversion undefined| intervalId function| showSuggestions undefined| startTimer object| jQuery112404827845534712567 object| html5 object| Modernizr function| yepnope object| respond function| mktoMunchkinFunction object| Munchkin function| mktoMunchkin string| ctaText object| ft_onetag_5918 object| google_conversion_id object| google_custom_params object| google_remarketing_only object| dotq function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_remarketing_for_search object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_evaluemrc object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_disable_merchant_reported_conversions function| _bizo_local_logger function| _bizo_fire_partners boolean| _bizo_main_already_called function| __extends object| Demandbase object| __db function| DBSegment string| GoogleAnalyticsObject function| ga object| MunchkinTracker object| ps number| c undefined| sacct_env string| s_account object| s object| visitor function| s_doPlugins function| AppMeasurement_Module_Integrate function| AppMeasurement_Module_Media function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq object| YAHOO undefined| I13N_Conf undefined| YWA_Global_Conf function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto object| campaigns object| queryString object| object number| qIndex object| gaplugins object| gaData object| s_YTO function| onYouTubePlayerReady function| s_YTp function| s_YTisa function| s_YTism function| s_YTgk function| onYouTubePlayerAPIReady function| s_YTdi function| s_YTei function| s_YTut function| s_YTdv function| s_YTv function| s_aE function| s_YTi object| s_i_fireeyev1prod object| jQuery112407915662008199269 function| __orig__fbAsyncInit function| fbAsyncInit object| ___gcfg function| _at_plusonecallback function| _at_pluscallback function| __twttrll object| twttr object| __twttr object| FB object| gapi object| ___jsl object| ___gu object| osapi object| gadgets object| shindig object| iframer function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| __gapi_jstiming__ object| _atw string| addthis_exclude boolean| addthis_use_personalization string| addthis_options_default string| addthis_options_rank string| addthis_options object| __callbacks number| len25 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .www2.fireeye.com/ | Name: __cfduid Value: d51e213f3883dacb230e7b77c11d0c1711533546526 |
|
| .flashtalking.com/ | Name: __qca Value: P0-788971588-1533546526485 |
|
| .doubleclick.net/ | Name: IDE Value: AHWqTUlTTtLyhnz2i3jfGYDk1Qimw9WeSg4juZPw5tI_DxW3cCw0LhmLZJbeOXeE |
|
| .fireeye.com/ | Name: _ga Value: GA1.2.1017023161.1533546526 |
|
| www.fireeye.com/ | Name: __atuvs Value: 5b68101ee0d9ffb9000 |
|
| .fireeye.com/ | Name: _mkto_trk Value: id:848-DID-242&token:_mch-fireeye.com-1533546526430-10547 |
|
| .fireeye.com/ | Name: tp Value: 12504 |
|
| .fireeye.com/ | Name: AMCV_12390CDB53E9CC840A490D4E%40AdobeOrg Value: 817868104%7CMCIDTS%7C17750%7CMCMID%7C78784523452449393490929378822492285795%7CMCAAMLH-1534151327%7C9%7CMCAAMB-1534151327%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1533553727s%7CNONE%7CMCAID%7CNONE |
|
| .fireeye.com/ | Name: s_ppv Value: us-en%253Ablog%253Athreat-research%253A2018%253A07%253Amicrosoft-office-vulnerabilities-used-to-distribute-felixroot-backdoor%2C10%2C10%2C1200 |
