www.forcepoint.com Open in urlscan Pro
54.191.140.180 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.forcepoint.com/cyber-edu/malware
Submission: On November 15 via manual (November 15th 2019, 12:03:39 am UTC) from IN

Summary HTTP 119 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 33 IPs in 7 countries across 30 domains to perform 119 HTTP transactions. The main IP is 54.191.140.180, located in Boardman, United States and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is www.forcepoint.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on November 6th 2018. Valid for: 2 years.

This is the only time www.forcepoint.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
60	54.191.140.180 54.191.140.180	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2a00:1450:400... 2a00:1450:4001:825::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2606:4700::68... 2606:4700::6811:523b	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
3	152.199.23.241 152.199.23.241	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1 1	68.67.153.60 68.67.153.60	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
2 2	185.33.223.210 185.33.223.210	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
1	13.224.196.93 13.224.196.93	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
7	104.111.215.74 104.111.215.74	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
6	159.122.87.148 159.122.87.148	36351 (SOFTLAYER) (SOFTLAYER - SoftLayer Technologies Inc.)
1	13.224.197.121 13.224.197.121	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	2600:9000:21f... 2600:9000:21f3:dc00:3:c04e:c780:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 3	34.247.192.223 34.247.192.223	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2600:9000:20e... 2600:9000:20eb:4e00:c:a9b7:ddc0:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	104.16.94.80 104.16.94.80	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
3	2a00:1450:400... 2a00:1450:4001:81b::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
2	184.31.84.223 184.31.84.223	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:6c0... 2a02:26f0:6c00:296::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	151.101.13.131 151.101.13.131	54113 (FASTLY) (FASTLY - Fastly)
2	143.204.101.129 143.204.101.129	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY - Fastly)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1	52.213.115.189 52.213.115.189	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	15.188.31.119 15.188.31.119	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	66.117.28.86 66.117.28.86	15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.)
1 2	3.120.46.255 3.120.46.255	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	2a05:f500:10:... 2a05:f500:10:101::b93f:9105	14413 (LINKEDIN) (LINKEDIN - LinkedIn Corporation)
1 1	2a05:f500:11:... 2a05:f500:11:101::b93f:9001	14413 (LINKEDIN) (LINKEDIN - LinkedIn Corporation)
1	216.58.205.226 216.58.205.226	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	172.217.21.230 172.217.21.230	15169 (GOOGLE) (GOOGLE - Google LLC)
1	13.224.196.58 13.224.196.58	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER - Twitter Inc.)
1	2a00:1450:400... 2a00:1450:4001:81f::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:825::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
2	104.111.236.11 104.111.236.11	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER - Twitter Inc.)
119	33

60 54.191.140.180 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-191-140-180.us-west-2.compute.amazonaws.com

www.forcepoint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:523b (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 152.199.23.241 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.67.153.60 (United States) 1 redirects

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: s.ml-attr.com.pxlsrv.net

s.ml-attr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.223.210 (Netherlands) 2 redirects

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 307.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.196.93 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-224-196-93.fra2.r.cloudfront.net

attr.ml-api.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.111.215.74 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-215-74.deploy.static.akamaitechnologies.com

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 159.122.87.148 (Frankfurt am Main, Germany)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: 94.57.7a9f.ip4.static.sl-reverse.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.197.121 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-224-197-121.fra2.r.cloudfront.net

d5phz18u4wuww.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:21f3:dc00:3:c04e:c780:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

ws.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.247.192.223 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-247-192-223.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:4e00:c:a9b7:ddc0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

c.sharethis.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.94.80 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

app-abm.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.31.84.223 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a184-31-84-223.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:296::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.13.131 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

6634a5cdf59e4bb3a8f70dcd111da346.js.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.101.129 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-101-129.fra50.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:234:59:254c:406:2366:268c (United States) 1 redirects

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.213.115.189 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-213-115-189.eu-west-1.compute.amazonaws.com

websenseinc.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.188.31.119 (Paris, France)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-15-188-31-119.eu-west-3.compute.amazonaws.com

analyticsssl.forcepoint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.117.28.86 (United States) 1 redirects

ASN15224 (OMNITURE - Adobe Systems Inc., US)

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.120.46.255 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-3-120-46-255.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:10:101::b93f:9105 (Ireland) 1 redirects

ASN14413 (LINKEDIN - LinkedIn Corporation, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:f500:11:101::b93f:9001 (Ireland) 1 redirects

ASN14413 (LINKEDIN - LinkedIn Corporation, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.205.226 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s24-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.21.230 (United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s13-in-f6.1e100.net

9563368.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.196.58 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-224-196-58.fra2.r.cloudfront.net

assets.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE - Adobe Systems Inc., US)

018-nkf-008.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER - Twitter Inc., US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.236.11 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-236-11.deploy.static.akamaitechnologies.com

t.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER - Twitter Inc., US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
62	forcepoint.com www.forcepoint.com analyticsssl.forcepoint.com	476 KB
7	sharethis.com 1 redirects ws.sharethis.com l.sharethis.com t.sharethis.com	26 KB
7	typekit.net use.typekit.net p.typekit.net	94 KB
6	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com	119 KB
4	demdex.net 1 redirects dpm.demdex.net websenseinc.demdex.net	3 KB
3	doubleclick.net 1 redirects 9563368.fls.doubleclick.net googleads.g.doubleclick.net	2 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	2 KB
3	google-analytics.com www.google-analytics.com	18 KB
3	tiqcdn.com tags.tiqcdn.com	96 KB
2	twitter.com 1 redirects platform.twitter.com analytics.twitter.com	955 B
2	driftt.com js.driftt.com	44 KB
2	ubembed.com 6634a5cdf59e4bb3a8f70dcd111da346.js.ubembed.com assets.ubembed.com	47 KB
2	marketo.net munchkin.marketo.net	6 KB
2	adnxs.com 2 redirects secure.adnxs.com	2 KB
2	googleapis.com ajax.googleapis.com	92 KB
1	t.co t.co	449 B
1	mktoresp.com 018-nkf-008.mktoresp.com	303 B
1	google.com www.google.com Failed	110 B
1	googleadservices.com www.googleadservices.com	10 KB
1	everesttech.net 1 redirects cm.everesttech.net	527 B
1	googletagmanager.com www.googletagmanager.com	27 KB
1	ads-twitter.com static.ads-twitter.com	2 KB
1	licdn.com snap.licdn.com	2 KB
1	marketo.com app-abm.marketo.com
1	consensu.org c.sharethis.mgr.consensu.org
1	cloudfront.net d5phz18u4wuww.cloudfront.net	56 KB
1	ml-api.io attr.ml-api.io	484 B
1	ml-attr.com 1 redirects s.ml-attr.com	284 B
1	cloudflare.com cdnjs.cloudflare.com	2 KB
0	google.de Failed www.google.de Failed
119	30

	Domain	Requested by
60	www.forcepoint.com	www.forcepoint.com ajax.googleapis.com
6	dev.visualwebsiteoptimizer.com	tags.tiqcdn.com dev.visualwebsiteoptimizer.com www.forcepoint.com d5phz18u4wuww.cloudfront.net
6	use.typekit.net	www.forcepoint.com
3	www.google-analytics.com	tags.tiqcdn.com www.google-analytics.com www.forcepoint.com
3	dpm.demdex.net	1 redirects www.forcepoint.com
3	ws.sharethis.com	www.forcepoint.com ws.sharethis.com
3	tags.tiqcdn.com	www.forcepoint.com tags.tiqcdn.com
2	t.sharethis.com	www.forcepoint.com t.sharethis.com
2	9563368.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	px.ads.linkedin.com	1 redirects www.forcepoint.com
2	l.sharethis.com	1 redirects www.forcepoint.com
2	analyticsssl.forcepoint.com	tags.tiqcdn.com www.forcepoint.com
2	js.driftt.com	tags.tiqcdn.com js.driftt.com
2	munchkin.marketo.net	tags.tiqcdn.com munchkin.marketo.net
2	secure.adnxs.com	2 redirects
2	ajax.googleapis.com	www.forcepoint.com
1	analytics.twitter.com	static.ads-twitter.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	t.co	www.forcepoint.com
1	018-nkf-008.mktoresp.com	munchkin.marketo.net
1	assets.ubembed.com	6634a5cdf59e4bb3a8f70dcd111da346.js.ubembed.com
1	www.google.com	www.forcepoint.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.linkedin.com	1 redirects
1	cm.everesttech.net	1 redirects
1	websenseinc.demdex.net	tags.tiqcdn.com
1	www.googletagmanager.com	tags.tiqcdn.com
1	static.ads-twitter.com	www.forcepoint.com
1	platform.twitter.com	1 redirects
1	6634a5cdf59e4bb3a8f70dcd111da346.js.ubembed.com	tags.tiqcdn.com
1	snap.licdn.com	tags.tiqcdn.com
1	app-abm.marketo.com	www.forcepoint.com
1	c.sharethis.mgr.consensu.org	www.forcepoint.com
1	d5phz18u4wuww.cloudfront.net	tags.tiqcdn.com
1	p.typekit.net	www.forcepoint.com
1	attr.ml-api.io	www.forcepoint.com
1	s.ml-attr.com	1 redirects
1	cdnjs.cloudflare.com	www.forcepoint.com
0	www.google.de Failed	www.forcepoint.com
119	39

This site contains links to these domains. Also see Links.

Domain
support.forcepoint.com
partners.forcepoint.com
www.websense.com
www.linkedin.com
twitter.com
www.facebook.com
www.youtube.com

Subject Issuer	Validity	Valid
*.forcepoint.com Go Daddy Secure Certificate Authority - G2	`2018-11-06` - `2020-11-06`	2 years	crt.sh
*.googleapis.com GTS CA 1O1	`2019-10-16` - `2020-01-08`	3 months	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-08-10` - `2020-02-16`	6 months	crt.sh
*.tiqcdn.com DigiCert SHA2 Secure Server CA	`2017-10-25` - `2020-05-13`	3 years	crt.sh
*.ml-api.io Amazon	`2019-02-22` - `2020-03-22`	a year	crt.sh
*.typekit.net DigiCert SHA2 Secure Server CA	`2018-07-20` - `2020-01-03`	a year	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2017-06-30` - `2020-07-06`	3 years	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
*.sharethis.com Go Daddy Secure Certificate Authority - G2	`2017-09-26` - `2020-09-29`	3 years	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
*.sharethis.mgr.consensu.org Go Daddy Secure Certificate Authority - G2	`2018-05-21` - `2020-05-21`	2 years	crt.sh
app-abm.marketo.com CloudFlare Inc ECC CA-2	`2019-02-22` - `2020-02-22`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2018-12-24` - `2020-03-24`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
z.ssl.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-09-11` - `2020-08-07`	a year	crt.sh
drift.com Amazon	`2019-10-03` - `2020-11-03`	a year	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2019-08-14` - `2020-08-18`	a year	crt.sh
analyticsssl.forcepoint.com DigiCert SHA2 High Assurance Server CA	`2019-07-07` - `2020-10-09`	a year	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2019-05-29` - `2021-06-29`	2 years	crt.sh
www.googleadservices.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
assets.ubembed.com Amazon	`2019-05-02` - `2020-06-02`	a year	crt.sh
*.mktoresp.com GeoTrust RSA CA 2018	`2018-02-05` - `2020-02-05`	2 years	crt.sh
t.co DigiCert SHA2 High Assurance Server CA	`2019-04-09` - `2020-04-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
www.google.com GTS CA 1O1	`2019-10-16` - `2020-01-08`	3 months	crt.sh
cert1.a1.atm.aqfer.net Let's Encrypt Authority X3	`2019-10-17` - `2020-01-15`	3 months	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2019-04-09` - `2020-04-01`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://www.forcepoint.com/cyber-edu/malware
Frame ID: 38E3F965CD2CDC9B93C975F7B6CC543E
Requests: 127 HTTP requests in this frame

Frame: https://c.sharethis.mgr.consensu.org/portal.html
Frame ID: 02DD8A9EC66A2968EF19CD47891DE21B
Requests: 1 HTTP requests in this frame

Frame: https://websenseinc.demdex.net/dest5.html?d_nsid=0
Frame ID: EF09F87ACC992A586015D2B2B91FDE72
Requests: 1 HTTP requests in this frame

Frame: https://9563368.fls.doubleclick.net/activityi;dc_pre=COzq9Zj16uUCFYiAgwcdlacFvg;src=9563368;type=force0;cat=force0;ord=9063171668155;gtm=2oaav3;auiddc=973648885.1573776196;u1=016e6c5f00450041fb1837bd79c000079002c07100b08;~oref=https%3A%2F%2Fwww.forcepoint.com%2Fcyber-edu%2Fmalware
Frame ID: C7D6D9E241DFB740A758B70126433380
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=0.317.15648&cid=c010
Frame ID: E3799ECD355085BB0114492FE84E34E0
Requests: 1 HTTP requests in this frame

Frame: https://js.driftt.com/deploy/assets/index.html
Frame ID: 77DFE74F0723C9C9EBF9F6D1DA509FFF
Requests: 1 HTTP requests in this frame

Frame: https://ws.sharethis.com/secure/index.html
Frame ID: FEDB338DB6171EF5ECE24982AEE1FEB0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Drupal (CMS) Expand

Overall confidence: 100%
Detected patterns

meta generator /^Drupal(?:\s([\d.]+))?/i
headers expires /19 Nov 1978/i

Unbounce (Editors) Expand

Overall confidence: 100%
Detected patterns

script /ubembed\.com/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

meta generator /^Drupal(?:\s([\d.]+))?/i
headers expires /19 Nov 1978/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: $Varnish\/([\d.]+)$)?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

script /munchkin\.marketo\.net\/munchkin\.js/i

Tealium (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /^(?:https?:)?\/\/tags\.tiqcdn\.com\//i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

119
Requests

96 %
HTTPS

32 %
IPv6

30
Domains

39
Subdomains

33
IPs

7
Countries

1122 kB
Transfer

3507 kB
Size

27
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://support.forcepoint.com/
Title: Support

Search URL Search Domain Scan URL

URL: https://partners.forcepoint.com/
Title: Partner Login

Search URL Search Domain Scan URL

URL: https://www.websense.com/content/partner-new-user.aspx
Title: Request a Partner Login

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/forcepoint?trk=fc_badge
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://twitter.com/forcepointsec
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ForcepointLLC
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC4MbQECdktvwewRlAFwT_-w
Title: YouTube

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55

https://s.ml-attr.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dwww.forcepoint.com%26pId%3d%24UID HTTP 302
https://secure.adnxs.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dwww.forcepoint.com%26pId%3d%24UID HTTP 302
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fattr.ml-api.io%252f%253fdomain%253dwww.forcepoint.com%2526pId%253d%2524UID HTTP 302
https://attr.ml-api.io/?domain=www.forcepoint.com&pId=1492956508152457643

Request Chain 89

https://dpm.demdex.net/id?d_visid_ver=4.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8DC067C25245AFA80A490D4C%40AdobeOrg&d_nsid=0&ts=1573776195667 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=4.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8DC067C25245AFA80A490D4C%40AdobeOrg&d_nsid=0&ts=1573776195667

Request Chain 101

https://platform.twitter.com/oct.js HTTP 301
https://static.ads-twitter.com/oct.js

Request Chain 106

https://cm.everesttech.net/cm/dd?d_uuid=19169922926704231354484475181911398133 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Xc3rQwAAFQaAizx0

Request Chain 108

https://l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&fpc=1724677-16e6c5f003d-121e7f89-1&sessionID=1573776195647.97457&hostname=www.forcepoint.com&location=%2Fcyber-edu%2Fmalware&product=widget&stid=&fcmp=false&publisher=dr-1a8ea6fe-97f3-ecd7-f9ef-9fd1e2c0c34&refDomain=&refQuery=&shareHash=sthash.2OMrldYZ&incomingHash=&consentDomain=.consensu.org&url=https%3A%2F%2Fwww.forcepoint.com%2Fcyber-edu%2Fmalware%23sthash.2OMrldYZ&sharURL=&buttonType=ERROR&destination=ERROR&source=ERROR&title=What%20is%20Malware%3F%20Defined%2C%20Explained%2C%20and%20Explored%20%7C%20Forcepoint&ts1573776195647.0=&sop=false HTTP 301
https://l.sharethis.com/sc?cm=ZGYAA13N60MAAAASQKaaAw%3D%3D&uid=true&url=https%3A%2F%2Fwww.forcepoint.com%2Fcyber-edu%2Fmalware%23sthash.2OMrldYZ&sop=false

Request Chain 109

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=258729&url=https%3A%2F%2Fwww.forcepoint.com%2Fcyber-edu%2Fmalware&time=1573776195823 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D258729%26url%3Dhttps%253A%252F%252Fwww.forcepoint.com%252Fcyber-edu%252Fmalware%26time%3D1573776195823%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=258729&url=https%3A%2F%2Fwww.forcepoint.com%2Fcyber-edu%2Fmalware&time=1573776195823&liSync=true

Request Chain 111

https://9563368.fls.doubleclick.net/activityi;src=9563368;type=force0;cat=force0;ord=9063171668155;gtm=2oaav3;auiddc=973648885.1573776196;u1=016e6c5f00450041fb1837bd79c000079002c07100b08;~oref=https%3A%2F%2Fwww.forcepoint.com%2Fcyber-edu%2Fmalware HTTP 302
https://9563368.fls.doubleclick.net/activityi;dc_pre=COzq9Zj16uUCFYiAgwcdlacFvg;src=9563368;type=force0;cat=force0;ord=9063171668155;gtm=2oaav3;auiddc=973648885.1573776196;u1=016e6c5f00450041fb1837bd79c000079002c07100b08;~oref=https%3A%2F%2Fwww.forcepoint.com%2Fcyber-edu%2Fmalware

Request Chain 113

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-72298027-1&cid=894132799.1573776196&jid=1580679210&gjid=1774169992&_gid=385663644.1573776196&_u=KGBAgAAj~&z=1710056612 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-72298027-1&cid=894132799.1573776196&jid=1580679210&_v=j79&z=1710056612

119 HTTP transactions
14 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request malware Show response
www.forcepoint.com/cyber-edu/ 64 KB
21 KB 977ms
618ms Document
text/html 54.191.140.180
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://www.forcepoint.com/cyber-edu/malware

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.191.140.180 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-54-191-140-180.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

9a1f2cc7238592d06721ba7780a4c4dcc2dd969638cf662f7232a745345f6c6c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: 'unsafe-inline' 'unsafe-eval' .fonts.net .licdn.com .tiqcdn.com .marketo.com .marketo.net .mktoresp.com .demdex.net .burly.io .llnwd.net .tealiumiq.com .googleadservices.com .marinsm.com .amazonaws.com .quantserve.com .facebook.net .serving-sys.com .google-analytics.com .hirebridge.com .websense.com .bizographics.com .linkedin.com .cloudfront.net .newrelic.com .nr-data.net .adnxs.com .demandbase.com .twitter.com .omtrdc.net .youtube.com static.ads-twitter.com .company-target.com .omniture.com .doubleclick.net .forcepoint.com .google.com .facebook.com .getsmartcontent.com .vidyard.com .adroll.com s.ml-attr.com attr.ml-api.io .driftt.com .sharethis.com .vimeo.com .slideshare.net .techvalidate.com .gartner.com .gstatic.com .libsyn.com .cdnbasket.net ids.cdnwidget.com app.vwo.com .visualwebsiteoptimizer.com use.typekit.net p.typekit.net cdn.vwo-analytics.com thematrixstg2.prod.acquia-sites.com thematrixstg3.prod.acquia-sites.com .googleapis.com .cloudflare.com .sharethis.mgr.consensu.org; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' pixel.cdnwidget.com .tealiumiq.com .google.com .googleadservices.com .doubleclick.net .websense.com .marinsm.com .facebook.com .quantserve.com .google-analytics.com .w55c.net .marketo.com .iasds01.com .linkedin.com .cloudfront.net .forcepoint.com .adnxs.com .twitter.com t.co .omtrdc.net tags.w55c.net .demandbase.com .company-target.com maps.gstatic.com tags.tiqcdn.com munchkin.marketo.net .newrelic.com connect.facebook.net static.ads-twitter.com a.burly.io sjs.bizographics.com bam.nr-data.net snap.licdn.com .getsmartcontent.com .adroll.com .vidyard.com s.ml-attr.com attr.ml-api.io ml314.com .ml314.com .bing.com .driftt.com .crazyegg.com .sharethis.com .vimeo.com .slideshare.net .techvalidate.com .gartner.com .googletagmanager.com .visualwebsiteoptimizer.com app.vwo.com .js.ubembed.com assets.ubembed.com cdn.vwo-analytics.com .s3.amazonaws.com s3.amazonaws.com thematrixstg2.prod.acquia-sites.com thematrixstg3.prod.acquia-sites.com .clearbit.com .googleapis.com .cloudflare.com; img-src 'self' data: pixel.advertising.com .forcepoint.com .marinsm.com .google-analytics.com s.ml-attr.com .doubleclick.net .facebook.com .adroll.com .yahoo.com .google.com .getsmartcontent.com .pubmatic.com .adnxs.com t.co attr.ml-api.io pixel.rubiconproject.com trc.taboola.com sync.outbrain.com .casalemedia.com idsync.rlcdn.com .bidswitch.net us-u.openx.net bsw.digitru.st ps.eyeota.net match.adsrvr.org sync-tm.everesttech.net dmp.adform.net i.w55c.net d.turn.com tags.w55c.net sync.tidaltv.com sync.mathtag.com in.v12group.com sync.adap.tv eyeota-sync.dotomi.com p.rfihub.com .demdex.net .tealiumiq.com .vidyard.com .bing.com s3.amazonaws.com .s3.amazonaws.com .driftt.com eb2.3lift.com .gartner.com .liadm.com .krxd.net .pippio.com .amazon-adsystem.com .visualwebsiteoptimizer.com .cloudfront.net .cdnwidget.com tags.bluekai.com .adsymptotic.com cm.everesttech.net su.addthis.com lrpush.apxlv.com global.ib-ibi.com bcp.crwdcntrl.net analytics.twitter.com api.bizographics.com sync.placelocal.com segments.company-target.com pixel.tapad.com lrp.mxptint.net match.prod.bidr.io p.univide.com rp.gwallet.com ds.reson8.com dmp.truoptik.com aa.agkn.com bs.serving-sys.com .entitytag.co.uk token.rubiconproject.com liveramp-eicm-global.dsp.io thrtle.com apolloprogram.io live.rzsync.com .youtube.com insight.adsrvr.org .crazyegg.com thematrixstg2.prod.acquia-sites.com thematrixstg3.prod.acquia-sites.com .googleapis.com .cloudflare.com .linkedin.com .sharethis.com; connect-src 'self' app.vwo.com dpm.demdex.net websense.tt.omtrdc.net .mktoresp.com .cdnbasket.net ids.cdnwidget.com .forcepoint.com sample-api-v2.crazyegg.com .visualwebsiteoptimizer.com insight.adsrvr.org bam.nr-data.net .tealiumiq.com live-evercurrent-clone.pantheonsite.io .sharethis.com *.doubleclick.net; report-uri /admin/config/system/seckit/csp-report
Strict-Transport-Security	max-age=18410000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.forcepoint.com thematrixstg2.prod.acquia-sites.com thematrixstg3.prod.acquia-sites.com

Request headers

:method: GET
:authority: www.forcepoint.com
:scheme: https
:path: /cyber-edu/malware
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1

Response headers

status: 200
server: nginx
date: Fri, 15 Nov 2019 00:03:14 GMT
content-type: text/html; charset=utf-8
x-drupal-cache: MISS
x-content-type-options: nosniff
etag: "1573776193-1"
content-security-policy: default-src 'self' data: 'unsafe-inline' 'unsafe-eval' *.fonts.net *.licdn.com *.tiqcdn.com *.marketo.com *.marketo.net *.mktoresp.com *.demdex.net *.burly.io *.llnwd.net *.tealiumiq.com *.googleadservices.com *.marinsm.com *.amazonaws.com *.quantserve.com *.facebook.net *.serving-sys.com *.google-analytics.com *.hirebridge.com *.websense.com *.bizographics.com *.linkedin.com *.cloudfront.net *.newrelic.com *.nr-data.net *.adnxs.com *.demandbase.com *.twitter.com *.omtrdc.net *.youtube.com static.ads-twitter.com *.company-target.com *.omniture.com *.doubleclick.net *.forcepoint.com *.google.com *.facebook.com *.getsmartcontent.com *.vidyard.com *.adroll.com s.ml-attr.com attr.ml-api.io *.driftt.com *.sharethis.com *.vimeo.com *.slideshare.net *.techvalidate.com *.gartner.com *.gstatic.com *.libsyn.com *.cdnbasket.net ids.cdnwidget.com app.vwo.com *.visualwebsiteoptimizer.com use.typekit.net p.typekit.net cdn.vwo-analytics.com thematrixstg2.prod.acquia-sites.com thematrixstg3.prod.acquia-sites.com *.googleapis.com *.cloudflare.com *.sharethis.mgr.consensu.org; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' pixel.cdnwidget.com *.tealiumiq.com *.google.com *.googleadservices.com *.doubleclick.net *.websense.com *.marinsm.com *.facebook.com *.quantserve.com *.google-analytics.com *.w55c.net *.marketo.com *.iasds01.com *.linkedin.com *.cloudfront.net *.forcepoint.com *.adnxs.com *.twitter.com t.co *.omtrdc.net tags.w55c.net *.demandbase.com *.company-target.com maps.gstatic.com tags.tiqcdn.com munchkin.marketo.net *.newrelic.com connect.facebook.net static.ads-twitter.com a.burly.io sjs.bizographics.com bam.nr-data.net snap.licdn.com *.getsmartcontent.com *.adroll.com *.vidyard.com s.ml-attr.com attr.ml-api.io ml314.com *.ml314.com *.bing.com *.driftt.com *.crazyegg.com *.sharethis.com *.vimeo.com *.slideshare.net *.techvalidate.com *.gartner.com *.googletagmanager.com *.visualwebsiteoptimizer.com app.vwo.com *.js.ubembed.com assets.ubembed.com cdn.vwo-analytics.com *.s3.amazonaws.com s3.amazonaws.com thematrixstg2.prod.acquia-sites.com thematrixstg3.prod.acquia-sites.com *.clearbit.com *.googleapis.com *.cloudflare.com; img-src 'self' data: pixel.advertising.com *.forcepoint.com *.marinsm.com *.google-analytics.com s.ml-attr.com *.doubleclick.net *.facebook.com *.adroll.com *.yahoo.com *.google.com *.getsmartcontent.com *.pubmatic.com *.adnxs.com t.co attr.ml-api.io pixel.rubiconproject.com trc.taboola.com sync.outbrain.com *.casalemedia.com idsync.rlcdn.com *.bidswitch.net us-u.openx.net bsw.digitru.st ps.eyeota.net match.adsrvr.org sync-tm.everesttech.net dmp.adform.net i.w55c.net d.turn.com tags.w55c.net sync.tidaltv.com sync.mathtag.com in.v12group.com sync.adap.tv eyeota-sync.dotomi.com p.rfihub.com *.demdex.net *.tealiumiq.com *.vidyard.com *.bing.com s3.amazonaws.com *.s3.amazonaws.com *.driftt.com eb2.3lift.com *.gartner.com *.liadm.com *.krxd.net *.pippio.com *.amazon-adsystem.com *.visualwebsiteoptimizer.com *.cloudfront.net *.cdnwidget.com tags.bluekai.com *.adsymptotic.com cm.everesttech.net su.addthis.com lrpush.apxlv.com global.ib-ibi.com bcp.crwdcntrl.net analytics.twitter.com api.bizographics.com sync.placelocal.com segments.company-target.com pixel.tapad.com lrp.mxptint.net match.prod.bidr.io p.univide.com rp.gwallet.com ds.reson8.com dmp.truoptik.com aa.agkn.com bs.serving-sys.com *.entitytag.co.uk token.rubiconproject.com liveramp-eicm-global.dsp.io thrtle.com apolloprogram.io live.rzsync.com *.youtube.com insight.adsrvr.org *.crazyegg.com thematrixstg2.prod.acquia-sites.com thematrixstg3.prod.acquia-sites.com *.googleapis.com *.cloudflare.com *.linkedin.com *.sharethis.com; connect-src 'self' app.vwo.com dpm.demdex.net websense.tt.omtrdc.net *.mktoresp.com *.cdnbasket.net ids.cdnwidget.com *.forcepoint.com sample-api-v2.crazyegg.com *.visualwebsiteoptimizer.com insight.adsrvr.org bam.nr-data.net *.tealiumiq.com live-evercurrent-clone.pantheonsite.io *.sharethis.com *.doubleclick.net; report-uri /admin/config/system/seckit/csp-report
x-frame-options: ALLOW-FROM https://www.forcepoint.com thematrixstg2.prod.acquia-sites.com thematrixstg3.prod.acquia-sites.com
strict-transport-security: max-age=18410000
from-origin: same, https://analyticsssl.forcepoint.com,https://vidyard.com
content-language: en
x-ua-compatible: IE=Edge,chrome=1
link: </sites/default/files/advagg_css/css__YZMmyCjxADNsxWJVyzxskiYBiPsGboww8DDJoAv1iVA__PqGVjSeXe3e-YM4xspxCavDlyydtEB28TRpZPTEwV5I__p_cNTklmXBgJ6hXdyTOOwbRHnv0FjFlSByOf01De_BQ.css>; rel=preload; as=style; style/css,</sites/default/files/advagg_css/css__kz_uZc4Tlyxo59facBHncNkVy4NJwQLpz-nIjq_HCVc__LcEhHPgNonvT7us25GvMx6EXpJUz0Hb3ST9PncocRR8__p_cNTklmXBgJ6hXdyTOOwbRHnv0FjFlSByOf01De_BQ.css>; rel=preload; as=style; style/css,</sites/default/files/advagg_css/css__tWSF450xkVX4bsruTY3Q24uBArmawP9rJGkug65UOsQ__V5_sYfoKn4-xBnBo7JvMckgf01VvgPdx3_h0TBFso9o__p_cNTklmXBgJ6hXdyTOOwbRHnv0FjFlSByOf01De_BQ.css>; rel=preload; as=style; style/css,</sites/default/files/advagg_css/css__QIsY78ejFUWd8_1WhPPUQqmlhBp10Tco4VOz-PcKrkI__B17CN2p8y9_5NI_q_duUIjYzJaZyaT1gKiLbRN3Cjsg__p_cNTklmXBgJ6hXdyTOOwbRHnv0FjFlSByOf01De_BQ.css>; rel=preload; as=style; style/css,</sites/default/files/advagg_css/css__MuoIiho4tXsD6GNyCC5loToVJ2DU7Ury3W9OL-q0MYI__Zd1Th3FyAzZMsKET3nZSYW5geMB7PSo5Gx_wJsdYz48__p_cNTklmXBgJ6hXdyTOOwbRHnv0FjFlSByOf01De_BQ.css>; rel=preload; as=style; style/css,</sites/default/files/advagg_css/css__oBuCL3mJNnRwQIU3odN9AZ67ZQkWhbf5H7zBuRqQOoY__1xXgF9w1J7E85PG2oMg3pO8KhTVYhVIW66TnFU6Brfw__p_cNTklmXBgJ6hXdyTOOwbRHnv0FjFlSByOf01De_BQ.css>; rel=preload; as=style; style/css,</sites/default/files/advagg_css/css__1fSxzz6SFz7_E8BEQYtnuJ5gEijUpegQR1oQdVJAq70__Stz4WYgnt_50r3Nf6oKDnYQmuy215rA3XQJG0uOKG00__p_cNTklmXBgJ6hXdyTOOwbRHnv0FjFlSByOf01De_BQ.css>; rel=preload; as=style; style/css,</sites/default/files/advagg_css/css__lTiqFezuPSTAHmbIFmw2W3KHKasVnUJG2MKH16VjvLw__L9SRQleveJKN1z9VtQkG5QS3egP9AzA7MoEuypnK1jw__p_cNTklmXBgJ6hXdyTOOwbRHnv0FjFlSByOf01De_BQ.css>; rel=preload; as=style; style/css,</sites/default/files/advagg_css/css__aUSIons1JLpznAkAWe4wYFCe4_fmTTJTOhtdC4xIAuM__HAl4ITsYWBEO7VRahEwWwi88zkLUBwPm3j4nnx8DeS0__p_cNTklmXBgJ6hXdyTOOwbRHnv0FjFlSByOf01De_BQ.css>; rel=preload; as=style; style/css,</sites/default/files/advagg_css/css__DJVWsB9CJVs_1IGdy-_cGuq4r6SVVaWbEnbS1U2p6y4__7g40UeM74r8hkrzDC6Hbb7RReIGNu-Jsb5XAbAPKIeA__p_cNTklmXBgJ6hXdyTOOwbRHnv0FjFlSByOf01De_BQ.css>; rel=preload; as=style; style/css,</sites/default/files/advagg_css/css__ZDvn-N8wxxyBR7KgfbRzIHM0mGwT9doN0fs3f10b_Go__b98SsVi1Bn9KY5Ur3SIgLXOvEMppxbzl1YiFYp9d4Lw__p_cNTklmXBgJ6hXdyTOOwbRHnv0FjFlSByOf01De_BQ.css>; rel=preload; as=style; style/css,</sites/default/files/advagg_css/css__dn-cpI1YtkU_iLHgA5WhlkxgYWyat_IxjF_B-WSYrpE__Ta9eNt7PPGHCfsyTneXg1ooQkRjbMt18zHVfHQYMDns__p_cNTklmXBgJ6hXdyTOOwbRHnv0FjFlSByOf01De_BQ.css>; rel=preload; as=style; style/css,</sites/default/files/advagg_css/css__ipUqqBUxEUOLXG_AXF5OCY1hi5eq8oz7Wu0QleOzxj4__-6ZHnf2EVvcL4izgd6S5myiQ-LuyKAuDqa-1hfKmAoI__p_cNTklmXBgJ6hXdyTOOwbRHnv0FjFlSByOf01De_BQ.css>; rel=preload; as=style; style/css,</sites/default/files/advagg_css/css__as1Qb3bBVIiytfKtxVFsBrQ25MQuRab6KE-kByj9aRs__VWqgK-R9tpmll1UjyiJwdIN7kUzpass55cDgnIXOJbQ__p_cNTklmXBgJ6hXdyTOOwbRHnv0FjFlSByOf01De_BQ.css>; rel=preload; as=style; style/css,<https://www.forcepoint.com/cyber-edu/malware>; rel="canonical",<https://www.forcepoint.com/node/26356>; rel="shortlink"
x-generator: Drupal 7 (http://drupal.org)
cache-control: public, max-age=21600
last-modified: Fri, 15 Nov 2019 00:03:13 GMT
expires: Sun, 19 Nov 1978 05:00:00 GMT
content-encoding: gzip
x-request-id: v-5172ed3e-073b-11ea-b3c1-d729cc8ac0aa
x-ah-environment: prod
x-geo-country: NL
vary: Cookie,Accept-Encoding,X-Geo-Country
age: 0
via: varnish
x-cache: MISS
accept-ranges: bytes

GET
H2 200 css__YZMmyCjxADNsxWJVyzxskiYBiPsGboww8DDJoAv1iVA__PqGVjSeXe3e-YM4xspxCavDlyydtEB28TRpZPTEwV5I__p_cNTklmXBgJ6hXdyTOOwbRHnv0FjFlSByOf01De_BQ.css
www.forcepoint.com/sites/default/files/advagg_css/ 6 KB
2 KB 182ms
178ms Stylesheet
text/css 54.191.140.180
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.forcepoint.com/sites/default/files/advagg_css/css__YZMmyCjxADNsxWJVyzxskiYBiPsGboww8DDJoAv1iVA__PqGVjSeXe3e-YM4xspxCavDlyydtEB28TRpZPTEwV5I__p_cNTklmXBgJ6hXdyTOOwbRHnv0FjFlSByOf01De_BQ.css
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.191.140.180 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-191-140-180.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 2b54ce972b3dc67894821f556fe623ca70d57910fe0b8ef654a9c231c24dad9f

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:14 GMT
content-encoding: gzip
age: 93458
x-cache: HIT
status: 200
x-cache-hits: 14373
x-ah-environment: prod
content-length: 1889
x-request-id: v-b83e9d36-0661-11ea-ba93-034a6f68de92
last-modified: Wed, 30 Oct 2019 18:27:06 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
via: varnish
cache-control: max-age=31449600, no-transform, public, immutable
accept-ranges: bytes
expires: Wed, 11 Nov 2020 22:05:36 GMT

GET
H2 200 css__kz_uZc4Tlyxo59facBHncNkVy4NJwQLpz-nIjq_HCVc__LcEhHPgNonvT7us25GvMx6EXpJUz0Hb3ST9PncocRR8__p_cNTklmXBgJ6hXdyTOOwbRHnv0FjFlSByOf01De_BQ.css
www.forcepoint.com/sites/default/files/advagg_css/ 14 KB
3 KB 183ms
179ms Stylesheet
text/css 54.191.140.180
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.forcepoint.com/sites/default/files/advagg_css/css__kz_uZc4Tlyxo59facBHncNkVy4NJwQLpz-nIjq_HCVc__LcEhHPgNonvT7us25GvMx6EXpJUz0Hb3ST9PncocRR8__p_cNTklmXBgJ6hXdyTOOwbRHnv0FjFlSByOf01De_BQ.css
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.191.140.180 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-191-140-180.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: e47c472a3e337cf1f82b63707331b54874a4f65eddabb8a3e35ac047e70bc36f

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:14 GMT
content-encoding: gzip
age: 93458
x-cache: HIT
status: 200
x-cache-hits: 14511
x-ah-environment: prod
content-length: 2700
x-request-id: v-b83eed54-0661-11ea-a67c-8f0b18a98b8d
last-modified: Thu, 24 Oct 2019 15:40:09 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
via: varnish
cache-control: max-age=31449600, no-transform, public, immutable
accept-ranges: bytes
expires: Wed, 11 Nov 2020 22:05:36 GMT

GET
H2 200 css__tWSF450xkVX4bsruTY3Q24uBArmawP9rJGkug65UOsQ__V5_sYfoKn4-xBnBo7JvMckgf01VvgPdx3_h0TBFso9o__p_cNTklmXBgJ6hXdyTOOwbRHnv0FjFlSByOf01De_BQ.css
www.forcepoint.com/sites/default/files/advagg_css/ 7 KB
2 KB 183ms
179ms Stylesheet
text/css 54.191.140.180
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.forcepoint.com/sites/default/files/advagg_css/css__tWSF450xkVX4bsruTY3Q24uBArmawP9rJGkug65UOsQ__V5_sYfoKn4-xBnBo7JvMckgf01VvgPdx3_h0TBFso9o__p_cNTklmXBgJ6hXdyTOOwbRHnv0FjFlSByOf01De_BQ.css
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.191.140.180 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-191-140-180.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 0b2f93c4ca70057a13ff644be0aeb4a4c56a598c994c9e90d90d7845078b1d68

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:14 GMT
content-encoding: gzip
age: 93458
x-cache: HIT
status: 200
x-cache-hits: 15214
x-ah-environment: prod
content-length: 1728
x-request-id: v-b83f3ef8-0661-11ea-94c0-cb1ee23547e1
last-modified: Wed, 13 Nov 2019 18:32:23 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
via: varnish
cache-control: max-age=31449600, no-transform, public, immutable
accept-ranges: bytes
expires: Wed, 11 Nov 2020 22:05:36 GMT

GET
H2 200 css__QIsY78ejFUWd8_1WhPPUQqmlhBp10Tco4VOz-PcKrkI__B17CN2p8y9_5NI_q_duUIjYzJaZyaT1gKiLbRN3Cjsg__p_cNTklmXBgJ6hXdyTOOwbRHnv0FjFlSByOf01De_BQ.css
www.forcepoint.com/sites/default/files/advagg_css/ 316 B
488 B 184ms
180ms Stylesheet
text/css 54.191.140.180
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.forcepoint.com/sites/default/files/advagg_css/css__QIsY78ejFUWd8_1WhPPUQqmlhBp10Tco4VOz-PcKrkI__B17CN2p8y9_5NI_q_duUIjYzJaZyaT1gKiLbRN3Cjsg__p_cNTklmXBgJ6hXdyTOOwbRHnv0FjFlSByOf01De_BQ.css
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.191.140.180 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-191-140-180.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 19f42b5f8e49428651f2c67b5fd7ef8e841944cdc01bcee33f2225bee85b53f7

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:14 GMT
content-encoding: gzip
age: 93458
x-cache: HIT
status: 200
x-cache-hits: 14274
x-ah-environment: prod
content-length: 159
x-request-id: v-b83fd69c-0661-11ea-b370-3bb8ef080c10
last-modified: Thu, 24 Oct 2019 15:40:09 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
via: varnish
cache-control: max-age=31449600, no-transform, public, immutable
accept-ranges: bytes
expires: Wed, 11 Nov 2020 22:05:36 GMT

GET
H2 200 css__MuoIiho4tXsD6GNyCC5loToVJ2DU7Ury3W9OL-q0MYI__Zd1Th3FyAzZMsKET3nZSYW5geMB7PSo5Gx_wJsdYz48__p_cNTklmXBgJ6hXdyTOOwbRHnv0FjFlSByOf01De_BQ.css
www.forcepoint.com/sites/default/files/advagg_css/ 2 KB
953 B 184ms
180ms Stylesheet
text/css 54.191.140.180
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.forcepoint.com/sites/default/files/advagg_css/css__MuoIiho4tXsD6GNyCC5loToVJ2DU7Ury3W9OL-q0MYI__Zd1Th3FyAzZMsKET3nZSYW5geMB7PSo5Gx_wJsdYz48__p_cNTklmXBgJ6hXdyTOOwbRHnv0FjFlSByOf01De_BQ.css
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.191.140.180 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-191-140-180.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 3efdb6f594f25fbecf4ca4c9267a0b483c6355a059845c837e45809639a059dc

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:14 GMT
content-encoding: gzip
age: 93458
x-cache: HIT
status: 200
x-cache-hits: 14328
x-ah-environment: prod
content-length: 624
x-request-id: v-b83fe114-0661-11ea-909e-57dc22f495b9
last-modified: Thu, 24 Oct 2019 16:02:11 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
via: varnish
cache-control: max-age=31449600, no-transform, public, immutable
accept-ranges: bytes
expires: Wed, 11 Nov 2020 22:05:36 GMT