|
| .fireeye.com/ | Name: _gid Value: GA1.2.567808633.1533546528 |
|
| www.fireeye.com/ | Name: AWSELB Value: 5F2B578318E89D8E08CFED7804764C1968F619D94FD17C38A41A6BD9A191299823FFB8F15FA80D0B0DCA421C304FA45FC2B8DC265F96266DC22058073F7283791BC9BFBB69 |
|
| .fireeye.com/ | Name: _gat_UA-363943-1 Value: 1 |
|
| www2.fireeye.com/ | Name: BIGipServersjiweb-app_https Value: !kGryT9xYwaidjgSr6jIaQ+dbpC/uGoywf5aZocfkbS11Sb0LMnqlj3GCdttNWmb906KRZtX5LmJfhY0= |
|
| www.fireeye.com/ | Name: __atuvc Value: 1%7C32 |
|
| .fireeye.com/ | Name: __utmz Value: 214676736.1533546526.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none) |
|
| .fireeye.com/ | Name: AMCVS_12390CDB53E9CC840A490D4E%40AdobeOrg Value: 1 |
|
| .fireeye.com/ | Name: __utmc Value: 214676736 |
|
| .fireeye.com/ | Name: nlbi_153517 Value: K/jEGsE9ZxygGelF9aJbDAAAAAChMwLhL+aFdALsckTVa17Q |
|
| .fireeye.com/ | Name: incap_ses_534_153517 Value: ozC6LV9lFzzm4LPXziZpBx0QaFsAAAAA0NANZ7ptJleBmjZ7FOP8cw== |
|
| .fireeye.com/ | Name: __utmb Value: 214676736.1.10.1533546526 |
|
| .fireeye.com/ | Name: s_cc Value: true |
|
| .fireeye.com/ | Name: visid_incap_153517 Value: NhFveRbdTWq0d8q5ltEPXB0QaFsAAAAAQUIPAAAAAACCHQd7d/zqZkgYjrG53mZ1 |
|
| .fireeye.com/ | Name: __utma Value: 214676736.1017023161.1533546526.1533546526.1533546526.1 |
|
| .fireeye.com/ | Name: __utmt Value: 1 |
|
| .fireeye.com/ | Name: mbox Value: check#true#1533546587|session#e8f81f1df9344c44b350cf704228b32c#1533548387|PC#e8f81f1df9344c44b350cf704228b32c.26_21#1534756128 |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Content-Security-Policy | default-src https: data: 'unsafe-inline' 'unsafe-eval' |
| Strict-Transport-Security | max-age=31536000; includeSubDomains |
| X-Content-Type-Options | nosniff |
| X-Frame-Options | SAMEORIGIN |
| X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
8443343.fls.doubleclick.net
848-did-242.mktoresp.com
accounts.google.com
api.company-target.com
apis.google.com
assets.adobedtm.com
bat.bing.com
cdn.tt.omtrdc.net
cloud.typography.com
connect.facebook.net
d.company-target.com
dpm.demdex.net
fireeye.sc.omtrdc.net
fireeye.tt.omtrdc.net
googleads.g.doubleclick.net
id.rlcdn.com
js.maxmind.com
m.addthisedge.com
match.prod.bidr.io
munchkin.marketo.net
platform.twitter.com
px.ads.linkedin.com
s.yimg.com
s7.addthis.com
segments.company-target.com
servedby.flashtalking.com
sjs.bizographics.com
sp.analytics.yahoo.com
staticxx.facebook.com
stats.g.doubleclick.net
syndication.twitter.com
tag.demandbase.com
www.facebook.com
www.fireeye.com
www.google-analytics.com
www.google.com
www.google.com.ua
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www2.fireeye.com
104.109.87.116
104.111.228.202
104.111.242.254
104.17.74.206
104.244.42.8
172.217.16.162
172.217.22.70
172.217.22.98
172.82.228.19
188.125.66.33
199.15.215.200
2.18.232.23
2.19.35.110
204.79.197.200
205.185.216.10
2400:cb00:2048:1::6810:262f
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:2800:234:59:254c:406:2366:268c
2a00:1288:80:800::7000
2a00:1450:4001:810::2003
2a00:1450:4001:810::2008
2a00:1450:4001:810::200e
2a00:1450:4001:81c::2003
2a00:1450:4001:81c::2004
2a00:1450:4001:81c::200d