GET
H2 200 css__oBuCL3mJNnRwQIU3odN9AZ67ZQkWhbf5H7zBuRqQOoY__1xXgF9w1J7E85PG2oMg3pO8KhTVYhVIW66TnFU6Brfw__p_cNTklmXBgJ6hXdyTOOwbRHnv0FjFlSByOf01De_BQ.css
www.forcepoint.com/sites/default/files/advagg_css/ 90 B
416 B 185ms
180ms Stylesheet
text/css 54.191.140.180
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.forcepoint.com/sites/default/files/advagg_css/css__oBuCL3mJNnRwQIU3odN9AZ67ZQkWhbf5H7zBuRqQOoY__1xXgF9w1J7E85PG2oMg3pO8KhTVYhVIW66TnFU6Brfw__p_cNTklmXBgJ6hXdyTOOwbRHnv0FjFlSByOf01De_BQ.css
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.191.140.180 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-191-140-180.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: f94e2ade1ac459cbd85602ea2cebbc6b8e04d022c302ac6941ddd6eb9739ea2c

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:14 GMT
content-encoding: gzip
age: 93458
x-cache: HIT
status: 200
x-cache-hits: 14299
x-ah-environment: prod
content-length: 88
x-request-id: v-b840a8d8-0661-11ea-82dc-83166c304d80
last-modified: Thu, 24 Oct 2019 15:40:09 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
via: varnish
cache-control: max-age=31449600, no-transform, public, immutable
accept-ranges: bytes
expires: Wed, 11 Nov 2020 22:05:36 GMT

GET
H2 200 css__1fSxzz6SFz7_E8BEQYtnuJ5gEijUpegQR1oQdVJAq70__Stz4WYgnt_50r3Nf6oKDnYQmuy215rA3XQJG0uOKG00__p_cNTklmXBgJ6hXdyTOOwbRHnv0FjFlSByOf01De_BQ.css
www.forcepoint.com/sites/default/files/advagg_css/ 285 B
499 B 347ms
343ms Stylesheet
text/css 54.191.140.180
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.forcepoint.com/sites/default/files/advagg_css/css__1fSxzz6SFz7_E8BEQYtnuJ5gEijUpegQR1oQdVJAq70__Stz4WYgnt_50r3Nf6oKDnYQmuy215rA3XQJG0uOKG00__p_cNTklmXBgJ6hXdyTOOwbRHnv0FjFlSByOf01De_BQ.css
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.191.140.180 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-191-140-180.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: f52bcb724efb50eccfad9fcc906faeea58c210b0966b19a63f058f26c40a9666

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:14 GMT
content-encoding: gzip
age: 93458
x-cache: HIT
status: 200
x-cache-hits: 14268
x-ah-environment: prod
content-length: 170
x-request-id: v-b840c912-0661-11ea-9097-d314767cc78f
last-modified: Thu, 24 Oct 2019 15:40:10 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
via: varnish
cache-control: max-age=31449600, no-transform, public, immutable
accept-ranges: bytes
expires: Wed, 11 Nov 2020 22:05:36 GMT

GET
H2 200 css__lTiqFezuPSTAHmbIFmw2W3KHKasVnUJG2MKH16VjvLw__L9SRQleveJKN1z9VtQkG5QS3egP9AzA7MoEuypnK1jw__p_cNTklmXBgJ6hXdyTOOwbRHnv0FjFlSByOf01De_BQ.css
www.forcepoint.com/sites/default/files/advagg_css/ 2 KB
977 B 347ms
343ms Stylesheet
text/css 54.191.140.180
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.forcepoint.com/sites/default/files/advagg_css/css__lTiqFezuPSTAHmbIFmw2W3KHKasVnUJG2MKH16VjvLw__L9SRQleveJKN1z9VtQkG5QS3egP9AzA7MoEuypnK1jw__p_cNTklmXBgJ6hXdyTOOwbRHnv0FjFlSByOf01De_BQ.css
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.191.140.180 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-191-140-180.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 75f0d54be8a1c4d80410662d0342a6caca0af4e3e6c383081d2475004587030a

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:14 GMT
content-encoding: gzip
age: 93458
x-cache: HIT
status: 200
x-cache-hits: 15102
x-ah-environment: prod
content-length: 648
x-request-id: v-b840d1b4-0661-11ea-beda-13afee87ae68
last-modified: Thu, 24 Oct 2019 15:40:10 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
via: varnish
cache-control: max-age=31449600, no-transform, public, immutable
accept-ranges: bytes
expires: Wed, 11 Nov 2020 22:05:36 GMT

GET
H2 200 css__aUSIons1JLpznAkAWe4wYFCe4_fmTTJTOhtdC4xIAuM__HAl4ITsYWBEO7VRahEwWwi88zkLUBwPm3j4nnx8DeS0__p_cNTklmXBgJ6hXdyTOOwbRHnv0FjFlSByOf01De_BQ.css
www.forcepoint.com/sites/default/files/advagg_css/ 454 B
549 B 323ms
319ms Stylesheet
text/css 54.191.140.180
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.forcepoint.com/sites/default/files/advagg_css/css__aUSIons1JLpznAkAWe4wYFCe4_fmTTJTOhtdC4xIAuM__HAl4ITsYWBEO7VRahEwWwi88zkLUBwPm3j4nnx8DeS0__p_cNTklmXBgJ6hXdyTOOwbRHnv0FjFlSByOf01De_BQ.css
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.191.140.180 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-191-140-180.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: fe9132775150b13960723fdffd15ef8bb7f07d120787874114ac9e3d4f303f46

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:14 GMT
content-encoding: gzip
age: 93458
x-cache: HIT
status: 200
x-cache-hits: 14283
x-ah-environment: prod
content-length: 220
x-request-id: v-b840b8e6-0661-11ea-8af5-0f035ae80b17
last-modified: Thu, 24 Oct 2019 15:40:10 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
via: varnish
cache-control: max-age=31449600, no-transform, public, immutable
accept-ranges: bytes
expires: Wed, 11 Nov 2020 22:05:36 GMT

GET
H2 200 css__DJVWsB9CJVs_1IGdy-_cGuq4r6SVVaWbEnbS1U2p6y4__7g40UeM74r8hkrzDC6Hbb7RReIGNu-Jsb5XAbAPKIeA__p_cNTklmXBgJ6hXdyTOOwbRHnv0FjFlSByOf01De_BQ.css
www.forcepoint.com/sites/default/files/advagg_css/ 502 B
579 B 184ms
180ms Stylesheet
text/css 54.191.140.180
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.forcepoint.com/sites/default/files/advagg_css/css__DJVWsB9CJVs_1IGdy-_cGuq4r6SVVaWbEnbS1U2p6y4__7g40UeM74r8hkrzDC6Hbb7RReIGNu-Jsb5XAbAPKIeA__p_cNTklmXBgJ6hXdyTOOwbRHnv0FjFlSByOf01De_BQ.css
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.191.140.180 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-191-140-180.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b9c823db89be14289e3b0585970e3d91c3313ec9f82d13c9cb24d90820efc699

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:14 GMT
content-encoding: gzip
age: 93458
x-cache: HIT
status: 200
x-cache-hits: 14290
x-ah-environment: prod
content-length: 250
x-request-id: v-b840b580-0661-11ea-b1f4-47d83ccbefac
last-modified: Thu, 24 Oct 2019 15:40:10 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
via: varnish
cache-control: max-age=31449600, no-transform, public, immutable
accept-ranges: bytes
expires: Wed, 11 Nov 2020 22:05:36 GMT

GET
H2 200 css__ZDvn-N8wxxyBR7KgfbRzIHM0mGwT9doN0fs3f10b_Go__b98SsVi1Bn9KY5Ur3SIgLXOvEMppxbzl1YiFYp9d4Lw__p_cNTklmXBgJ6hXdyTOOwbRHnv0FjFlSByOf01De_BQ.css
www.forcepoint.com/sites/default/files/advagg_css/ 128 B
447 B 347ms
344ms Stylesheet
text/css 54.191.140.180
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.forcepoint.com/sites/default/files/advagg_css/css__ZDvn-N8wxxyBR7KgfbRzIHM0mGwT9doN0fs3f10b_Go__b98SsVi1Bn9KY5Ur3SIgLXOvEMppxbzl1YiFYp9d4Lw__p_cNTklmXBgJ6hXdyTOOwbRHnv0FjFlSByOf01De_BQ.css
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.191.140.180 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-191-140-180.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: c712b85f4d57c41bb049c80303067da9790aa76b32a41b422174bd507695f444

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:14 GMT
content-encoding: gzip
age: 93458
x-cache: HIT
status: 200
x-cache-hits: 14292
x-ah-environment: prod
content-length: 118
x-request-id: v-b840c480-0661-11ea-956a-4b83b0adb50b
last-modified: Thu, 24 Oct 2019 15:40:10 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
via: varnish
cache-control: max-age=31449600, no-transform, public, immutable
accept-ranges: bytes
expires: Wed, 11 Nov 2020 22:05:36 GMT

GET
H2 200 css__dn-cpI1YtkU_iLHgA5WhlkxgYWyat_IxjF_B-WSYrpE__Ta9eNt7PPGHCfsyTneXg1ooQkRjbMt18zHVfHQYMDns__p_cNTklmXBgJ6hXdyTOOwbRHnv0FjFlSByOf01De_BQ.css
www.forcepoint.com/sites/default/files/advagg_css/ 203 B
466 B 349ms
345ms Stylesheet
text/css 54.191.140.180
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.forcepoint.com/sites/default/files/advagg_css/css__dn-cpI1YtkU_iLHgA5WhlkxgYWyat_IxjF_B-WSYrpE__Ta9eNt7PPGHCfsyTneXg1ooQkRjbMt18zHVfHQYMDns__p_cNTklmXBgJ6hXdyTOOwbRHnv0FjFlSByOf01De_BQ.css
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.191.140.180 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-191-140-180.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: f66578f61dcd2d00bb8b7a0c5a7a02d39871c2e7c4615826c4e3a6a879a1a66b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:14 GMT
content-encoding: gzip
age: 93458
x-cache: HIT
status: 200
x-cache-hits: 14296
x-ah-environment: prod
content-length: 137
x-request-id: v-b840b120-0661-11ea-85a4-9b809a027d99
last-modified: Thu, 24 Oct 2019 15:40:10 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
via: varnish
cache-control: max-age=31449600, no-transform, public, immutable
accept-ranges: bytes
expires: Wed, 11 Nov 2020 22:05:36 GMT

GET
H2 200 css__ipUqqBUxEUOLXG_AXF5OCY1hi5eq8oz7Wu0QleOzxj4__-6ZHnf2EVvcL4izgd6S5myiQ-LuyKAuDqa-1hfKmAoI__p_cNTklmXBgJ6hXdyTOOwbRHnv0FjFlSByOf01De_BQ.css
www.forcepoint.com/sites/default/files/advagg_css/ 99 B
429 B 347ms
344ms Stylesheet
text/css 54.191.140.180
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.forcepoint.com/sites/default/files/advagg_css/css__ipUqqBUxEUOLXG_AXF5OCY1hi5eq8oz7Wu0QleOzxj4__-6ZHnf2EVvcL4izgd6S5myiQ-LuyKAuDqa-1hfKmAoI__p_cNTklmXBgJ6hXdyTOOwbRHnv0FjFlSByOf01De_BQ.css
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.191.140.180 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-191-140-180.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: a0d9d290c9928affdd7f2816a574b367cbd6aca7ff1ba7b14b3391330d6f1995

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:14 GMT
content-encoding: gzip
age: 93458
x-cache: HIT
status: 200
x-cache-hits: 13920
x-ah-environment: prod
content-length: 100
x-request-id: v-b840ac52-0661-11ea-bfb1-570b900ee394
last-modified: Thu, 24 Oct 2019 15:40:10 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
via: varnish
cache-control: max-age=31449600, no-transform, public, immutable
accept-ranges: bytes
expires: Wed, 11 Nov 2020 22:05:36 GMT

GET
H2 200 css__Fa-F7XdMmkbm_vfNidz-QFjzxYED_tEyLgIwx4ll_sQ__PTkhgKF23mslVQACF808cDWJNcqXgaJvWhlg6hPjekc__p_cNTklmXBgJ6hXdyTOOwbRHnv0FjFlSByOf01De_BQ.css
www.forcepoint.com/sites/default/files/advagg_css/ 762 KB
91 KB 350ms
346ms Stylesheet
text/css 54.191.140.180
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.forcepoint.com/sites/default/files/advagg_css/css__Fa-F7XdMmkbm_vfNidz-QFjzxYED_tEyLgIwx4ll_sQ__PTkhgKF23mslVQACF808cDWJNcqXgaJvWhlg6hPjekc__p_cNTklmXBgJ6hXdyTOOwbRHnv0FjFlSByOf01De_BQ.css
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.191.140.180 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-191-140-180.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 35a6940cbfb4bc9faa8aef5a40f404ab7314f0a2d921015aa4917bfde5aa92bc

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:14 GMT
content-encoding: gzip
age: 93458
x-cache: HIT
status: 200
x-cache-hits: 15320
x-ah-environment: prod
content-length: 92695
x-request-id: v-b842a8cc-0661-11ea-83f4-779a9aa6b9f0
last-modified: Wed, 13 Nov 2019 21:06:26 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
via: varnish
cache-control: max-age=31449600, no-transform, public, immutable
accept-ranges: bytes
expires: Wed, 11 Nov 2020 22:05:36 GMT

GET
H2 200 css__9srhXc8R3jNkESZekG7crxuCCaz1wS4uiVjgvcbIy0U__COOKH8dr5IhONzRYWmNuLr8iJJlhJ7q8iLW17rFX024__p_cNTklmXBgJ6hXdyTOOwbRHnv0FjFlSByOf01De_BQ.css
www.forcepoint.com/sites/default/files/advagg_css/ 96 B
419 B 350ms
347ms Stylesheet
text/css 54.191.140.180
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.forcepoint.com/sites/default/files/advagg_css/css__9srhXc8R3jNkESZekG7crxuCCaz1wS4uiVjgvcbIy0U__COOKH8dr5IhONzRYWmNuLr8iJJlhJ7q8iLW17rFX024__p_cNTklmXBgJ6hXdyTOOwbRHnv0FjFlSByOf01De_BQ.css
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.191.140.180 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-191-140-180.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 7be499beaf9c4579007d3abc8f55f7a467f9325bab3d8bd54ede5762a907c85a

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:14 GMT
content-encoding: gzip
age: 93458
x-cache: HIT
status: 200
x-cache-hits: 14320
x-ah-environment: prod
content-length: 91
x-request-id: v-b842a3c2-0661-11ea-920c-ab4c29fe5545
last-modified: Thu, 24 Oct 2019 15:40:11 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
via: varnish
cache-control: max-age=31449600, no-transform, public, immutable
accept-ranges: bytes
expires: Wed, 11 Nov 2020 22:05:36 GMT

GET
H2 200 css__kwneJvCZ3wxZpoBz-5uwsXQ-72XOH72h0e3zA8XiyRY__cvzblFo7USbfmLGn_nS3znjEOkbPAGuT7gF0O8uwZYI__p_cNTklmXBgJ6hXdyTOOwbRHnv0FjFlSByOf01De_BQ.css
www.forcepoint.com/sites/default/files/advagg_css/ 122 KB
14 KB 347ms
344ms Stylesheet
text/css 54.191.140.180
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.forcepoint.com/sites/default/files/advagg_css/css__kwneJvCZ3wxZpoBz-5uwsXQ-72XOH72h0e3zA8XiyRY__cvzblFo7USbfmLGn_nS3znjEOkbPAGuT7gF0O8uwZYI__p_cNTklmXBgJ6hXdyTOOwbRHnv0FjFlSByOf01De_BQ.css
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.191.140.180 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-191-140-180.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 801f5f979a8d4cba5728424da246e1b23bea52d1a03080d78aca71c2ee9ae6f4

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:14 GMT
content-encoding: gzip
age: 93458
x-cache: HIT
status: 200
x-cache-hits: 15264
x-ah-environment: prod
content-length: 14167
x-request-id: v-b841ebc6-0661-11ea-9f01-4b2e1b88d73f
last-modified: Wed, 13 Nov 2019 21:06:25 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
via: varnish
cache-control: max-age=31449600, no-transform, public, immutable
accept-ranges: bytes
expires: Wed, 11 Nov 2020 22:05:36 GMT

GET
H2 200 css__R2XUSgo0T03Bbr9FLNBS8FoL0IMP_ks82WfZctJRtH0__Sy_kN9vvA8VhVIze3v10CuvZJyg9FjB9C1NUBvVo3Ds__p_cNTklmXBgJ6hXdyTOOwbRHnv0FjFlSByOf01De_BQ.css
www.forcepoint.com/sites/default/files/advagg_css/ 95 KB
38 KB 348ms
344ms Stylesheet
text/css 54.191.140.180
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.forcepoint.com/sites/default/files/advagg_css/css__R2XUSgo0T03Bbr9FLNBS8FoL0IMP_ks82WfZctJRtH0__Sy_kN9vvA8VhVIze3v10CuvZJyg9FjB9C1NUBvVo3Ds__p_cNTklmXBgJ6hXdyTOOwbRHnv0FjFlSByOf01De_BQ.css
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.191.140.180 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-191-140-180.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: c75ed0408e67a8a2853f8444487fb4688720eb60b2988983dbb2dfb059ce209f

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:14 GMT
content-encoding: gzip
age: 93458
x-cache: HIT
status: 200
x-cache-hits: 15308
x-ah-environment: prod
content-length: 38077
x-request-id: v-b8425b10-0661-11ea-8f1b-3b2771dcb78c
last-modified: Wed, 13 Nov 2019 21:06:25 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
via: varnish
cache-control: max-age=31449600, no-transform, public, immutable
accept-ranges: bytes
expires: Wed, 11 Nov 2020 22:05:36 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.2/ 94 KB
33 KB 12ms
9ms Script
text/javascript 2a00:1450:4001:825::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js

Requested by

Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 01 Nov 2019 21:25:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1132635
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 33495
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 31 Oct 2020 21:25:59 GMT

GET
H2 200 jquery-ui.min.js Show response
ajax.googleapis.com/ajax/libs/jqueryui/1.10.2/ 223 KB
59 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:825::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.10.2/jquery-ui.min.js

Requested by

Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

16089a42741acc5fd00ab17da92be9458e8f0029fd645f159e582a7ea0f52ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 31 Oct 2019 07:20:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1269789
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 60637
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 30 Oct 2020 07:20:05 GMT

GET
H2 200 jquery.stickybits.min.js Show response
cdnjs.cloudflare.com/ajax/libs/stickybits/3.6.7/ 5 KB
2 KB 45ms
17ms Script
application/javascript 2606:4700::6811:523b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/stickybits/3.6.7/jquery.stickybits.min.js

Requested by

Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:523b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9bf02c9770b2f6cca2e8995e99c09c07ef6f970d78f11912f924056a3eaa44e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:14 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 4241339
status: 200
alt-svc: h3-23=":443"; ma=86400
served-in-seconds: 0.001
timing-allow-origin: *
last-modified: Mon, 26 Aug 2019 19:45:56 GMT
server: cloudflare
etag: W/"5d6436f4-1372"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 535cf5ff8976cbb8-VIE
expires: Wed, 04 Nov 2020 00:03:14 GMT

GET
H2 200 utag.sync.js Show response
tags.tiqcdn.com/utag/websense/forcepoint-2018/prod/ 1 KB
758 B 230ms
161ms Script
text/javascript 152.199.23.241
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/websense/forcepoint-2018/prod/utag.sync.js
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (lab/4F62) /
Resource Hash: a94356ee10b5d03a75ee26811bc68de1a237003c2daf536d7e8c6c000199b0dc

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:02:58 GMT
content-encoding: gzip
last-modified: Thu, 24 Oct 2019 18:57:57 GMT
server: ECAcc (lab/4F62)
etag: "3621429623"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=300
accept-ranges: bytes
content-length: 572
expires: Fri, 15 Nov 2019 00:08:14 GMT

GET
H2 200 modernizr-custom.js Show response
www.forcepoint.com/sites/all/libraries/modernizr/ 11 KB
5 KB 348ms
345ms Script
application/javascript 54.191.140.180
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.forcepoint.com/sites/all/libraries/modernizr/modernizr-custom.js?q0xf11
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.191.140.180 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-191-140-180.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: c0e0b9f64e6354a2677f8cc7b48c489b4fac6183a86dfedc0f52bb0cc17fce3a

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:14 GMT
content-encoding: gzip
age: 93458
x-cache: HIT
status: 200
x-cache-hits: 16092
x-ah-environment: prod
content-length: 4521
x-request-id: v-b841f184-0661-11ea-bb75-633b6b85ba43
last-modified: Mon, 29 Oct 2018 09:33:33 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
via: varnish
cache-control: max-age=1209600
accept-ranges: bytes
expires: Wed, 27 Nov 2019 22:05:36 GMT

GET
H2 200 jquery-extend-3.4.0.js Show response
www.forcepoint.com/misc/ 3 KB
2 KB 347ms
344ms Script
application/javascript 54.191.140.180
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.forcepoint.com/misc/jquery-extend-3.4.0.js?v=1.11.2
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.191.140.180 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-191-140-180.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: c54103ba57ee210ca55c052e70415402707548a4e6a68dd6efb3895019bee392

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:14 GMT
content-encoding: gzip
x-geo-country: NL
age: 93073
x-cache: HIT
status: 200
x-ah-environment: prod
content-length: 1330
x-request-id: v-9df69cac-0662-11ea-9ddf-cbd92507442e
last-modified: Tue, 23 Apr 2019 20:48:29 GMT
server: nginx
vary: Accept-Encoding,X-Geo-Country
content-type: application/javascript
via: varnish
expires: Wed, 27 Nov 2019 22:12:01 GMT
cache-control: max-age=1209600
accept-ranges: bytes
x-cache-hits: 665