2a00:1450:4001:81c::200e
2a00:1450:400c:c0a::9b
2a02:26f0:6c00:2bf::3adf
2a02:e980:d::ba
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8086:face:b00c:0:50fb
2a05:f500:10:101::b93f:9101
2a05:f500:10:101::b93f:9105
34.215.33.107
34.233.77.49
35.190.27.37
52.222.150.108
52.222.150.213
52.222.150.40
52.222.150.46
52.31.82.142
66.117.29.11
017bf8b7865aa3589f54e881370a1bcf1d4251ffead66504e0f15fdfad7ffceb
0410d8671f6a87c0174dcee605eb829c4fb9e78f1f4f8139a01edfd198e14014
08ada830a022251d78d15cefd38549eda4c4f24ba25845ff2280d23cafe2a178
0914d1fb1c58b2a0f48800b98fa271603e0b01dfdae72c53d622f0ea754c84ea
0ae822b18c929c3cf57ce3fcc6132fa43c469d9c28216355b617dffd60b76ff9
0d1e4ec6235dcfe83b8acd4b53c23c0219f907814d53e3f7802bee9a6a30d6d7
0efa590cfba5132ba573c3c97225c7d0960af17a364f23eff070d3f79f3a9b01
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
131a708362e03033c4d288cb86215931c3eb004172dc2d8f5c630fe5fac898da
14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c
14f5c3507c3529201adf46f8d0bd4cac4cf8ee74b08c1143020dc577a86a66ef
18ad069a01e5d14399007134cd081cec588abf25b9f87382b1f153e274b2c0ef
192e93e4b8cf934c53c81d6ce1121e4d244cd673b343267e70b237a7250ca733
1a6eab8dbf1f24fa569387f02bbbf6db93281ff003e15a658832a4b597a9dd70
1d43da43d38da44cd99af5ae3ef3a6619d10027b46d4ba3df4f8ee0f59951a07
209f0594f470dd81e958be83e324d48aa07d394c7ec39f196fb38ca1b8de3690
24fcd0a4c287c27588057b26feb88936f6a9f65706d687cd368e78804bc70a7a
2c8f585f6eb6a9e8760ab07a76ea5e5c4d0b55631ed86d393e345594242e939e
30c33ccc7f53be5fdfcc773605a1812855e023ba0ba30acc6a129123788b78dc
3184cf0ad08a1d1717d57dec220001ab34e08bd3c337de3b5b59ed226edd05f5
33e55547663942f701b1d681cc9209e9c90b47d70d5e56332f5303db8b4307f5
3627daa1cd7b219aeeb56450d73bbf7fe0bbe363ab8c3a28879dd687b4af20b4
369ab28880fd9a6db78f62108a7edaa49a729f16b73a5e9073b102c755448ef6
395f1bb5a6f5f9ca91043b0d1f3520e7ca6a540d16baf1ca32eb98e270f0dabb
397d07fbfb19b6ac538d7b8bcdf5ebf7be881c9f9ad3982278d9d4f3a02c160b
3a81ad9bc69582468671824f1bd4b9e3c3c82ce201480394e47b04a534cb7094
3a9b1aaf047d7ab5119bb338a86bee9788c4e79392d4abb12408d62bec6e86fb
3b5aa428cefbf6e005cdfd186f0fb3422a8810e9ef21af9f37a97ec2ee70da54
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3def2fdee0e6288ea076c7c2d0db897efec9762062cfb7a52b0d4087eeb212eb
3e27833ceccc8ba3f9aeb85e887d1c2f1f8bc08358cf3c9e4fb170efa843f3e7
3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3
402ab1ff6a10cf3d24e3940f0c1f3546cdb813afdfa2544c3524af545255986c
41c3f798bdde59c64755a4c33767a0e71b52dd39c21f4ab89fd12634582f3bed
433fb5a9934811099ea8158aa37244f52e86495cd0ce8a43dbdea8e1f2073900
469d064da371faffa6c64a5cf5c04cb3080693027f402e8c114452eb74e87c17
47ab2c68d4d2a483c9acca1adfa39a747e60d90ebc2d4a20e286f4395f5b155d
5289840c115a8725f816552aae25f03c928c019256a7547a9f8652a19f05ceba
52a51ec8c008b080e8417ddb122ac4a5e58a547b5eaf0a6a40fd6865ec66fc0c
5529960538c68ee9fae25260035ba2191ea3141953179b00be4efdb47595d1f2
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
59d8cbfebb4f79e50b9466511d83277efff592f4b05c3750eb9a0131dedac244
5b0454427cef5e4c09cad48c5b421f4d23d9a0689f4519f17956af263bf77d3b
5e0beae4c0b13239ff1eac7a07bce99525350d08fcef21eb5ae893a4dd046d7f
5e4a8318d1cc410dbb2beaa0c3480335b5a71cd67728c97288ad619e34169058