GET
H2 200 jquery.once.js Show response
www.forcepoint.com/misc/ 3 KB
1 KB 348ms
345ms Script
application/javascript 54.191.140.180
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.forcepoint.com/misc/jquery.once.js?v=1.2
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.191.140.180 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-191-140-180.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 1430f42c0d760ba8e05bb3762480502e541f654fec5739ee40625ab22dc38c4f

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:14 GMT
content-encoding: gzip
x-geo-country: NL
age: 93073
x-cache: HIT
status: 200
x-ah-environment: prod
content-length: 1066
x-request-id: v-9df6a7ce-0662-11ea-9ac1-837b8c24f370
last-modified: Thu, 09 Aug 2018 10:13:43 GMT
server: nginx
vary: Accept-Encoding,X-Geo-Country
content-type: application/javascript
via: varnish
expires: Wed, 27 Nov 2019 22:12:01 GMT
cache-control: max-age=1209600
accept-ranges: bytes
x-cache-hits: 665

GET
H2 200 drupal.js Show response
www.forcepoint.com/misc/ 20 KB
7 KB 348ms
345ms Script
application/javascript 54.191.140.180
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.forcepoint.com/misc/drupal.js?q0xf11
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.191.140.180 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-191-140-180.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 5968e6fd2bb447f04cfccd4629a337a9668e8ca1731bf03eefd2ed9840d9a43d

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:14 GMT
content-encoding: gzip
x-geo-country: NL
age: 93073
x-cache: HIT
status: 200
x-ah-environment: prod
content-length: 6934
x-request-id: v-9df6bed0-0662-11ea-acee-1b240720dc43
last-modified: Mon, 29 Oct 2018 09:33:33 GMT
server: nginx
vary: Accept-Encoding,X-Geo-Country
content-type: application/javascript
via: varnish
expires: Wed, 27 Nov 2019 22:12:01 GMT
cache-control: max-age=1209600
accept-ranges: bytes
x-cache-hits: 670

GET
H2 200 jquery.cookie.js Show response
www.forcepoint.com/sites/all/modules/contrib/jquery_update/replace/ui/external/ 4 KB
2 KB 348ms
346ms Script
application/javascript 54.191.140.180
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.forcepoint.com/sites/all/modules/contrib/jquery_update/replace/ui/external/jquery.cookie.js?v=67fb34f6a866c40d0570
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.191.140.180 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-191-140-180.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 4ba03e57203ea578ec51f56d317a69cc2bb83af0933780683890fd9e046b66e5

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:14 GMT
content-encoding: gzip
x-geo-country: NL
age: 93073
x-cache: HIT
status: 200
x-ah-environment: prod
content-length: 1343
x-request-id: v-9df6d1ea-0662-11ea-b3e8-cf50d9fe5856
last-modified: Thu, 09 Aug 2018 10:13:44 GMT
server: nginx
vary: Accept-Encoding,X-Geo-Country
content-type: application/javascript
via: varnish
expires: Wed, 27 Nov 2019 22:12:01 GMT
cache-control: max-age=1209600
accept-ranges: bytes
x-cache-hits: 664

GET
H2 200 marketo_forms.js Show response
www.forcepoint.com/sites/all/modules/features/feature_ws_marketo/js/ 11 KB
4 KB 348ms
346ms Script
application/javascript 54.191.140.180
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.forcepoint.com/sites/all/modules/features/feature_ws_marketo/js/marketo_forms.js?q0xf11
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.191.140.180 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-191-140-180.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b09a5170d0cf8dc6ce9ca11085832097831d972bdc0dfc03818aeb3fa52799ef

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:14 GMT
content-encoding: gzip
age: 93458
x-cache: HIT
status: 200
x-cache-hits: 16026
x-ah-environment: prod
content-length: 3479
x-request-id: v-b8427a64-0661-11ea-9e3d-873f939bdf27
last-modified: Thu, 29 Aug 2019 15:22:44 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
via: varnish
cache-control: max-age=1209600
accept-ranges: bytes
expires: Wed, 27 Nov 2019 22:05:36 GMT

GET
H2 200 marketo_forms.jquery.js Show response
www.forcepoint.com/sites/all/modules/features/feature_ws_marketo/js/ 841 B
730 B 347ms
345ms Script
application/javascript 54.191.140.180
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.forcepoint.com/sites/all/modules/features/feature_ws_marketo/js/marketo_forms.jquery.js?q0xf11
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.191.140.180 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-191-140-180.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: a3f4ccf800b795efc4590d993a7743a680f50669e46c19d9acac28ac1731fb6b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:14 GMT
content-encoding: gzip
age: 93458
x-cache: HIT
status: 200
x-cache-hits: 16065
x-ah-environment: prod
content-length: 416
x-request-id: v-b841f3a0-0661-11ea-a951-3ff209e0405a
last-modified: Mon, 29 Oct 2018 09:33:33 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
via: varnish
cache-control: max-age=1209600
accept-ranges: bytes
expires: Wed, 27 Nov 2019 22:05:36 GMT

GET
H2 200 picturefill.min.js Show response
www.forcepoint.com/sites/all/modules/contrib/picture/picturefill2/ 8 KB
4 KB 348ms
346ms Script
application/javascript 54.191.140.180
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.forcepoint.com/sites/all/modules/contrib/picture/picturefill2/picturefill.min.js?v=2.3.1
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.191.140.180 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-191-140-180.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 13be2fe24ef2f32d509d2e1b9a1d545043032200b70309d29b457352b4bdfc0b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:14 GMT
content-encoding: gzip
x-geo-country: NL
age: 93073
x-cache: HIT
status: 200
x-ah-environment: prod
content-length: 3247
x-request-id: v-9df72992-0662-11ea-b86f-879bde13adff
last-modified: Mon, 15 Jul 2019 22:57:48 GMT
server: nginx
vary: Accept-Encoding,X-Geo-Country
content-type: application/javascript
via: varnish
expires: Wed, 27 Nov 2019 22:12:01 GMT
cache-control: max-age=1209600
accept-ranges: bytes
x-cache-hits: 664

GET
H2 200 picture.min.js Show response
www.forcepoint.com/sites/all/modules/contrib/picture/ 606 B
679 B 348ms
346ms Script
application/javascript 54.191.140.180
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.forcepoint.com/sites/all/modules/contrib/picture/picture.min.js?v=7.67
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.191.140.180 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-191-140-180.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 26e99e06771527b1910c77822cd645c9757fbeaddf94aba93a36d540f1a007bd

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:14 GMT
content-encoding: gzip
x-geo-country: NL
age: 93073
x-cache: HIT
status: 200
x-ah-environment: prod
content-length: 339
x-request-id: v-9df74832-0662-11ea-b0f5-83889e734e40
last-modified: Mon, 15 Jul 2019 22:57:58 GMT
server: nginx
vary: Accept-Encoding,X-Geo-Country
content-type: application/javascript
via: varnish
expires: Wed, 27 Nov 2019 22:12:01 GMT
cache-control: max-age=1209600
accept-ranges: bytes
x-cache-hits: 665

GET
H2 200 forcepoint.svg
www.forcepoint.com/sites/all/themes/custom/forcepoint/img/logos/ 3 KB
4 KB 196ms
194ms Image
image/svg+xml 54.191.140.180
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.forcepoint.com/sites/all/themes/custom/forcepoint/img/logos/forcepoint.svg
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.191.140.180 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-191-140-180.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 3227f6069098cdc37c2ead28fa22bca6c3522c82276e645294a49e27a8c64861

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:15 GMT
via: varnish
x-geo-country: NL
age: 93074
x-cache: HIT
status: 200
x-cache-hits: 663
x-ah-environment: prod
content-length: 3549
x-request-id: v-9df73d92-0662-11ea-84b0-0bc0cf5ef4a8
last-modified: Mon, 29 Oct 2018 09:33:33 GMT
server: nginx
vary: X-Geo-Country
content-type: image/svg+xml
cache-control: max-age=1209600
accept-ranges: bytes
expires: Wed, 27 Nov 2019 22:12:01 GMT

GET
H2 200 css__as1Qb3bBVIiytfKtxVFsBrQ25MQuRab6KE-kByj9aRs__VWqgK-R9tpmll1UjyiJwdIN7kUzpass55cDgnIXOJbQ__p_cNTklmXBgJ6hXdyTOOwbRHnv0FjFlSByOf01De_BQ.css
www.forcepoint.com/sites/default/files/advagg_css/ 5 KB
2 KB 196ms
194ms Stylesheet
text/css 54.191.140.180
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.forcepoint.com/sites/default/files/advagg_css/css__as1Qb3bBVIiytfKtxVFsBrQ25MQuRab6KE-kByj9aRs__VWqgK-R9tpmll1UjyiJwdIN7kUzpass55cDgnIXOJbQ__p_cNTklmXBgJ6hXdyTOOwbRHnv0FjFlSByOf01De_BQ.css
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.191.140.180 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-191-140-180.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: e57e807ef29a98b3741fb18f2507ef74643c9fc265a139c278857fd9bbce1e93

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:15 GMT
content-encoding: gzip
age: 93458
x-cache: HIT
status: 200
x-cache-hits: 13713
x-ah-environment: prod
content-length: 1634
x-request-id: v-b8bdfa36-0661-11ea-8d11-5735be21ae08
last-modified: Thu, 24 Oct 2019 15:40:11 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
via: varnish
cache-control: max-age=31449600, no-transform, public, immutable
accept-ranges: bytes
expires: Wed, 11 Nov 2020 22:05:36 GMT

GET
H2 200 image_placeholder.gif
www.forcepoint.com/sites/all/modules/contrib/lazyloader/ 2 KB
2 KB 195ms
193ms Image
image/gif 54.191.140.180
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.forcepoint.com/sites/all/modules/contrib/lazyloader/image_placeholder.gif
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.191.140.180 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-191-140-180.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 64755916bfcc7b6b2d39982af788b37ee5ea30c6763fac8f3248e9bb79184c43

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:15 GMT
via: varnish
expires: Wed, 27 Nov 2019 22:05:36 GMT
last-modified: Thu, 22 Aug 2019 22:40:04 GMT
server: nginx
age: 93458
x-cache: HIT
content-type: image/gif
status: 200
x-ah-environment: prod
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 1887
x-request-id: v-b8be11b0-0661-11ea-a71b-4f059f6697ad
x-cache-hits: 11421

GET
H2 200 malware.jpg
www.forcepoint.com/sites/default/files/styles/node___cyber_edu___full___xlarge/public/ 30 KB
30 KB 212ms
210ms Image
image/jpeg 54.191.140.180
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.forcepoint.com/sites/default/files/styles/node___cyber_edu___full___xlarge/public/malware.jpg?itok=lIS4rxhm&timestamp=1569534309
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.191.140.180 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-191-140-180.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: eeefff6bb825fa6fe1062bfbcbc6b2e4c61cf84ebd51e075d4d0177e0457388a

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:15 GMT
via: varnish
x-geo-country: NL
age: 0
x-cache: MISS
status: 200
x-ah-environment: prod
content-length: 30388
x-request-id: v-526e8fd6-073b-11ea-a55a-a36fdcd86cca
last-modified: Thu, 26 Sep 2019 21:45:16 GMT
server: nginx
vary: X-Geo-Country
content-type: image/jpeg
cache-control: max-age=1209600
accept-ranges: bytes
expires: Fri, 29 Nov 2019 00:03:15 GMT

GET
H2 200 fitara.jpg
www.forcepoint.com/sites/default/files/styles/node___cyber_edu___teaser___xlarge/public/ 9 KB
9 KB 196ms
193ms Image
image/jpeg 54.191.140.180
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.forcepoint.com/sites/default/files/styles/node___cyber_edu___teaser___xlarge/public/fitara.jpg?itok=KHThSe8K&timestamp=1572546151
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.191.140.180 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-191-140-180.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 5bc25d8dea40f0a08e4de55180ba479c266d0f8e22f5383fdd993674d50cafe8

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:15 GMT
via: varnish
x-geo-country: NL
age: 78808
x-cache: HIT
status: 200
x-cache-hits: 14
x-ah-environment: prod
content-length: 9080
x-request-id: v-d4e52c62-0683-11ea-be8c-f33b008743d8
last-modified: Thu, 31 Oct 2019 18:49:37 GMT
server: nginx
vary: X-Geo-Country
content-type: image/jpeg
cache-control: max-age=1209600
accept-ranges: bytes
expires: Thu, 28 Nov 2019 02:09:47 GMT

GET
H2 200 scada_security.jpg
www.forcepoint.com/sites/default/files/styles/node___cyber_edu___teaser___xlarge/public/ 7 KB
7 KB 196ms
194ms Image
image/jpeg 54.191.140.180
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.forcepoint.com/sites/default/files/styles/node___cyber_edu___teaser___xlarge/public/scada_security.jpg?itok=GiaVZ7Yp&timestamp=1552731302
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.191.140.180 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-191-140-180.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 4e81f9fdae3a84ba97ae83d71ccdf89dbdb74c9a0dd0291c4ee7c9c6c4a9d0b4

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:15 GMT
via: varnish
x-geo-country: NL
age: 78808
x-cache: HIT
status: 200
x-cache-hits: 14
x-ah-environment: prod
content-length: 6915
x-request-id: v-d4e51e8e-0683-11ea-a21f-2b4a5b92a1d9
last-modified: Wed, 30 Oct 2019 18:30:19 GMT
server: nginx
vary: X-Geo-Country
content-type: image/jpeg
cache-control: max-age=1209600
accept-ranges: bytes
expires: Thu, 28 Nov 2019 02:09:47 GMT

GET
H2 200 byod_bring_your_own_device.jpg
www.forcepoint.com/sites/default/files/styles/node___cyber_edu___teaser___xlarge/public/ 14 KB
14 KB 197ms
195ms Image
image/jpeg 54.191.140.180
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.forcepoint.com/sites/default/files/styles/node___cyber_edu___teaser___xlarge/public/byod_bring_your_own_device.jpg?itok=lfnIVT0R&timestamp=1552731302
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.191.140.180 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-191-140-180.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: e7f4f6900a4b2038f5a91a7f6bbb754b7492187ffed2517bded7ce4d1c171526

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:15 GMT
via: varnish
x-geo-country: NL
age: 78808
x-cache: HIT
status: 200
x-cache-hits: 14
x-ah-environment: prod
content-length: 14454
x-request-id: v-d4e6adb2-0683-11ea-b847-2bb414283c64
last-modified: Wed, 09 Oct 2019 16:36:35 GMT
server: nginx
vary: X-Geo-Country
content-type: image/jpeg
cache-control: max-age=1209600
accept-ranges: bytes
expires: Thu, 28 Nov 2019 02:09:47 GMT

GET
H2 200 jquery.waypoints.min.js Show response
www.forcepoint.com/sites/all/themes/custom/forcepoint/bower_components/waypoints/lib/ 9 KB
3 KB 179ms
179ms Script
application/javascript 54.191.140.180
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.forcepoint.com/sites/all/themes/custom/forcepoint/bower_components/waypoints/lib/jquery.waypoints.min.js?q0xf11
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.191.140.180 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-191-140-180.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8c39ce2883aad8a36c4194dc053127b29efa1677cc12db45e805760c5d9f14d1

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:15 GMT
content-encoding: gzip
age: 93458
x-cache: HIT
status: 200
x-cache-hits: 16008
x-ah-environment: prod
content-length: 2698
x-request-id: v-b8617522-0661-11ea-a463-5f207c668d20
last-modified: Thu, 09 Aug 2018 10:13:44 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
via: varnish
cache-control: max-age=1209600
accept-ranges: bytes
expires: Wed, 27 Nov 2019 22:05:36 GMT

GET
H2 200 aos.js Show response
www.forcepoint.com/sites/all/themes/custom/forcepoint/lib/ 14 KB
5 KB 179ms
178ms Script
application/javascript 54.191.140.180
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.forcepoint.com/sites/all/themes/custom/forcepoint/lib/aos.js?q0xf11
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.191.140.180 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-191-140-180.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 4460f1596174d06cca957fdaca2c71e1a377cf1d6f07ee4c75ffb3bf3fc97a03

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:15 GMT
content-encoding: gzip
age: 93458
x-cache: HIT
status: 200
x-cache-hits: 16012
x-ah-environment: prod
content-length: 4503
x-request-id: v-b8b384fc-0661-11ea-bf31-67629b565ef0
last-modified: Wed, 09 Jan 2019 15:05:26 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
via: varnish
cache-control: max-age=1209600
accept-ranges: bytes
expires: Wed, 27 Nov 2019 22:05:36 GMT

GET
H2 200 feature_ws_marketo_getclid.js Show response
www.forcepoint.com/sites/all/modules/features/feature_ws_marketo/js/ 270 B
542 B 179ms
179ms Script
application/javascript 54.191.140.180
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.forcepoint.com/sites/all/modules/features/feature_ws_marketo/js/feature_ws_marketo_getclid.js?q0xf11
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.191.140.180 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-191-140-180.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 056a4e1b6dae094d40dc036f7c14bbf67bec689da69476fdcaf6fc88354c4a52

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:15 GMT
content-encoding: gzip
age: 93458
x-cache: HIT
status: 200
x-cache-hits: 15983
x-ah-environment: prod
content-length: 228
x-request-id: v-b8b414b2-0661-11ea-82d1-7f4f93850aa3
last-modified: Mon, 29 Oct 2018 09:33:33 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
via: varnish
cache-control: max-age=1209600
accept-ranges: bytes
expires: Wed, 27 Nov 2019 22:05:36 GMT

GET
H2 200 jcaption.js Show response
www.forcepoint.com/sites/all/modules/contrib/jcaption/ 5 KB
2 KB 178ms
178ms Script
application/javascript 54.191.140.180
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.forcepoint.com/sites/all/modules/contrib/jcaption/jcaption.js?q0xf11
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.191.140.180 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-191-140-180.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 82c7f18b9049b338b5af65d908ef232f6dee011cec43993fe9f7fad1d90d9818

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:15 GMT
content-encoding: gzip
age: 93458
x-cache: HIT
status: 200
x-cache-hits: 13763
x-ah-environment: prod
content-length: 1647
x-request-id: v-b8bd80e2-0661-11ea-940b-df11795a764f
last-modified: Fri, 22 Feb 2019 01:30:53 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
via: varnish
cache-control: max-age=1209600
accept-ranges: bytes
expires: Wed, 27 Nov 2019 22:05:36 GMT

GET
H2 200 lazyloader.js Show response
www.forcepoint.com/sites/all/modules/contrib/lazyloader/ 2 KB
1 KB 182ms
178ms Script
application/javascript 54.191.140.180
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.forcepoint.com/sites/all/modules/contrib/lazyloader/lazyloader.js?q0xf11
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.191.140.180 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-191-140-180.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 653f4d93f336e81c3eabbc455507a83f6f6a3b47aa7aa7b974041c36d5b46ee2

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:15 GMT
content-encoding: gzip
age: 93458
x-cache: HIT
status: 200
x-cache-hits: 12821
x-ah-environment: prod
content-length: 849
x-request-id: v-b8bd70de-0661-11ea-9acc-2beca34ae902
last-modified: Thu, 22 Aug 2019 22:40:13 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
via: varnish
cache-control: max-age=1209600
accept-ranges: bytes
expires: Wed, 27 Nov 2019 22:05:36 GMT

GET
H2 200 echo.min.js Show response
www.forcepoint.com/sites/all/libraries/echo/dist/ 2 KB
1 KB 183ms
179ms Script
application/javascript 54.191.140.180
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.forcepoint.com/sites/all/libraries/echo/dist/echo.min.js?q0xf11
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.191.140.180 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-191-140-180.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 7d3366a840ad0fcdeea218285ae72c6a42b2305d2f78481a3c5a1d3341cf1d54

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:15 GMT
content-encoding: gzip
age: 93458
x-cache: HIT
status: 200
x-cache-hits: 12835
x-ah-environment: prod
content-length: 870
x-request-id: v-b8beb322-0661-11ea-bdfa-87eaa792a62b
last-modified: Thu, 22 Aug 2019 22:40:04 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
via: varnish
cache-control: max-age=1209600
accept-ranges: bytes
expires: Wed, 27 Nov 2019 22:05:36 GMT

GET
H2 200 https-ws.sharethis.com-button-buttons.js Show response
www.forcepoint.com/sites/default/files/advagg_relocate/ 55 KB
16 KB 183ms
180ms Script
application/javascript 54.191.140.180
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.forcepoint.com/sites/default/files/advagg_relocate/https-ws.sharethis.com-button-buttons.js?q0xf11
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.191.140.180 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-191-140-180.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 011af481a6c21ebe9524e49d785ca76479a7f44c63e013848d2992cba4e12532

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:15 GMT
content-encoding: gzip
age: 93458
x-cache: HIT
status: 200
x-cache-hits: 4217
x-ah-environment: prod
content-length: 15759
x-request-id: v-b8c314a8-0661-11ea-81d7-137f502534ee
last-modified: Thu, 19 Sep 2019 03:15:05 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
via: varnish
cache-control: max-age=1209600
accept-ranges: bytes
expires: Wed, 27 Nov 2019 22:05:36 GMT

GET
H2 200 lang_dropdown.js Show response
www.forcepoint.com/sites/all/modules/contrib/lang_dropdown/ 3 KB
1 KB 183ms
180ms Script
application/javascript 54.191.140.180
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.forcepoint.com/sites/all/modules/contrib/lang_dropdown/lang_dropdown.js?q0xf11
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.191.140.180 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-191-140-180.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 02fd8218c0d1addb88c653b2f7211b8cd273312e59e6de51e5d2791627e7ef9d

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:15 GMT
content-encoding: gzip
age: 93458
x-cache: HIT
status: 200
x-cache-hits: 15491
x-ah-environment: prod
content-length: 848
x-request-id: v-b8be8488-0661-11ea-8881-eb686235c282
last-modified: Mon, 29 Oct 2018 09:33:33 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
via: varnish
cache-control: max-age=1209600
accept-ranges: bytes
expires: Wed, 27 Nov 2019 22:05:36 GMT

GET
H2 200 forms2.min.js Show response
www.forcepoint.com/sites/all/modules/features/feature_ws_marketo/js/ 164 KB
56 KB 184ms
181ms Script
application/javascript 54.191.140.180
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.forcepoint.com/sites/all/modules/features/feature_ws_marketo/js/forms2.min.js?q0xf11
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.191.140.180 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-191-140-180.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 98652e23a4c0cfcf2cc7001adb4a1795d7f49e57e32298fefc1d8360277c568e

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:15 GMT
content-encoding: gzip
age: 93458
x-cache: HIT
status: 200
x-cache-hits: 15891
x-ah-environment: prod
content-length: 57085
x-request-id: v-b8bd5c84-0661-11ea-8368-5ba0dae16414
last-modified: Thu, 09 Aug 2018 10:13:44 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
via: varnish
cache-control: max-age=1209600
accept-ranges: bytes
expires: Wed, 27 Nov 2019 22:05:36 GMT

GET
H2 200 gdpr.js Show response
www.forcepoint.com/sites/all/modules/features/feature_ws_marketo/js/behaviors/ 4 KB
2 KB 187ms
184ms Script
application/javascript 54.191.140.180
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.forcepoint.com/sites/all/modules/features/feature_ws_marketo/js/behaviors/gdpr.js?q0xf11
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.191.140.180 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-191-140-180.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 40e4dd489a6604c9784e4eed1bd68cb283b2f1a78ca0a4101d8bafa74d3f5cc6

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:15 GMT
content-encoding: gzip
age: 93458
x-cache: HIT
status: 200
x-cache-hits: 15841
x-ah-environment: prod
content-length: 1574
x-request-id: v-b8bea2ec-0661-11ea-9aa4-9777bcb2ab6d
last-modified: Tue, 15 Jan 2019 20:59:18 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
via: varnish
cache-control: max-age=1209600
accept-ranges: bytes
expires: Wed, 27 Nov 2019 22:05:36 GMT

GET
H2 200 honeypot.js Show response
www.forcepoint.com/sites/all/modules/features/feature_ws_marketo/js/behaviors/ 552 B
631 B 187ms
184ms Script
application/javascript 54.191.140.180
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.forcepoint.com/sites/all/modules/features/feature_ws_marketo/js/behaviors/honeypot.js?q0xf11
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.191.140.180 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-191-140-180.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: ec81e4fbe5e2a0af8b2b9153151fb9fa08ad82253728dc1348d84de136d252a8

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:15 GMT
content-encoding: gzip
age: 93458
x-cache: HIT
status: 200
x-cache-hits: 15911
x-ah-environment: prod
content-length: 317
x-request-id: v-b8bd8722-0661-11ea-ad32-ab6fc5b74e8f
last-modified: Tue, 23 Apr 2019 20:48:22 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
via: varnish
cache-control: max-age=1209600
accept-ranges: bytes
expires: Wed, 27 Nov 2019 22:05:36 GMT

GET
H2 200 eu_compliance.js Show response
www.forcepoint.com/sites/all/modules/custom/fp_marketing_eu_compliance/js/ 1 KB
909 B 188ms
185ms Script
application/javascript 54.191.140.180
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.forcepoint.com/sites/all/modules/custom/fp_marketing_eu_compliance/js/eu_compliance.js?q0xf11
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.191.140.180 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-191-140-180.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: cd5edd165cd6a9eb738aac6c6a5c6ba56ed5b998388868894f7959aa86d50a7b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:15 GMT
content-encoding: gzip
age: 93458
x-cache: HIT
status: 200
x-cache-hits: 15942
x-ah-environment: prod
content-length: 595
x-request-id: v-b8bd86a0-0661-11ea-a7b3-4f70e58430c6
last-modified: Mon, 29 Oct 2018 09:33:33 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
via: varnish
cache-control: max-age=1209600
accept-ranges: bytes
expires: Wed, 27 Nov 2019 22:05:36 GMT

GET
H2 200 sticky-sharethis.js Show response
www.forcepoint.com/sites/all/themes/custom/forcepoint/js/ 460 B
612 B 188ms
185ms Script
application/javascript 54.191.140.180
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.forcepoint.com/sites/all/themes/custom/forcepoint/js/sticky-sharethis.js?q0xf11
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.191.140.180 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-191-140-180.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 6b15bfca502a1fd835da1eaa33d575cf5c81570e6e2a63dd74dd924204615aa0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:15 GMT
content-encoding: gzip
age: 93458
x-cache: HIT
status: 200
x-cache-hits: 4227
x-ah-environment: prod
content-length: 298
x-request-id: v-b8c464a2-0661-11ea-b7d8-dbb998d5bf03
last-modified: Thu, 26 Sep 2019 21:26:09 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
via: varnish
cache-control: max-age=1209600
accept-ranges: bytes
expires: Wed, 27 Nov 2019 22:05:36 GMT

GET
H2 200 sticky-side.js Show response
www.forcepoint.com/sites/all/themes/custom/forcepoint/js/ 713 B
646 B 188ms
185ms Script
application/javascript 54.191.140.180
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.forcepoint.com/sites/all/themes/custom/forcepoint/js/sticky-side.js?q0xf11
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.191.140.180 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-191-140-180.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 96069e32ede08e5dbb97d656859b3718534454c849900ecf1be017d326018154

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:15 GMT
content-encoding: gzip
age: 93427
x-cache: HIT
status: 200
x-cache-hits: 3689
x-ah-environment: prod
content-length: 333
x-request-id: v-cb4393f0-0661-11ea-8ae5-c79cf48021c0
last-modified: Wed, 09 Oct 2019 22:13:06 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
via: varnish
cache-control: max-age=1209600
accept-ranges: bytes
expires: Wed, 27 Nov 2019 22:06:07 GMT

GET
H2 200 responsiveslides.js Show response
www.forcepoint.com/sites/all/modules/features/feature_ws_text/js/ 12 KB
3 KB 194ms
192ms Script
application/javascript 54.191.140.180
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.forcepoint.com/sites/all/modules/features/feature_ws_text/js/responsiveslides.js?q0xf11
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.191.140.180 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-191-140-180.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: f9ecdd229eb669bbf201b6ac821b60037c354895760b25c320bdb746fdf5083d

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:15 GMT
content-encoding: gzip
age: 93458
x-cache: HIT
status: 200
x-cache-hits: 15903
x-ah-environment: prod
content-length: 3172
x-request-id: v-b8bd8e02-0661-11ea-ba0e-ab2bbbb4c27f
last-modified: Mon, 29 Oct 2018 09:33:33 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
via: varnish
cache-control: max-age=1209600
accept-ranges: bytes
expires: Wed, 27 Nov 2019 22:05:36 GMT

GET
H2 200 feature_ws_text.js Show response
www.forcepoint.com/sites/all/modules/features/feature_ws_text/js/ 4 KB
1 KB 200ms
198ms Script
application/javascript 54.191.140.180
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.forcepoint.com/sites/all/modules/features/feature_ws_text/js/feature_ws_text.js?q0xf11
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.191.140.180 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-191-140-180.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: d5ccf90219d8f1a0c0da3036c5cedb91be4599ea4ac8c06316eb37e17b66585b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:15 GMT
content-encoding: gzip
age: 93458
x-cache: HIT
status: 200
x-cache-hits: 15889
x-ah-environment: prod
content-length: 1100
x-request-id: v-b8bdba62-0661-11ea-bd2c-531526f6e2c6
last-modified: Thu, 09 Aug 2018 10:13:44 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
via: varnish
cache-control: max-age=1209600
accept-ranges: bytes
expires: Wed, 27 Nov 2019 22:05:36 GMT

GET
H2 200 init_marketo_forms.js Show response
www.forcepoint.com/sites/all/modules/features/feature_ws_marketo/js/ 922 B
779 B 196ms
193ms Script
application/javascript 54.191.140.180
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.forcepoint.com/sites/all/modules/features/feature_ws_marketo/js/init_marketo_forms.js?q0xf11
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.191.140.180 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-191-140-180.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: a928c8a9bf6e998e13ed54d631a06032e11baa7f399905b88b4080ddd14a1e2b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:15 GMT
content-encoding: gzip
age: 93458
x-cache: HIT
status: 200
x-cache-hits: 15875
x-ah-environment: prod
content-length: 465
x-request-id: v-b8bda50e-0661-11ea-8f49-7b0291c75d55
last-modified: Mon, 29 Oct 2018 09:33:33 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
via: varnish
cache-control: max-age=1209600
accept-ranges: bytes
expires: Wed, 27 Nov 2019 22:05:36 GMT

GET
H2 200 scripts.js Show response
www.forcepoint.com/sites/all/themes/custom/forcepoint/js/ 31 KB
8 KB 195ms
192ms Script
application/javascript 54.191.140.180
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.forcepoint.com/sites/all/themes/custom/forcepoint/js/scripts.js?q0xf11
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.191.140.180 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-191-140-180.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: f8189a76326254eb6e5dd385f91ef00a19cd87be410e5592bf8134df72d2121d

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:15 GMT
content-encoding: gzip
age: 93458
x-cache: HIT
status: 200
x-cache-hits: 15880
x-ah-environment: prod
content-length: 7939
x-request-id: v-b8bde50a-0661-11ea-8d0a-7b53473325f7
last-modified: Thu, 24 Oct 2019 15:36:57 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
via: varnish
cache-control: max-age=1209600
accept-ranges: bytes
expires: Wed, 27 Nov 2019 22:05:36 GMT

GET
H/1.1

200
OK

/
attr.ml-api.io/
Redirect Chain

https://s.ml-attr.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dwww.forcepoint.com%26pId%3d%24UID
https://secure.adnxs.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dwww.forcepoint.com%26pId%3d%24UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fattr.ml-api.io%252f%253fdomain%253dwww.forcepoint.com%2526pId%253d%2524UID
https://attr.ml-api.io/?domain=www.forcepoint.com&pId=1492956508152457643

4 B
484 B

591ms
408ms

Image
image/jpeg

13.224.196.93
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://attr.ml-api.io/?domain=www.forcepoint.com&pId=1492956508152457643
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.196.93 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-196-93.fra2.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 Nov 2019 00:03:16 GMT
Via: 1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C1
x-amzn-RequestId: 27112ad8-3ca1-4665-854f-ec5d3349d04b
X-Cache: Miss from cloudfront
Content-Type: image/jpeg
X-Amzn-Trace-Id: Root=1-5dcdeb44-79b1295bfa9df7a11c4c4498;Sampled=0
Connection: keep-alive
x-amz-apigw-id: DLGyrEKQoAMFYSQ=
Content-Length: 4
X-Amz-Cf-Id: X9JON93akpDqSGGfVPUe2Oce7_gAe4yJgyUAUK3Fv_05JAunL_YOKA==

Redirect headers

Pragma: no-cache
Date: Fri, 15 Nov 2019 00:03:17 GMT
X-Proxy-Origin: 89.39.105.174; 89.39.105.174; 307.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.169:80
AN-X-Request-Uuid: c4ecd828-1f55-4045-9267-3921ea7673fe
Server: nginx/1.13.4
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://attr.ml-api.io/?domain=www.forcepoint.com&pId=1492956508152457643
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 pfr5ptw.css
use.typekit.net/ 7 KB
1 KB 85ms
31ms Stylesheet
text/css 104.111.215.74
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/pfr5ptw.css

Requested by

Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.215.74 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-215-74.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

630057f76d601d1a93b7a95d98b8e8c3f5ec25a11d26adb6d81f81ebf0ff2427

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
status: 200
date: Fri, 15 Nov 2019 00:03:15 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
content-length: 938

GET
H2 200 p.css
p.typekit.net/ 5 B
168 B 26ms
25ms Stylesheet
text/css 104.111.215.74
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=pfr5ptw&ht=tk&f=2028.40407.40408.40409.40410.40413.40414.40415.40416&a=16699651&app=typekit&e=css
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.215.74 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-215-74.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:15 GMT
last-modified: Mon, 21 Oct 2019 19:51:00 GMT
server: nginx
etag: "5dae0c24-5"
status: 200
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 5
expires: Wed, 30 Oct 2019 04:50:36 GMT

GET
H2 200 js_visitor_settings.php Show response
dev.visualwebsiteoptimizer.com/deploy/ 22 KB
6 KB 75ms
25ms Script
application/javascript 159.122.87.148
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=371490&url=https%3A%2F%2Fwww.forcepoint.com%2Fcyber-edu%2Fmalware&random=0.164310250327947
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/websense/forcepoint-2018/prod/utag.sync.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.122.87.148 Frankfurt am Main, Germany, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS: 94.57.7a9f.ip4.static.sl-reverse.com
Software: fra1dacdn /
Resource Hash: a1bd6a4c3dfee38b08fced2dae99560888b3450b6568f268479617385ee9c7d0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

status: 200
date: Fri, 15 Nov 2019 00:03:14 GMT
content-encoding: gzip
server: fra1dacdn
content-type: application/javascript; charset=UTF-8

GET
H2 200 track-72d70682954d02ad4a07eb3e90eb3631.js Show response
dev.visualwebsiteoptimizer.com/6.0/ 11 KB
4 KB 25ms
24ms Script
text/javascript 159.122.87.148
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/6.0/track-72d70682954d02ad4a07eb3e90eb3631.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=371490&url=https%3A%2F%2Fwww.forcepoint.com%2Fcyber-edu%2Fmalware&random=0.164310250327947
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.122.87.148 Frankfurt am Main, Germany, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS: 94.57.7a9f.ip4.static.sl-reverse.com
Software: fra1dacdn /
Resource Hash: 87d5dc85e9536d63ea6d84a684ec4c733edc12685130c0ab8776cba0322e7a21

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 15 Nov 2019 00:03:14 GMT
content-encoding: br
last-modified: Thu, 14 Nov 2019 05:33:12 GMT
server: fra1dacdn
status: 200
etag: "5dcce718-dc3"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3523

GET
H2 200 opa-716a6f3c05175f763da4df8bc880da4c.js Show response
dev.visualwebsiteoptimizer.com/analysis/2.0/ 149 KB
42 KB 28ms
28ms Script
application/javascript 159.122.87.148
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/analysis/2.0/opa-716a6f3c05175f763da4df8bc880da4c.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=371490&url=https%3A%2F%2Fwww.forcepoint.com%2Fcyber-edu%2Fmalware&random=0.164310250327947
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.122.87.148 Frankfurt am Main, Germany, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS: 94.57.7a9f.ip4.static.sl-reverse.com
Software: fra1dacdn /
Resource Hash: a67734b167793dc0af9c839d6708d15f0d4d24892035f6ef40b2cb9afa129d5a

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 15 Nov 2019 00:03:14 GMT
content-encoding: br
last-modified: Thu, 14 Nov 2019 05:33:08 GMT
server: fra1dacdn
status: 200
etag: "5dcce714-a873"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 43123

GET
H2 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
238 B 26ms
24ms Image
image/gif 159.122.87.148
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?a=371490&d=forcepoint.com&u=DA8D9DABF581F4D2B9D65550EBE358BD0&h=409fc1b1df2db40eb2b03aa5f8a11945&r=0.2871399072631633

Requested by

Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.122.87.148 Frankfurt am Main, Germany, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

94.57.7a9f.ip4.static.sl-reverse.com

Software

fra1dacdn /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Nov 2019 00:03:15 GMT
x-content-type-options: nosniff
server: fra1dacdn
content-type: image/gif
status: 200
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H/1.1 200
OK vis_opt.js Show response
d5phz18u4wuww.cloudfront.net/ 168 KB
56 KB 122ms
41ms Script
text/javascript 13.224.197.121
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d5phz18u4wuww.cloudfront.net/vis_opt.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/websense/forcepoint-2018/prod/utag.sync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.197.121 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-197-121.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e96ee4202dd697f4757a0c1502f5b3ae79c0d59d0823d80a80ac3ed97132d861

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Thu, 14 Nov 2019 23:19:00 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Thu, 02 May 2019 08:14:16 GMT
Server: AmazonS3
Age: 2656
ETag: "85932b0cd7c8dce121fa1923529a3189"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
Cache-Control: max-age=3600
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 57240
X-Amz-Cf-Id: gsigZ8IXZvIT4jvc10D7ip9lm49qzCVDu8uAgQ_kGwF0FsuCoqgZGQ==

GET
H2 200 vis_opt-72d70682954d02ad4a07eb3e90eb3631.js Show response
dev.visualwebsiteoptimizer.com/6.0/ 185 KB
54 KB 25ms
24ms Script
text/javascript 159.122.87.148
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/6.0/vis_opt-72d70682954d02ad4a07eb3e90eb3631.js
Requested by: Host: d5phz18u4wuww.cloudfront.net
URL: https://d5phz18u4wuww.cloudfront.net/vis_opt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.122.87.148 Frankfurt am Main, Germany, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS: 94.57.7a9f.ip4.static.sl-reverse.com
Software: fra1dacdn /
Resource Hash: e45c02063f0c560ad6a1d39fd69cc5ca4a48d9a1ae0111ecbb01e584dc76fc02

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 15 Nov 2019 00:03:14 GMT
content-encoding: br
last-modified: Thu, 14 Nov 2019 05:33:12 GMT
server: fra1dacdn
status: 200
etag: "5dcce718-d5fa"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 54778

GET
H2 200 worker-1acd6955248e984d8c16ea37afb8cbb7.js Show response
dev.visualwebsiteoptimizer.com/analysis/ 45 KB
13 KB 64ms
21ms XHR
application/javascript 159.122.87.148
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/analysis/worker-1acd6955248e984d8c16ea37afb8cbb7.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/analysis/2.0/opa-716a6f3c05175f763da4df8bc880da4c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.122.87.148 Frankfurt am Main, Germany, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS: 94.57.7a9f.ip4.static.sl-reverse.com
Software: fra1dacdn /
Resource Hash: 20b2920e1eb0e8988ec59f3a92c40e8269645b867ba778e15499297d0cc8f79c

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 15 Nov 2019 00:03:15 GMT
content-encoding: br
last-modified: Thu, 14 Nov 2019 05:33:08 GMT
server: fra1dacdn
status: 200
etag: "5dcce714-3313"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13075

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/websense/forcepoint-2018/prod/ 324 KB
95 KB 157ms
156ms Script
text/javascript 152.199.23.241
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/websense/forcepoint-2018/prod/utag.js
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (lab/4EC4) /
Resource Hash: a4ab76e5a9fff70a6c624099464e32bc44a3cc9918708442d709bffcb246c498

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:15 GMT
content-encoding: gzip
last-modified: Thu, 24 Oct 2019 18:57:57 GMT
server: ECAcc (lab/4EC4)
etag: "462745073"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=300
accept-ranges: bytes
content-length: 97225
expires: Fri, 15 Nov 2019 00:08:15 GMT

GET
DATA 200
OK truncated
/ 560 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 890ed26cc0290a38c48a99ed4816b8237593d8748ee8b9f20e07849f91a28bb6

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 152 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6c73a603331a2aaef27ee7573b9a259e6b95da98a69ed77b158dc269b7cfab6d

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 151 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 89661b536520a60b10ed5faf2f6b3f72202ad6a48e46a3448ba95eccbae37f19

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 660 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de36a4355106fb331f976513b3090b8ec6586412309ee233a2bdc9f97f8f179e

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 151 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a26a93fa4f6cd38fe9272c6a9bc2aa422b37810fa0bd6a483151348376ade1ed

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 icon-anchor-arrow-blue.svg
www.forcepoint.com/sites/all/themes/custom/forcepoint/img/static-icons/ 655 B
960 B 191ms
190ms Image
image/svg+xml 54.191.140.180
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.forcepoint.com/sites/all/themes/custom/forcepoint/img/static-icons/icon-anchor-arrow-blue.svg
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.191.140.180 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-191-140-180.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 423d93b5e3f5735f22d497170a618ca6180435b033bfc2ad9300d7b5b3819b8e

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/sites/default/files/advagg_css/css__Fa-F7XdMmkbm_vfNidz-QFjzxYED_tEyLgIwx4ll_sQ__PTkhgKF23mslVQACF808cDWJNcqXgaJvWhlg6hPjekc__p_cNTklmXBgJ6hXdyTOOwbRHnv0FjFlSByOf01De_BQ.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:15 GMT
via: varnish
x-geo-country: NL
age: 93059
x-cache: HIT
status: 200
x-cache-hits: 632
x-ah-environment: prod
content-length: 655
x-request-id: v-a694aa34-0662-11ea-b03c-774686b482ad
last-modified: Thu, 14 Mar 2019 19:30:59 GMT
server: nginx
vary: X-Geo-Country
content-type: image/svg+xml
cache-control: max-age=1209600
accept-ranges: bytes
expires: Wed, 27 Nov 2019 22:12:15 GMT