60ec7a2fab5277432c8f9f8c9cf44a20f1a0cf880d7724c22e681ab6152c0741
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
67a99837e80451fd25c1abdf9c96a984bf2aff964034155311361e47213f748b
69070c1ea5fb699759e671e04096910961b0b075dd7269d141f705f0d79d6202
69b05c602821aa27f27d35a29ccdfa4d2e7f7403c26a57b210efce6ad20a4b14
6a5693863292de1aabc2597093412dc77fae1e5429488ce7284ec62b242ed65e
6b14ea5fc64171a1b09271b769c1f0e13315a7cb42713a2726d84d66b4e328f4
6d636eb365fb3f421e0dc0779a92ceb7815a88c9a95b1db0217f97cf0d918650
71ef2be76ecf12f431795805b6bfb5a20523b7692be0e6106e8e2d18d3d33632
752c7139c09399f8cddbab1d71aeb083524c9b8c03bd2e4b90a966f5a2bdc763
78846ac43ccf16aeb16972cd02293510d5b0b85c0a51a4d6bed3d4495371e07e
794726d8c8a0537a40788be73391b64e6ba84d8b3e9d1e4a477967fe9a8fb7b3
7b86d506062bf09d8db4e081fbf442b773929e5c13a70f415243e12185f37767
7ed6ac2c5472d79591246ec8c4d39d2cdbe387f8a7c481b05e5a5c95d53d1dd6
809b051d2e74918c276af3983418c43f96f14fa873484df946364f4946150905
81ab8dfb5ecffa4d5b35f87a6e1d8ebdd5b62563ae1fc26d4c72fd176f3c394a
81b98272eb9e06fe6d9fe50c228d0370bfae50b2db6cc6e91ae587d029afb34e
82bbf4a0f25757d1c9b9f18672eabf510965e4873e9d989a407823eac0d99259
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
91cd9586900ebf562dbd164f3832e4671db2f6a733b595f7122ba3a0543ade80
9298a280eda6b54290d3c69fda3ae7da0cec1a0169d01d4e5944af63d68939d5
9c4592519a4cfc8940c9f97d6e2474547e5727f21672bc4f6207f96bb9d43211
9c9430c197476f80275443261f9c704c4fa44209e1a73a70acc5432df543c7f0
9cb61d1b77963810d54c18b32a133870a6094c5e5afa82da0684575dad823099
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a20e7e269dcfd108ca39cc2bab41e0d7620b039b623b19ed4d7c3c22186b6cd0
a9e460758dbcc0782220f053b3c7962542e8ce5e8acfb2cf0648a601ed0591bc
af3448cd96702455db358ac221e082df9ffb5f43bb3c69df18b9ae2fe4a552b5
b30bc19cf7a340210216b75c5929cefde1e35d2e6c52ba559af1f4704fdb2138
b6143b6b4d86918d18cd84b60ae0f37f74522fc145896a4f9645746070cb28d4
b98760d7e5051e8f96a6e05873aabf360e26f9569b68f50f8444055c993748a2
bcf5ca1256b444bb0c6f30c83a6b56833fea661c7ebaa04e66b245cf8e3c2aef
bd999047408eaf20ae15ab916d344330d118fa72b0703fa1784deb648d36bb7a
c084b47104c493fb377b6d35d8c08df67d773f6dcf8294c0a7360710cd8cacbd
c22c981024f4eee7d3fe84d0b54a199922ad14098e74c8fa17145397d9775d4a
c6a13a885710ba5f2094f58b67d9f0af0f8d7c13933694975c23913591a23dca
c94a7abd974c79856c19536bcc51acbfd28c72d8027980e5a46fede8f0064481
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cbbd42bb1d88693e6805bd9d676840424af5ecf3e13d874fd06e6b57d53d8d40
d38378229be077a1ac4fe516d8197766a0e49e4ad5083b548838c3ddad7f0b4d
d8e690c5a973851f2c3d8a7a945c738e6600499b280b42362d64b998c846ff80
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e580c8dd11c99f0c0cd192eae38111da3b261a0716afacb231ee5ead5f1aac69
e5f8d0ce988d869b287f9498b3c779eaddd47b3e19c5fd82fee9f286e8f74298
e79dc381e2d420fcabd9fcf2602906a59faea2b86c3ec59d66773ba4c68a8583
eb9f5c6e7887dbc763d63af2d1dffc086d71210b2501abf22768310d7d3db092
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7b692a631790df3d5fc23cbd681d7d6cdbb0073bdfcea7e146ccc82ed46fe2a
f7de8a302ba63e8067adeb89eb0e53327b17996ce20d2026466f681c83394002
fa5936e1d4063bf0c97f3fa0a5ea55b8a36de857c638fb8497510d2ba4396f8e
fbf63674053e3b35a34473fc7568df63730cb5e71f7e81aa8432e75374c758a3