GET
DATA 200
OK truncated
/ 125 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f837fbdab0ba5ef7e52f8a48c9eae23dc8820a39e5c45f517442da89e46afcd5

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 white-waves-w-backgroundwhite.svg
www.forcepoint.com/sites/all/themes/custom/forcepoint/img/backgrounds/ 9 KB
9 KB 189ms
189ms Image
image/svg+xml 54.191.140.180
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.forcepoint.com/sites/all/themes/custom/forcepoint/img/backgrounds/white-waves-w-backgroundwhite.svg
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.191.140.180 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-191-140-180.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: bd49cec35e6c1fb7e1635ddddeb03935dd7e02515ae90ee66b520ae01e80a3e2

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/sites/default/files/advagg_css/css__Fa-F7XdMmkbm_vfNidz-QFjzxYED_tEyLgIwx4ll_sQ__PTkhgKF23mslVQACF808cDWJNcqXgaJvWhlg6hPjekc__p_cNTklmXBgJ6hXdyTOOwbRHnv0FjFlSByOf01De_BQ.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:15 GMT
via: varnish
x-geo-country: NL
age: 78808
x-cache: HIT
status: 200
x-cache-hits: 19
x-ah-environment: prod
content-length: 9227
x-request-id: v-d4eca172-0683-11ea-8caa-4f4a8c7af3f6
last-modified: Mon, 11 Feb 2019 23:47:24 GMT
server: nginx
vary: X-Geo-Country
content-type: image/svg+xml
cache-control: max-age=1209600
accept-ranges: bytes
expires: Thu, 28 Nov 2019 02:09:47 GMT

GET
DATA 200
OK truncated
/ 558 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50606cd81d2ce35f5cc80eece3e09426c424a94f5f240fc7364d9eda5bf4b950

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 356 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 833975c410d4a2f66aeaaa86477bcd7573b4fee50c677ed648cffc37896bae4d

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 383 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3464a2f10d4f778b515eef96c079c165ea6bc1ff58b70fd0accdc6cc762fc23

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 light-cyan-curve.svg
www.forcepoint.com/sites/all/themes/custom/forcepoint/img/backgrounds/ 808 B
1 KB 189ms
189ms Image
image/svg+xml 54.191.140.180
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.forcepoint.com/sites/all/themes/custom/forcepoint/img/backgrounds/light-cyan-curve.svg
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.191.140.180 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-191-140-180.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 07d2c2d4dd9d16e83abe315702d047a36fa215ceaecc2efd75de0a22ee1b3c7f

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/sites/default/files/advagg_css/css__Fa-F7XdMmkbm_vfNidz-QFjzxYED_tEyLgIwx4ll_sQ__PTkhgKF23mslVQACF808cDWJNcqXgaJvWhlg6hPjekc__p_cNTklmXBgJ6hXdyTOOwbRHnv0FjFlSByOf01De_BQ.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:15 GMT
via: varnish
x-geo-country: NL
age: 78808
x-cache: HIT
status: 200
x-cache-hits: 19
x-ah-environment: prod
content-length: 808
x-request-id: v-d4ef9a58-0683-11ea-99cb-db75d63f4eb0
last-modified: Tue, 19 Mar 2019 21:10:23 GMT
server: nginx
vary: X-Geo-Country
content-type: image/svg+xml
cache-control: max-age=1209600
accept-ranges: bytes
expires: Thu, 28 Nov 2019 02:09:47 GMT

GET
DATA 200
OK truncated
/ 404 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0b83d6d20535213572ffe076a75e720327f953bc0b1da87b1427a939c7349385

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 487 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6981f2c15569375be599eef829f1f6cfb1c82f12bf8d4a3a1bc21ef2671e22f8

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 bottom-upper-curve.svg
www.forcepoint.com/sites/all/themes/custom/forcepoint/img/backgrounds/ 198 B
502 B 188ms
188ms Image
image/svg+xml 54.191.140.180
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.forcepoint.com/sites/all/themes/custom/forcepoint/img/backgrounds/bottom-upper-curve.svg
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.191.140.180 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-191-140-180.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 1bc631b8619af42059b75dee6c0e7f06ed78ea9d718cf265bbc7e46791236b13

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/sites/default/files/advagg_css/css__Fa-F7XdMmkbm_vfNidz-QFjzxYED_tEyLgIwx4ll_sQ__PTkhgKF23mslVQACF808cDWJNcqXgaJvWhlg6hPjekc__p_cNTklmXBgJ6hXdyTOOwbRHnv0FjFlSByOf01De_BQ.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:15 GMT
via: varnish
x-geo-country: NL
age: 78808
x-cache: HIT
status: 200
x-cache-hits: 19
x-ah-environment: prod
content-length: 198
x-request-id: v-d4f12a4e-0683-11ea-b5e6-1b331aa9c5d5
last-modified: Mon, 20 May 2019 13:19:05 GMT
server: nginx
vary: X-Geo-Country
content-type: image/svg+xml
cache-control: max-age=1209600
accept-ranges: bytes
expires: Thu, 28 Nov 2019 02:09:47 GMT

GET
DATA 200
OK truncated
/ 431 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 165ce8263ca664be948ad36d6dc751b06a81d6f63771fc13d6628c021bac4f08

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 688 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 53a4b4d9fcb03daf56eb9d0daf33f42111003ce893992009baea66c45a418264

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 l
use.typekit.net/af/5d1912/00000000000000003b9b257a/27/ 18 KB
19 KB 72ms
29ms Font
application/font-woff2 104.111.215.74
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/5d1912/00000000000000003b9b257a/27/l?primer=45f22a211fe517ce4cc2095c8ff30f796db9f5aae4a39b411b57ce60f2963cb5&fvd=n4&v=3
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.215.74 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-215-74.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 7f5c821e9fd780ec5b3b15c4dc80b85fae52b830ea38685d21f8a46fa50972bd

Request headers

Sec-Fetch-Mode: cors
Referer: https://use.typekit.net/pfr5ptw.css
Origin: https://www.forcepoint.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:15 GMT
server: nginx
etag: "f3d7a835c2d0419a3ff4402adcb1bd3718e8b0ba"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 18836

GET
H2 200 l
use.typekit.net/af/dea00e/00000000000000003b9b2580/27/ 19 KB
19 KB 87ms
44ms Font
application/font-woff2 104.111.215.74
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/dea00e/00000000000000003b9b2580/27/l?primer=45f22a211fe517ce4cc2095c8ff30f796db9f5aae4a39b411b57ce60f2963cb5&fvd=n7&v=3
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.215.74 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-215-74.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e37f948152be3cb3ae0d95da84f8f29abbb0ddaaa29e99987e6978a417cd011c

Request headers

Sec-Fetch-Mode: cors
Referer: https://use.typekit.net/pfr5ptw.css
Origin: https://www.forcepoint.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:15 GMT
server: nginx
etag: "226488b2ddd917aa6a2861516d613ca4b0958903"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 19072

GET
H2 200 l
use.typekit.net/af/5e3d62/00000000000000003b9b257e/27/ 19 KB
19 KB 103ms
62ms Font
application/font-woff2 104.111.215.74
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/5e3d62/00000000000000003b9b257e/27/l?primer=45f22a211fe517ce4cc2095c8ff30f796db9f5aae4a39b411b57ce60f2963cb5&fvd=n6&v=3
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.215.74 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-215-74.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 78bb5fbd98536862dba931de4bdf3185c8fa7270872bb7c1d880257cd586a385

Request headers

Sec-Fetch-Mode: cors
Referer: https://use.typekit.net/pfr5ptw.css
Origin: https://www.forcepoint.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:15 GMT
server: nginx
etag: "86f61c57d03514409df176fb02df083d006cc821"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 19028

GET
H2 200 l
use.typekit.net/af/d9dfc1/00000000000000003b9b2578/27/ 19 KB
19 KB 98ms
57ms Font
application/font-woff2 104.111.215.74
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/d9dfc1/00000000000000003b9b2578/27/l?primer=45f22a211fe517ce4cc2095c8ff30f796db9f5aae4a39b411b57ce60f2963cb5&fvd=n3&v=3
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.215.74 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-215-74.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 44e017f352177fac2b343b0bed9e7c579ab3873f407d73113ba2123b98f00fe8

Request headers

Sec-Fetch-Mode: cors
Referer: https://use.typekit.net/pfr5ptw.css
Origin: https://www.forcepoint.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:15 GMT
server: nginx
etag: "9c6775843d8c637f70a466173045e4c49cf9e723"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 19040

GET
H2 200 l
use.typekit.net/af/53dec0/0000000000000000000100fe/27/ 18 KB
18 KB 84ms
43ms Font
application/font-woff2 104.111.215.74
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/53dec0/0000000000000000000100fe/27/l?primer=45f22a211fe517ce4cc2095c8ff30f796db9f5aae4a39b411b57ce60f2963cb5&fvd=n3&v=3
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.215.74 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-215-74.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: af82f815d8e13ce5a219c982662bc727bc22db0b4429883d7334522bddb69cc9

Request headers

Sec-Fetch-Mode: cors
Referer: https://use.typekit.net/pfr5ptw.css
Origin: https://www.forcepoint.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:15 GMT
server: nginx
etag: "c08e4a570d645eadc3d6cac7e4e5d2f906e8f80e"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 18268

GET
H2 200 async-buttons.js Show response
ws.sharethis.com/button/ 89 KB
19 KB 24ms
6ms Script
application/javascript 2600:9000:21f3:dc00:3:c04e:c780:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sharethis.com/button/async-buttons.js
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/sites/default/files/advagg_relocate/https-ws.sharethis.com-button-buttons.js?q0xf11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:dc00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 764262648df23049f6c23fe89dc20106a96c4624412a8ad20ec54bb7bbae6c6e

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 12 Nov 2019 03:07:31 GMT
content-encoding: gzip
server: nginx/1.12.2
age: 248150
etag: W/"5d9e5f50-162e8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=259200
x-amz-cf-pop: FRA2-C2
x-robots-tag: noindex, nofollow
x-amz-cf-id: wv5VmNnSPmkrR_O4dVNC9h4SmJi36xjzY1HIq4bsO2Kj0O1C-L6KCw==
via: 1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
expires: Tue, 12 Nov 2019 03:07:24 GMT

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=4.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8DC067C25245AFA80A490D4C%40AdobeOrg&d_nsid=0&ts=1573776195667
https://dpm.demdex.net/id/rd?d_visid_ver=4.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8DC067C25245AFA80A490D4C%40AdobeOrg&d_nsid=0&ts=1573776195667

370 B
1 KB

37ms
37ms

XHR
application/json

34.247.192.223
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=4.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8DC067C25245AFA80A490D4C%40AdobeOrg&d_nsid=0&ts=1573776195667

Requested by

Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.247.192.223 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-34-247-192-223.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7512351622a88647c44b89197102fc8284443cad80b463ed5bd59d071ac883ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v054-02ea4d95e.edge-irl1.demdex.com 5.63.0.20191112162344 4ms (+2ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-TID: GZP0HD7bRrM=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.forcepoint.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 306
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://www.forcepoint.com
X-TID: 4xvSq+wMS1c=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/id/rd?d_visid_ver=4.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8DC067C25245AFA80A490D4C%40AdobeOrg&d_nsid=0&ts=1573776195667
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 portal.html
c.sharethis.mgr.consensu.org/ Frame 02DD 0
0 23ms
6ms Document
text/html 2600:9000:20eb:4e00:c:a9b7:ddc0:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://c.sharethis.mgr.consensu.org/portal.html
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/sites/default/files/advagg_relocate/https-ws.sharethis.com-button-buttons.js?q0xf11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:4e00:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: c.sharethis.mgr.consensu.org
:scheme: https
:path: /portal.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.forcepoint.com/cyber-edu/malware
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.forcepoint.com/cyber-edu/malware

Response headers

status: 200
content-type: text/html; charset=utf-8
accept-ranges: bytes
content-encoding: gzip
edge-control: cache-maxage=60m,downstream-ttl=60m
last-modified: Wed, 13 Nov 2019 21:25:45 GMT
date: Thu, 14 Nov 2019 23:59:14 GMT
cache-control: max-age=600, public
etag: W/"361b-16e66a86fa8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e976f829f2d1c4787d42d0595ae7cf75.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 7r2P3Za4q-mP2p5lsreYSQriaaPkASWifDGBo2cKApHIjs6srdY2_A==
age: 243

GET
H2 200 buttons-secure.css
ws.sharethis.com/button/css/ 23 KB
4 KB 7ms
6ms Stylesheet
text/css 2600:9000:21f3:dc00:3:c04e:c780:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sharethis.com/button/css/buttons-secure.css
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:dc00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 14 Nov 2019 16:43:24 GMT
content-encoding: gzip
last-modified: Wed, 09 Oct 2019 22:29:37 GMT
server: nginx/1.12.2
age: 26391
etag: "5d9e5f51-5a76"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
status: 200
x-amz-cf-pop: FRA2-C2
x-robots-tag: noindex, nofollow
content-length: 3851
via: 1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
x-amz-cf-id: nf3aBtIeQyExzvTgDO_JLYKNgK141_xg5VcXRGhmm_vblBbkyPZ9ig==

GET /
www.forcepoint.com/en/ajax/eu-cookie-compliance/ 0
0

GET
DATA 200
OK truncated
/ 263 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc23a7b4a0ea0b90e90908df04bda3ba40b0e8d7a394c06f6bcdf68e8d59ca81

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 403 getForm
app-abm.marketo.com/index.php/form/ 0
0 245ms
37ms Script
text/html 104.16.94.80
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://app-abm.marketo.com/index.php/form/getForm?munchkinId=018-NKF-008&form=1405&url=https%3A%2F%2Fwww.forcepoint.com%2Fcyber-edu%2Fmalware&callback=jQuery11020050519581461374585_1573776195674&_=1573776195675
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/sites/all/modules/features/feature_ws_marketo/js/forms2.min.js?q0xf11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.94.80 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: /
Resource Hash

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 loading.gif
www.forcepoint.com/sites/all/themes/custom/forcepoint/img/ 79 KB
79 KB 179ms
178ms Image
image/gif 54.191.140.180
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.forcepoint.com/sites/all/themes/custom/forcepoint/img/loading.gif
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.191.140.180 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-191-140-180.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 75c51258ee43a5b453c526eba47df808bef09ce59136344ef039d33139240f43

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:15 GMT
via: varnish
expires: Wed, 27 Nov 2019 22:05:37 GMT
last-modified: Thu, 22 Aug 2019 22:40:13 GMT
server: nginx
age: 93458
x-cache: HIT
content-type: image/gif
status: 200
x-ah-environment: prod
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 80522
x-request-id: v-b901b26c-0661-11ea-a359-ffefc27ed629
x-cache-hits: 10481

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:81b::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/websense/forcepoint-2018/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 5378
date: Thu, 14 Nov 2019 22:33:37 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Fri, 15 Nov 2019 00:33:37 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 68ms
22ms Script
application/x-javascript 184.31.84.223
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/websense/forcepoint-2018/prod/utag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.223 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a184-31-84-223.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f97341de4415531cb15d7472b1a00e875c1ad9b5541fd7e9f8ef5905f2a02092

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 Nov 2019 00:03:15 GMT
Content-Encoding: gzip
Last-Modified: Fri, 25 Oct 2019 16:30:39 GMT
Server: Apache
ETag: "521a36d038605fd35c0785cc62e39b0e:1572021039"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 766

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 3 KB
2 KB 7ms
7ms Script
application/x-javascript 2a02:26f0:6c00:296::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/websense/forcepoint-2018/prod/utag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:296::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 Nov 2019 00:03:15 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Oct 2019 16:41:31 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=23622
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1576

GET
H2 200 / Show response
6634a5cdf59e4bb3a8f70dcd111da346.js.ubembed.com/ 481 B
753 B 81ms
21ms Script
application/json 151.101.13.131
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://6634a5cdf59e4bb3a8f70dcd111da346.js.ubembed.com/
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/websense/forcepoint-2018/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.131 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: acabbd6a130811880b5350a7d0f00a853bed85d12b3ae22de1a6c8a3a4180340

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:15 GMT
content-encoding: br
x-backend-region: eu_west_1
age: 4193
x-amz-apigw-id: DK8jgFAjjoEFocA=
etag: 66239989a1923b65dedc2181e2267b4a-v0.177.0
vary: Accept-Encoding
x-cache: Miss from cloudfront, HIT
content-type: application/json
status: 200
cache-control: max-age=0, must-revalidate
x-amz-cf-pop: FRA6-C1
accept-ranges: none
access-control-allow-origin: *

GET
H2 200 bt3rzfauhdaf.js Show response
js.driftt.com/include/1573776300000/ 135 KB
44 KB 192ms
132ms Script
application/javascript 143.204.101.129
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1573776300000/bt3rzfauhdaf.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/websense/forcepoint-2018/prod/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.204.101.129 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-143-204-101-129.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

54c4b4c8cfaad2a095219121aaa89a55c8a7657d0203f2e45b7c90f2a1ec3a09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:15 GMT
content-encoding: gzip
vary: Accept-Encoding
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Thu, 14 Nov 2019 22:04:13 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
via: 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
cache-control: max-age=10
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: L9S3D_4a_uN-CUt7BaEY2ElZIAoKFSpQe9-lOIDdcU5MLcvCV5YjIg==

GET
H2

200

oct.js Show response
static.ads-twitter.com/
Redirect Chain

https://platform.twitter.com/oct.js
https://static.ads-twitter.com/oct.js

5 KB
2 KB

76ms
25ms

Script
application/javascript

151.101.12.157
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/oct.js
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:15 GMT
content-encoding: gzip
age: 56978
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 1954
x-served-by: cache-fra19132-FRA
last-modified: Tue, 23 Jan 2018 20:09:00 GMT
x-timer: S1573776196.880625,VS0,VE0
etag: "b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary: Accept-Encoding,Host
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: no-cache
accept-ranges: bytes

Redirect headers

Access-Control-Allow-Origin: *
Date: Fri, 15 Nov 2019 00:03:15 GMT
Server: ECS (fcn/40E8)
Content-Length: 0
Location: https://static.ads-twitter.com/oct.js
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 73 KB
27 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:808::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-801634614

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/websense/forcepoint-2018/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d065f1aadbe98a14f19b0c982f102f11cd32f76298ae629bcf53004b435c6433

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:15 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27627
x-xss-protection: 0
expires: Fri, 15 Nov 2019 00:03:15 GMT

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
116 B 22ms
22ms Script
text/javascript 152.199.23.241
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=websense/forcepoint-2018/201910241857&cb=1573776195791
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/websense/forcepoint-2018/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (lha/8CA3) /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:15 GMT
last-modified: Thu, 14 Apr 2016 16:59:33 GMT
server: ECAcc (lha/8CA3)
etag: "2243872957"
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=600
accept-ranges: bytes
content-length: 2
expires: Fri, 15 Nov 2019 00:13:15 GMT

GET
H/1.1 200
OK Cookie set dest5.html
websenseinc.demdex.net/ Frame EF09 0
0 154ms
34ms Document
text/html 52.213.115.189
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://websenseinc.demdex.net/dest5.html?d_nsid=0

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/websense/forcepoint-2018/prod/utag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.115.189 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-213-115-189.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: websenseinc.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://www.forcepoint.com/cyber-edu/malware
Accept-Encoding: gzip, deflate, br
Cookie: demdex=19169922926704231354484475181911398133
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.forcepoint.com/cyber-edu/malware

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=21600
Content-Encoding: gzip
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Thu, 14 Nov 2019 14:03:35 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Set-Cookie: demdex=19169922926704231354484475181911398133;Path=/;Domain=.demdex.net;Expires=Wed, 13-May-2020 00:03:15 GMT;Max-Age=15552000
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding, User-Agent
X-TID: MKH6GYpOQr8=
Content-Length: 2764
Connection: keep-alive

GET
H2 200 id Show response
analyticsssl.forcepoint.com/ 49 B
475 B 255ms
30ms XHR
application/x-javascript 15.188.31.119
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://analyticsssl.forcepoint.com/id?d_visid_ver=4.1.0&d_fieldgroup=A&mcorgid=8DC067C25245AFA80A490D4C%40AdobeOrg&mid=11858988113554787043806562658485578778&ts=1573776195804

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/websense/forcepoint-2018/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.31.119 Paris, France, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-15-188-31-119.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a409f44b38d2cd28cfc6f4ccb9d592e838e82ab611c86daa03d8a96b47814d39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

status: 200
date: Fri, 15 Nov 2019 00:03:15 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-5fc496b8d4-jvjg2
vary: Origin
x-c: master-1061.Iecc33a.M0-311
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.forcepoint.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-type: application/x-javascript
content-length: 49
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=Xc3rQwAAFQaAizx0
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=19169922926704231354484475181911398133
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Xc3rQwAAFQaAizx0

42 B
873 B

39ms
38ms

Image
image/gif

34.247.192.223
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Xc3rQwAAFQaAizx0

Requested by

Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.247.192.223 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-34-247-192-223.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v054-08c4cf37a.edge-irl1.demdex.com 5.63.0.20191112162344 1ms (+6ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: 1XYzNUb9Qjw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Fri, 15 Nov 2019 00:03:15 GMT
Server: AMO-cookiemap/1.1
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Xc3rQwAAFQaAizx0
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=15,max=100
Content-Length: 0

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
928 B 6ms
5ms Script
text/javascript 2a00:1450:4001:81b::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 14 Nov 2019 23:15:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 2874
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 859
x-xss-protection: 0
expires: Fri, 15 Nov 2019 00:15:21 GMT

GET
H/1.1

200
OK

sc Show response
l.sharethis.com/
Redirect Chain

https://l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&fpc=1724677-16e6c5f003d-121e7f89-1&sessionID=1573776195647.97457&hostname=www.forcepoint.com&location=%2Fcyber-edu%2Fmalware&pro...
https://l.sharethis.com/sc?cm=ZGYAA13N60MAAAASQKaaAw%3D%3D&uid=true&url=https%3A%2F%2Fwww.forcepoint.com%2Fcyber-edu%2Fmalware%23sthash.2OMrldYZ&sop=false

51 B
509 B

27ms
27ms

XHR
text/plain

3.120.46.255
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://l.sharethis.com/sc?cm=ZGYAA13N60MAAAASQKaaAw%3D%3D&uid=true&url=https%3A%2F%2Fwww.forcepoint.com%2Fcyber-edu%2Fmalware%23sthash.2OMrldYZ&sop=false
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.46.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-3-120-46-255.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 10979d0bf76262c125b3559c66208504c91bea31e247b46e6796ee32cd1660db

Request headers

Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 Nov 2019 00:03:15 GMT
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://www.forcepoint.com
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Headers: *
Content-Length: 51
Stid: ZGYAA13N60MAAAASQKaaAw==

Redirect headers

Date: Fri, 15 Nov 2019 00:03:15 GMT
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.forcepoint.com
Access-Control-Max-Age: 1728000
P3p: policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT DEM"
Location: /sc?cm=ZGYAA13N60MAAAASQKaaAw%3D%3D&uid=true&url=https%3A%2F%2Fwww.forcepoint.com%2Fcyber-edu%2Fmalware%23sthash.2OMrldYZ&sop=false
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Headers: *
Content-Length: 178
Stid: ZGYAA13N60MAAAASQKaaAw==

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=258729&url=https%3A%2F%2Fwww.forcepoint.com%2Fcyber-edu%2Fmalware&time=1573776195823
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D258729%26url%3Dhttps%253A%252F%252Fwww.forcepoint.com%252Fcyber-edu%252Fmalware%2...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=258729&url=https%3A%2F%2Fwww.forcepoint.com%2Fcyber-edu%2Fmalware&time=1573776195823&liSync=true

0
111 B

107ms
106ms

Image
application/javascript

2a05:f500:10:101::b93f:9105
LinkedIn Corporation

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=258729&url=https%3A%2F%2Fwww.forcepoint.com%2Fcyber-edu%2Fmalware&time=1573776195823&liSync=true
Requested by: Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:10:101::b93f:9105 , Ireland, ASN14413 (LINKEDIN - LinkedIn Corporation, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:16 GMT
content-encoding: gzip
server: Play
vary: Accept-Encoding
x-li-fabric: prod-lva1
status: 200
x-li-proto: http/2
x-li-pop: prod-efr5
content-type: application/javascript
content-length: 20
x-li-uuid: TYzgtBwt1xXwMBCGcysAAA==

Redirect headers

date: Fri, 15 Nov 2019 00:03:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
status: 302
vary: Accept-Encoding
content-length: 20
x-li-uuid: DUPSrhwt1xXAqsPh+CoAAA==
server: Play
pragma: no-cache
x-li-pop: prod-tln1
x-frame-options: sameorigin
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security: max-age=2592000
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lva1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=258729&url=https%3A%2F%2Fwww.forcepoint.com%2Fcyber-edu%2Fmalware&time=1573776195823&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
content-security-policy: default-src *; connect-src 'self' static.licdn.com media.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media-exp1.licdn.com media-exp2.licdn.com https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob:; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' platform.linkedin.com spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/insight.min.js; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 25 KB
10 KB 75ms
32ms Script
text/javascript 216.58.205.226
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-801634614

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.205.226 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s24-in-f2.1e100.net

Software

cafe /

Resource Hash

81b97093e0bb57e2b59a6c6e470b5f8bf7930af86286c9b0a30d0dc6ebc5c63f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9564
x-xss-protection: 0
server: cafe
etag: 16181230036510713323
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 15 Nov 2019 00:03:15 GMT

GET
H2

200

activityi;dc_pre=COzq9Zj16uUCFYiAgwcdlacFvg;src=9563368;type=force0;cat=force0;ord=9063171668155;gtm=2oaav3;auiddc=973648885.1573776196;u1=016e6c5f00450041fb1837bd79c000079002c07100b08;~oref=https%...
9563368.fls.doubleclick.net/ Frame C7D6
Redirect Chain

https://9563368.fls.doubleclick.net/activityi;src=9563368;type=force0;cat=force0;ord=9063171668155;gtm=2oaav3;auiddc=973648885.1573776196;u1=016e6c5f00450041fb1837bd79c000079002c07100b08;~oref=http...
https://9563368.fls.doubleclick.net/activityi;dc_pre=COzq9Zj16uUCFYiAgwcdlacFvg;src=9563368;type=force0;cat=force0;ord=9063171668155;gtm=2oaav3;auiddc=973648885.1573776196;u1=016e6c5f00450041fb1837...

0
0

34ms
34ms

Document
text/html

172.217.21.230
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://9563368.fls.doubleclick.net/activityi;dc_pre=COzq9Zj16uUCFYiAgwcdlacFvg;src=9563368;type=force0;cat=force0;ord=9063171668155;gtm=2oaav3;auiddc=973648885.1573776196;u1=016e6c5f00450041fb1837bd79c000079002c07100b08;~oref=https%3A%2F%2Fwww.forcepoint.com%2Fcyber-edu%2Fmalware?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-801634614

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.230 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s13-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 9563368.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=COzq9Zj16uUCFYiAgwcdlacFvg;src=9563368;type=force0;cat=force0;ord=9063171668155;gtm=2oaav3;auiddc=973648885.1573776196;u1=016e6c5f00450041fb1837bd79c000079002c07100b08;~oref=https%3A%2F%2Fwww.forcepoint.com%2Fcyber-edu%2Fmalware?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.forcepoint.com/cyber-edu/malware
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.forcepoint.com/cyber-edu/malware

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Fri, 15 Nov 2019 00:03:15 GMT
expires: Fri, 15 Nov 2019 00:03:15 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 374
x-xss-protection: 0
set-cookie: IDE=AHWqTUl46vS07MSyw3VMn4E61obpIVJnOo3iv9USJpiUg_Hw-pa_IcuzMrTgcUlV; expires=Wed, 09-Dec-2020 00:03:15 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Fri, 15 Nov 2019 00:03:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://9563368.fls.doubleclick.net/activityi;dc_pre=COzq9Zj16uUCFYiAgwcdlacFvg;src=9563368;type=force0;cat=force0;ord=9063171668155;gtm=2oaav3;auiddc=973648885.1573776196;u1=016e6c5f00450041fb1837bd79c000079002c07100b08;~oref=https%3A%2F%2Fwww.forcepoint.com%2Fcyber-edu%2Fmalware?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 15-Nov-2019 00:18:15 GMT; path=/; domain=.doubleclick.net
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 collect
www.google-analytics.com/ 35 B
109 B 6ms
6ms Image
image/gif 2a00:1450:4001:81b::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=989079858&t=pageview&_s=1&dl=https%3A%2F%2Fwww.forcepoint.com%2Fcyber-edu%2Fmalware&ul=en-us&de=UTF-8&dt=What%20is%20Malware%3F%20Defined%2C%20Explained%2C%20and%20Explored%20%7C%20Forcepoint&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=KGBAgAAj~&jid=1580679210&gjid=1774169992&cid=894132799.1573776196&tid=UA-72298027-1&_gid=385663644.1573776196&z=946313559

Requested by

Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Oct 2019 15:54:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1238913
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET

ga-audiences
www.google.com/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-72298027-1&cid=894132799.1573776196&jid=1580679210&gjid=1774169992&_gid=385663644.1573776196&_u=KGBAgAAj~&z=1710056612
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-72298027-1&cid=894132799.1573776196&jid=1580679210&_v=j79&z=1710056612

0
0

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/155/ 9 KB
4 KB 23ms
23ms Script
application/x-javascript 184.31.84.223
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/155/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.223 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a184-31-84-223.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: efb6b9732bf508ee305363b10cf2a67ace474e06eb42642f2c3696b2442a5775

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 Nov 2019 00:03:15 GMT
Content-Encoding: gzip
Last-Modified: Fri, 30 Nov 2018 03:18:20 GMT
Server: Apache
ETag: "c67dad42946949112916578f78706df8:1543547900"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 3923
Expires: Sun, 23 Feb 2020 00:03:15 GMT

GET
H2 200 bundle.js Show response
assets.ubembed.com/universalscript/releases/v0.177.0/ 162 KB
46 KB 107ms
42ms Script
application/javascript 13.224.196.58
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.ubembed.com/universalscript/releases/v0.177.0/bundle.js
Requested by: Host: 6634a5cdf59e4bb3a8f70dcd111da346.js.ubembed.com
URL: https://6634a5cdf59e4bb3a8f70dcd111da346.js.ubembed.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.196.58 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-196-58.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: de502b0503ebafcb2e8a7a7eea68518767d9044d13d7e4459727198b475bd04f

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 21:22:07 GMT
content-encoding: gzip
last-modified: Tue, 02 Apr 2019 00:00:46 GMT
server: AmazonS3
age: 1824069
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: o4QrpkokA9yDnrQsG5DgxXp7EUvHHM2QBN2M9cxW-RxQMpmaFRAS5w==
via: 1.1 e0efba8a72628bfc3dc6d4d637b28302.cloudfront.net (CloudFront)

GET
H/1.1 200
OK visitWebPage Show response
018-nkf-008.mktoresp.com/webevents/ 2 B
303 B 554ms
99ms XHR
text/plain 192.28.144.124
Adobe Systems Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://018-nkf-008.mktoresp.com/webevents/visitWebPage?_mchNc=1573776195885&_mchCn=&_mchId=018-NKF-008&_mchTk=_mch-forcepoint.com-1573776195884-35904&_mchHo=www.forcepoint.com&_mchPo=&_mchRu=%2Fcyber-edu%2Fmalware&_mchPc=https%3A&_mchVr=155&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/155/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),
Reverse DNS
Software: akka-http/10.1.7 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 15 Nov 2019 00:03:16 GMT
Content-Encoding: gzip
Server: akka-http/10.1.7
Transfer-Encoding: chunked
X-Request-Id: 1acaca0d-dba4-443a-9ee6-42324ca42224
Content-Type: text/plain; charset=UTF-8

POST
H2 200 csp-report
www.forcepoint.com/admin/config/system/seckit/ 0
3 KB 250ms
249ms Other
text/html 54.191.140.180
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://www.forcepoint.com/admin/config/system/seckit/csp-report

Requested by

Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.191.140.180 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-54-191-140-180.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: 'unsafe-inline' 'unsafe-eval' .fonts.net .licdn.com .tiqcdn.com .marketo.com .marketo.net .mktoresp.com .demdex.net .burly.io .llnwd.net .tealiumiq.com .googleadservices.com .marinsm.com .amazonaws.com .quantserve.com .facebook.net .serving-sys.com .google-analytics.com .hirebridge.com .websense.com .bizographics.com .linkedin.com .cloudfront.net .newrelic.com .nr-data.net .adnxs.com .demandbase.com .twitter.com .omtrdc.net .youtube.com static.ads-twitter.com .company-target.com .omniture.com .doubleclick.net .forcepoint.com .google.com .facebook.com .getsmartcontent.com .vidyard.com .adroll.com s.ml-attr.com attr.ml-api.io .driftt.com .sharethis.com .vimeo.com .slideshare.net .techvalidate.com .gartner.com .gstatic.com .libsyn.com .cdnbasket.net ids.cdnwidget.com app.vwo.com .visualwebsiteoptimizer.com use.typekit.net p.typekit.net cdn.vwo-analytics.com thematrixstg2.prod.acquia-sites.com thematrixstg3.prod.acquia-sites.com .googleapis.com .cloudflare.com .sharethis.mgr.consensu.org; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' pixel.cdnwidget.com .tealiumiq.com .google.com .googleadservices.com .doubleclick.net .websense.com .marinsm.com .facebook.com .quantserve.com .google-analytics.com .w55c.net .marketo.com .iasds01.com .linkedin.com .cloudfront.net .forcepoint.com .adnxs.com .twitter.com t.co .omtrdc.net tags.w55c.net .demandbase.com .company-target.com maps.gstatic.com tags.tiqcdn.com munchkin.marketo.net .newrelic.com connect.facebook.net static.ads-twitter.com a.burly.io sjs.bizographics.com bam.nr-data.net snap.licdn.com .getsmartcontent.com .adroll.com .vidyard.com s.ml-attr.com attr.ml-api.io ml314.com .ml314.com .bing.com .driftt.com .crazyegg.com .sharethis.com .vimeo.com .slideshare.net .techvalidate.com .gartner.com .googletagmanager.com .visualwebsiteoptimizer.com app.vwo.com .js.ubembed.com assets.ubembed.com cdn.vwo-analytics.com .s3.amazonaws.com s3.amazonaws.com thematrixstg2.prod.acquia-sites.com thematrixstg3.prod.acquia-sites.com .clearbit.com .googleapis.com .cloudflare.com; img-src 'self' data: pixel.advertising.com .forcepoint.com .marinsm.com .google-analytics.com s.ml-attr.com .doubleclick.net .facebook.com .adroll.com .yahoo.com .google.com .getsmartcontent.com .pubmatic.com .adnxs.com t.co attr.ml-api.io pixel.rubiconproject.com trc.taboola.com sync.outbrain.com .casalemedia.com idsync.rlcdn.com .bidswitch.net us-u.openx.net bsw.digitru.st ps.eyeota.net match.adsrvr.org sync-tm.everesttech.net dmp.adform.net i.w55c.net d.turn.com tags.w55c.net sync.tidaltv.com sync.mathtag.com in.v12group.com sync.adap.tv eyeota-sync.dotomi.com p.rfihub.com .demdex.net .tealiumiq.com .vidyard.com .bing.com s3.amazonaws.com .s3.amazonaws.com .driftt.com eb2.3lift.com .gartner.com .liadm.com .krxd.net .pippio.com .amazon-adsystem.com .visualwebsiteoptimizer.com .cloudfront.net .cdnwidget.com tags.bluekai.com .adsymptotic.com cm.everesttech.net su.addthis.com lrpush.apxlv.com global.ib-ibi.com bcp.crwdcntrl.net analytics.twitter.com api.bizographics.com sync.placelocal.com segments.company-target.com pixel.tapad.com lrp.mxptint.net match.prod.bidr.io p.univide.com rp.gwallet.com ds.reson8.com dmp.truoptik.com aa.agkn.com bs.serving-sys.com .entitytag.co.uk token.rubiconproject.com liveramp-eicm-global.dsp.io thrtle.com apolloprogram.io live.rzsync.com .youtube.com insight.adsrvr.org .crazyegg.com thematrixstg2.prod.acquia-sites.com thematrixstg3.prod.acquia-sites.com .googleapis.com .cloudflare.com .linkedin.com .sharethis.com; connect-src 'self' app.vwo.com dpm.demdex.net websense.tt.omtrdc.net .mktoresp.com .cdnbasket.net ids.cdnwidget.com .forcepoint.com sample-api-v2.crazyegg.com .visualwebsiteoptimizer.com insight.adsrvr.org bam.nr-data.net .tealiumiq.com live-evercurrent-clone.pantheonsite.io .sharethis.com *.doubleclick.net; report-uri /admin/config/system/seckit/csp-report
Strict-Transport-Security	max-age=18410000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.forcepoint.com thematrixstg2.prod.acquia-sites.com thematrixstg3.prod.acquia-sites.com

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 15 Nov 2019 00:03:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-geo-country: NL
age: 0
x-cache: MISS
status: 200
from-origin: same, https://analyticsssl.forcepoint.com,https://vidyard.com
x-ah-environment: prod
vary: Accept-Encoding,X-Geo-Country
x-request-id: v-52afc5a0-073b-11ea-9e65-27c0584f63cc
server: nginx
x-frame-options: ALLOW-FROM https://www.forcepoint.com thematrixstg2.prod.acquia-sites.com thematrixstg3.prod.acquia-sites.com
strict-transport-security: max-age=18410000
content-language: en
via: varnish
cache-control: no-cache, must-revalidate
content-security-policy: default-src 'self' data: 'unsafe-inline' 'unsafe-eval' *.fonts.net *.licdn.com *.tiqcdn.com *.marketo.com *.marketo.net *.mktoresp.com *.demdex.net *.burly.io *.llnwd.net *.tealiumiq.com *.googleadservices.com *.marinsm.com *.amazonaws.com *.quantserve.com *.facebook.net *.serving-sys.com *.google-analytics.com *.hirebridge.com *.websense.com *.bizographics.com *.linkedin.com *.cloudfront.net *.newrelic.com *.nr-data.net *.adnxs.com *.demandbase.com *.twitter.com *.omtrdc.net *.youtube.com static.ads-twitter.com *.company-target.com *.omniture.com *.doubleclick.net *.forcepoint.com *.google.com *.facebook.com *.getsmartcontent.com *.vidyard.com *.adroll.com s.ml-attr.com attr.ml-api.io *.driftt.com *.sharethis.com *.vimeo.com *.slideshare.net *.techvalidate.com *.gartner.com *.gstatic.com *.libsyn.com *.cdnbasket.net ids.cdnwidget.com app.vwo.com *.visualwebsiteoptimizer.com use.typekit.net p.typekit.net cdn.vwo-analytics.com thematrixstg2.prod.acquia-sites.com thematrixstg3.prod.acquia-sites.com *.googleapis.com *.cloudflare.com *.sharethis.mgr.consensu.org; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' pixel.cdnwidget.com *.tealiumiq.com *.google.com *.googleadservices.com *.doubleclick.net *.websense.com *.marinsm.com *.facebook.com *.quantserve.com *.google-analytics.com *.w55c.net *.marketo.com *.iasds01.com *.linkedin.com *.cloudfront.net *.forcepoint.com *.adnxs.com *.twitter.com t.co *.omtrdc.net tags.w55c.net *.demandbase.com *.company-target.com maps.gstatic.com tags.tiqcdn.com munchkin.marketo.net *.newrelic.com connect.facebook.net static.ads-twitter.com a.burly.io sjs.bizographics.com bam.nr-data.net snap.licdn.com *.getsmartcontent.com *.adroll.com *.vidyard.com s.ml-attr.com attr.ml-api.io ml314.com *.ml314.com *.bing.com *.driftt.com *.crazyegg.com *.sharethis.com *.vimeo.com *.slideshare.net *.techvalidate.com *.gartner.com *.googletagmanager.com *.visualwebsiteoptimizer.com app.vwo.com *.js.ubembed.com assets.ubembed.com cdn.vwo-analytics.com *.s3.amazonaws.com s3.amazonaws.com thematrixstg2.prod.acquia-sites.com thematrixstg3.prod.acquia-sites.com *.clearbit.com *.googleapis.com *.cloudflare.com; img-src 'self' data: pixel.advertising.com *.forcepoint.com *.marinsm.com *.google-analytics.com s.ml-attr.com *.doubleclick.net *.facebook.com *.adroll.com *.yahoo.com *.google.com *.getsmartcontent.com *.pubmatic.com *.adnxs.com t.co attr.ml-api.io pixel.rubiconproject.com trc.taboola.com sync.outbrain.com *.casalemedia.com idsync.rlcdn.com *.bidswitch.net us-u.openx.net bsw.digitru.st ps.eyeota.net match.adsrvr.org sync-tm.everesttech.net dmp.adform.net i.w55c.net d.turn.com tags.w55c.net sync.tidaltv.com sync.mathtag.com in.v12group.com sync.adap.tv eyeota-sync.dotomi.com p.rfihub.com *.demdex.net *.tealiumiq.com *.vidyard.com *.bing.com s3.amazonaws.com *.s3.amazonaws.com *.driftt.com eb2.3lift.com *.gartner.com *.liadm.com *.krxd.net *.pippio.com *.amazon-adsystem.com *.visualwebsiteoptimizer.com *.cloudfront.net *.cdnwidget.com tags.bluekai.com *.adsymptotic.com cm.everesttech.net su.addthis.com lrpush.apxlv.com global.ib-ibi.com bcp.crwdcntrl.net analytics.twitter.com api.bizographics.com sync.placelocal.com segments.company-target.com pixel.tapad.com lrp.mxptint.net match.prod.bidr.io p.univide.com rp.gwallet.com ds.reson8.com dmp.truoptik.com aa.agkn.com bs.serving-sys.com *.entitytag.co.uk token.rubiconproject.com liveramp-eicm-global.dsp.io thrtle.com apolloprogram.io live.rzsync.com *.youtube.com insight.adsrvr.org *.crazyegg.com thematrixstg2.prod.acquia-sites.com thematrixstg3.prod.acquia-sites.com *.googleapis.com *.cloudflare.com *.linkedin.com *.sharethis.com; connect-src 'self' app.vwo.com dpm.demdex.net websense.tt.omtrdc.net *.mktoresp.com *.cdnbasket.net ids.cdnwidget.com *.forcepoint.com sample-api-v2.crazyegg.com *.visualwebsiteoptimizer.com insight.adsrvr.org bam.nr-data.net *.tealiumiq.com live-evercurrent-clone.pantheonsite.io *.sharethis.com *.doubleclick.net; report-uri /admin/config/system/seckit/csp-report
accept-ranges: bytes
content-type: text/html; charset=UTF-8
x-drupal-cache: MISS
expires: Sun, 19 Nov 1978 05:00:00 GMT

GET ga-audiences
www.google.de/ads/ 0
0

GET
H2 200 adsct
t.co/i/ 43 B
449 B 185ms
142ms Image
image/gif 104.244.42.69
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=l6a6s&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0

Requested by

Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 121
pragma: no-cache
last-modified: Fri, 15 Nov 2019 00:03:16 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 9b3150e234225c4a3b21f7c675799935
x-transaction: 00dd90ed002d8bdf
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/801634614/ 2 KB
1 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:81f::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/801634614/?random=1573776195908&cv=9&fst=1573776195908&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oaav3&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.forcepoint.com%2Fcyber-edu%2Fmalware&tiba=What%20is%20Malware%3F%20Defined%2C%20Explained%2C%20and%20Explored%20%7C%20Forcepoint&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

3f43092af27c8c824e6319fb3b08830040761387ebb63977467ccd3bd04a7bfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Nov 2019 00:03:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 993
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/801634614/ 42 B
110 B 25ms
25ms Image
image/gif 2a00:1450:4001:825::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/801634614/?random=1573776195908&cv=9&fst=1573776000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oaav3&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.forcepoint.com%2Fcyber-edu%2Fmalware&tiba=What%20is%20Malware%3F%20Defined%2C%20Explained%2C%20and%20Explored%20%7C%20Forcepoint&async=1&fmt=3&is_vtc=1&random=3524317034&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Nov 2019 00:03:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 csp-report
www.forcepoint.com/admin/config/system/seckit/ 0
3 KB 239ms
239ms Other
text/html 54.191.140.180
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://www.forcepoint.com/admin/config/system/seckit/csp-report

Requested by

Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.191.140.180 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-54-191-140-180.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: 'unsafe-inline' 'unsafe-eval' .fonts.net .licdn.com .tiqcdn.com .marketo.com .marketo.net .mktoresp.com .demdex.net .burly.io .llnwd.net .tealiumiq.com .googleadservices.com .marinsm.com .amazonaws.com .quantserve.com .facebook.net .serving-sys.com .google-analytics.com .hirebridge.com .websense.com .bizographics.com .linkedin.com .cloudfront.net .newrelic.com .nr-data.net .adnxs.com .demandbase.com .twitter.com .omtrdc.net .youtube.com static.ads-twitter.com .company-target.com .omniture.com .doubleclick.net .forcepoint.com .google.com .facebook.com .getsmartcontent.com .vidyard.com .adroll.com s.ml-attr.com attr.ml-api.io .driftt.com .sharethis.com .vimeo.com .slideshare.net .techvalidate.com .gartner.com .gstatic.com .libsyn.com .cdnbasket.net ids.cdnwidget.com app.vwo.com .visualwebsiteoptimizer.com use.typekit.net p.typekit.net cdn.vwo-analytics.com thematrixstg2.prod.acquia-sites.com thematrixstg3.prod.acquia-sites.com .googleapis.com .cloudflare.com .sharethis.mgr.consensu.org; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' pixel.cdnwidget.com .tealiumiq.com .google.com .googleadservices.com .doubleclick.net .websense.com .marinsm.com .facebook.com .quantserve.com .google-analytics.com .w55c.net .marketo.com .iasds01.com .linkedin.com .cloudfront.net .forcepoint.com .adnxs.com .twitter.com t.co .omtrdc.net tags.w55c.net .demandbase.com .company-target.com maps.gstatic.com tags.tiqcdn.com munchkin.marketo.net .newrelic.com connect.facebook.net static.ads-twitter.com a.burly.io sjs.bizographics.com bam.nr-data.net snap.licdn.com .getsmartcontent.com .adroll.com .vidyard.com s.ml-attr.com attr.ml-api.io ml314.com .ml314.com .bing.com .driftt.com .crazyegg.com .sharethis.com .vimeo.com .slideshare.net .techvalidate.com .gartner.com .googletagmanager.com .visualwebsiteoptimizer.com app.vwo.com .js.ubembed.com assets.ubembed.com cdn.vwo-analytics.com .s3.amazonaws.com s3.amazonaws.com thematrixstg2.prod.acquia-sites.com thematrixstg3.prod.acquia-sites.com .clearbit.com .googleapis.com .cloudflare.com; img-src 'self' data: pixel.advertising.com .forcepoint.com .marinsm.com .google-analytics.com s.ml-attr.com .doubleclick.net .facebook.com .adroll.com .yahoo.com .google.com .getsmartcontent.com .pubmatic.com .adnxs.com t.co attr.ml-api.io pixel.rubiconproject.com trc.taboola.com sync.outbrain.com .casalemedia.com idsync.rlcdn.com .bidswitch.net us-u.openx.net bsw.digitru.st ps.eyeota.net match.adsrvr.org sync-tm.everesttech.net dmp.adform.net i.w55c.net d.turn.com tags.w55c.net sync.tidaltv.com sync.mathtag.com in.v12group.com sync.adap.tv eyeota-sync.dotomi.com p.rfihub.com .demdex.net .tealiumiq.com .vidyard.com .bing.com s3.amazonaws.com .s3.amazonaws.com .driftt.com eb2.3lift.com .gartner.com .liadm.com .krxd.net .pippio.com .amazon-adsystem.com .visualwebsiteoptimizer.com .cloudfront.net .cdnwidget.com tags.bluekai.com .adsymptotic.com cm.everesttech.net su.addthis.com lrpush.apxlv.com global.ib-ibi.com bcp.crwdcntrl.net analytics.twitter.com api.bizographics.com sync.placelocal.com segments.company-target.com pixel.tapad.com lrp.mxptint.net match.prod.bidr.io p.univide.com rp.gwallet.com ds.reson8.com dmp.truoptik.com aa.agkn.com bs.serving-sys.com .entitytag.co.uk token.rubiconproject.com liveramp-eicm-global.dsp.io thrtle.com apolloprogram.io live.rzsync.com .youtube.com insight.adsrvr.org .crazyegg.com thematrixstg2.prod.acquia-sites.com thematrixstg3.prod.acquia-sites.com .googleapis.com .cloudflare.com .linkedin.com .sharethis.com; connect-src 'self' app.vwo.com dpm.demdex.net websense.tt.omtrdc.net .mktoresp.com .cdnbasket.net ids.cdnwidget.com .forcepoint.com sample-api-v2.crazyegg.com .visualwebsiteoptimizer.com insight.adsrvr.org bam.nr-data.net .tealiumiq.com live-evercurrent-clone.pantheonsite.io .sharethis.com *.doubleclick.net; report-uri /admin/config/system/seckit/csp-report
Strict-Transport-Security	max-age=18410000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.forcepoint.com thematrixstg2.prod.acquia-sites.com thematrixstg3.prod.acquia-sites.com

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 15 Nov 2019 00:03:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-geo-country: NL
age: 0
x-cache: MISS
status: 200
from-origin: same, https://analyticsssl.forcepoint.com,https://vidyard.com
x-ah-environment: prod
vary: Accept-Encoding,X-Geo-Country
content-length: 25
x-request-id: v-52b671ac-073b-11ea-af17-5f65c3ff708b
server: nginx
x-frame-options: ALLOW-FROM https://www.forcepoint.com thematrixstg2.prod.acquia-sites.com thematrixstg3.prod.acquia-sites.com
strict-transport-security: max-age=18410000
content-language: en
via: varnish
cache-control: no-cache, must-revalidate
content-security-policy: default-src 'self' data: 'unsafe-inline' 'unsafe-eval' *.fonts.net *.licdn.com *.tiqcdn.com *.marketo.com *.marketo.net *.mktoresp.com *.demdex.net *.burly.io *.llnwd.net *.tealiumiq.com *.googleadservices.com *.marinsm.com *.amazonaws.com *.quantserve.com *.facebook.net *.serving-sys.com *.google-analytics.com *.hirebridge.com *.websense.com *.bizographics.com *.linkedin.com *.cloudfront.net *.newrelic.com *.nr-data.net *.adnxs.com *.demandbase.com *.twitter.com *.omtrdc.net *.youtube.com static.ads-twitter.com *.company-target.com *.omniture.com *.doubleclick.net *.forcepoint.com *.google.com *.facebook.com *.getsmartcontent.com *.vidyard.com *.adroll.com s.ml-attr.com attr.ml-api.io *.driftt.com *.sharethis.com *.vimeo.com *.slideshare.net *.techvalidate.com *.gartner.com *.gstatic.com *.libsyn.com *.cdnbasket.net ids.cdnwidget.com app.vwo.com *.visualwebsiteoptimizer.com use.typekit.net p.typekit.net cdn.vwo-analytics.com thematrixstg2.prod.acquia-sites.com thematrixstg3.prod.acquia-sites.com *.googleapis.com *.cloudflare.com *.sharethis.mgr.consensu.org; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' pixel.cdnwidget.com *.tealiumiq.com *.google.com *.googleadservices.com *.doubleclick.net *.websense.com *.marinsm.com *.facebook.com *.quantserve.com *.google-analytics.com *.w55c.net *.marketo.com *.iasds01.com *.linkedin.com *.cloudfront.net *.forcepoint.com *.adnxs.com *.twitter.com t.co *.omtrdc.net tags.w55c.net *.demandbase.com *.company-target.com maps.gstatic.com tags.tiqcdn.com munchkin.marketo.net *.newrelic.com connect.facebook.net static.ads-twitter.com a.burly.io sjs.bizographics.com bam.nr-data.net snap.licdn.com *.getsmartcontent.com *.adroll.com *.vidyard.com s.ml-attr.com attr.ml-api.io ml314.com *.ml314.com *.bing.com *.driftt.com *.crazyegg.com *.sharethis.com *.vimeo.com *.slideshare.net *.techvalidate.com *.gartner.com *.googletagmanager.com *.visualwebsiteoptimizer.com app.vwo.com *.js.ubembed.com assets.ubembed.com cdn.vwo-analytics.com *.s3.amazonaws.com s3.amazonaws.com thematrixstg2.prod.acquia-sites.com thematrixstg3.prod.acquia-sites.com *.clearbit.com *.googleapis.com *.cloudflare.com; img-src 'self' data: pixel.advertising.com *.forcepoint.com *.marinsm.com *.google-analytics.com s.ml-attr.com *.doubleclick.net *.facebook.com *.adroll.com *.yahoo.com *.google.com *.getsmartcontent.com *.pubmatic.com *.adnxs.com t.co attr.ml-api.io pixel.rubiconproject.com trc.taboola.com sync.outbrain.com *.casalemedia.com idsync.rlcdn.com *.bidswitch.net us-u.openx.net bsw.digitru.st ps.eyeota.net match.adsrvr.org sync-tm.everesttech.net dmp.adform.net i.w55c.net d.turn.com tags.w55c.net sync.tidaltv.com sync.mathtag.com in.v12group.com sync.adap.tv eyeota-sync.dotomi.com p.rfihub.com *.demdex.net *.tealiumiq.com *.vidyard.com *.bing.com s3.amazonaws.com *.s3.amazonaws.com *.driftt.com eb2.3lift.com *.gartner.com *.liadm.com *.krxd.net *.pippio.com *.amazon-adsystem.com *.visualwebsiteoptimizer.com *.cloudfront.net *.cdnwidget.com tags.bluekai.com *.adsymptotic.com cm.everesttech.net su.addthis.com lrpush.apxlv.com global.ib-ibi.com bcp.crwdcntrl.net analytics.twitter.com api.bizographics.com sync.placelocal.com segments.company-target.com pixel.tapad.com lrp.mxptint.net match.prod.bidr.io p.univide.com rp.gwallet.com ds.reson8.com dmp.truoptik.com aa.agkn.com bs.serving-sys.com *.entitytag.co.uk token.rubiconproject.com liveramp-eicm-global.dsp.io thrtle.com apolloprogram.io live.rzsync.com *.youtube.com insight.adsrvr.org *.crazyegg.com thematrixstg2.prod.acquia-sites.com thematrixstg3.prod.acquia-sites.com *.googleapis.com *.cloudflare.com *.linkedin.com *.sharethis.com; connect-src 'self' app.vwo.com dpm.demdex.net websense.tt.omtrdc.net *.mktoresp.com *.cdnbasket.net ids.cdnwidget.com *.forcepoint.com sample-api-v2.crazyegg.com *.visualwebsiteoptimizer.com insight.adsrvr.org bam.nr-data.net *.tealiumiq.com live-evercurrent-clone.pantheonsite.io *.sharethis.com *.doubleclick.net; report-uri /admin/config/system/seckit/csp-report
accept-ranges: bytes
content-type: text/html; charset=UTF-8
x-drupal-cache: MISS
expires: Sun, 19 Nov 1978 05:00:00 GMT

GET /
www.google.de/pagead/1p-user-list/801634614/ 0
0

POST
H2 200 csp-report
www.forcepoint.com/admin/config/system/seckit/ 0
3 KB 252ms
252ms Other
text/html 54.191.140.180
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://www.forcepoint.com/admin/config/system/seckit/csp-report

Requested by

Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.191.140.180 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-54-191-140-180.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: 'unsafe-inline' 'unsafe-eval' .fonts.net .licdn.com .tiqcdn.com .marketo.com .marketo.net .mktoresp.com .demdex.net .burly.io .llnwd.net .tealiumiq.com .googleadservices.com .marinsm.com .amazonaws.com .quantserve.com .facebook.net .serving-sys.com .google-analytics.com .hirebridge.com .websense.com .bizographics.com .linkedin.com .cloudfront.net .newrelic.com .nr-data.net .adnxs.com .demandbase.com .twitter.com .omtrdc.net .youtube.com static.ads-twitter.com .company-target.com .omniture.com .doubleclick.net .forcepoint.com .google.com .facebook.com .getsmartcontent.com .vidyard.com .adroll.com s.ml-attr.com attr.ml-api.io .driftt.com .sharethis.com .vimeo.com .slideshare.net .techvalidate.com .gartner.com .gstatic.com .libsyn.com .cdnbasket.net ids.cdnwidget.com app.vwo.com .visualwebsiteoptimizer.com use.typekit.net p.typekit.net cdn.vwo-analytics.com thematrixstg2.prod.acquia-sites.com thematrixstg3.prod.acquia-sites.com .googleapis.com .cloudflare.com .sharethis.mgr.consensu.org; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' pixel.cdnwidget.com .tealiumiq.com .google.com .googleadservices.com .doubleclick.net .websense.com .marinsm.com .facebook.com .quantserve.com .google-analytics.com .w55c.net .marketo.com .iasds01.com .linkedin.com .cloudfront.net .forcepoint.com .adnxs.com .twitter.com t.co .omtrdc.net tags.w55c.net .demandbase.com .company-target.com maps.gstatic.com tags.tiqcdn.com munchkin.marketo.net .newrelic.com connect.facebook.net static.ads-twitter.com a.burly.io sjs.bizographics.com bam.nr-data.net snap.licdn.com .getsmartcontent.com .adroll.com .vidyard.com s.ml-attr.com attr.ml-api.io ml314.com .ml314.com .bing.com .driftt.com .crazyegg.com .sharethis.com .vimeo.com .slideshare.net .techvalidate.com .gartner.com .googletagmanager.com .visualwebsiteoptimizer.com app.vwo.com .js.ubembed.com assets.ubembed.com cdn.vwo-analytics.com .s3.amazonaws.com s3.amazonaws.com thematrixstg2.prod.acquia-sites.com thematrixstg3.prod.acquia-sites.com .clearbit.com .googleapis.com .cloudflare.com; img-src 'self' data: pixel.advertising.com .forcepoint.com .marinsm.com .google-analytics.com s.ml-attr.com .doubleclick.net .facebook.com .adroll.com .yahoo.com .google.com .getsmartcontent.com .pubmatic.com .adnxs.com t.co attr.ml-api.io pixel.rubiconproject.com trc.taboola.com sync.outbrain.com .casalemedia.com idsync.rlcdn.com .bidswitch.net us-u.openx.net bsw.digitru.st ps.eyeota.net match.adsrvr.org sync-tm.everesttech.net dmp.adform.net i.w55c.net d.turn.com tags.w55c.net sync.tidaltv.com sync.mathtag.com in.v12group.com sync.adap.tv eyeota-sync.dotomi.com p.rfihub.com .demdex.net .tealiumiq.com .vidyard.com .bing.com s3.amazonaws.com .s3.amazonaws.com .driftt.com eb2.3lift.com .gartner.com .liadm.com .krxd.net .pippio.com .amazon-adsystem.com .visualwebsiteoptimizer.com .cloudfront.net .cdnwidget.com tags.bluekai.com .adsymptotic.com cm.everesttech.net su.addthis.com lrpush.apxlv.com global.ib-ibi.com bcp.crwdcntrl.net analytics.twitter.com api.bizographics.com sync.placelocal.com segments.company-target.com pixel.tapad.com lrp.mxptint.net match.prod.bidr.io p.univide.com rp.gwallet.com ds.reson8.com dmp.truoptik.com aa.agkn.com bs.serving-sys.com .entitytag.co.uk token.rubiconproject.com liveramp-eicm-global.dsp.io thrtle.com apolloprogram.io live.rzsync.com .youtube.com insight.adsrvr.org .crazyegg.com thematrixstg2.prod.acquia-sites.com thematrixstg3.prod.acquia-sites.com .googleapis.com .cloudflare.com .linkedin.com .sharethis.com; connect-src 'self' app.vwo.com dpm.demdex.net websense.tt.omtrdc.net .mktoresp.com .cdnbasket.net ids.cdnwidget.com .forcepoint.com sample-api-v2.crazyegg.com .visualwebsiteoptimizer.com insight.adsrvr.org bam.nr-data.net .tealiumiq.com live-evercurrent-clone.pantheonsite.io .sharethis.com *.doubleclick.net; report-uri /admin/config/system/seckit/csp-report
Strict-Transport-Security	max-age=18410000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.forcepoint.com thematrixstg2.prod.acquia-sites.com thematrixstg3.prod.acquia-sites.com

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 15 Nov 2019 00:03:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-geo-country: NL
age: 0
x-cache: MISS
status: 200
from-origin: same, https://analyticsssl.forcepoint.com,https://vidyard.com
x-ah-environment: prod
vary: Accept-Encoding,X-Geo-Country
content-length: 25
x-request-id: v-52b83622-073b-11ea-989c-fffc2f69ffae
server: nginx
x-frame-options: ALLOW-FROM https://www.forcepoint.com thematrixstg2.prod.acquia-sites.com thematrixstg3.prod.acquia-sites.com
strict-transport-security: max-age=18410000
content-language: en
via: varnish
cache-control: no-cache, must-revalidate
content-security-policy: default-src 'self' data: 'unsafe-inline' 'unsafe-eval' *.fonts.net *.licdn.com *.tiqcdn.com *.marketo.com *.marketo.net *.mktoresp.com *.demdex.net *.burly.io *.llnwd.net *.tealiumiq.com *.googleadservices.com *.marinsm.com *.amazonaws.com *.quantserve.com *.facebook.net *.serving-sys.com *.google-analytics.com *.hirebridge.com *.websense.com *.bizographics.com *.linkedin.com *.cloudfront.net *.newrelic.com *.nr-data.net *.adnxs.com *.demandbase.com *.twitter.com *.omtrdc.net *.youtube.com static.ads-twitter.com *.company-target.com *.omniture.com *.doubleclick.net *.forcepoint.com *.google.com *.facebook.com *.getsmartcontent.com *.vidyard.com *.adroll.com s.ml-attr.com attr.ml-api.io *.driftt.com *.sharethis.com *.vimeo.com *.slideshare.net *.techvalidate.com *.gartner.com *.gstatic.com *.libsyn.com *.cdnbasket.net ids.cdnwidget.com app.vwo.com *.visualwebsiteoptimizer.com use.typekit.net p.typekit.net cdn.vwo-analytics.com thematrixstg2.prod.acquia-sites.com thematrixstg3.prod.acquia-sites.com *.googleapis.com *.cloudflare.com *.sharethis.mgr.consensu.org; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' pixel.cdnwidget.com *.tealiumiq.com *.google.com *.googleadservices.com *.doubleclick.net *.websense.com *.marinsm.com *.facebook.com *.quantserve.com *.google-analytics.com *.w55c.net *.marketo.com *.iasds01.com *.linkedin.com *.cloudfront.net *.forcepoint.com *.adnxs.com *.twitter.com t.co *.omtrdc.net tags.w55c.net *.demandbase.com *.company-target.com maps.gstatic.com tags.tiqcdn.com munchkin.marketo.net *.newrelic.com connect.facebook.net static.ads-twitter.com a.burly.io sjs.bizographics.com bam.nr-data.net snap.licdn.com *.getsmartcontent.com *.adroll.com *.vidyard.com s.ml-attr.com attr.ml-api.io ml314.com *.ml314.com *.bing.com *.driftt.com *.crazyegg.com *.sharethis.com *.vimeo.com *.slideshare.net *.techvalidate.com *.gartner.com *.googletagmanager.com *.visualwebsiteoptimizer.com app.vwo.com *.js.ubembed.com assets.ubembed.com cdn.vwo-analytics.com *.s3.amazonaws.com s3.amazonaws.com thematrixstg2.prod.acquia-sites.com thematrixstg3.prod.acquia-sites.com *.clearbit.com *.googleapis.com *.cloudflare.com; img-src 'self' data: pixel.advertising.com *.forcepoint.com *.marinsm.com *.google-analytics.com s.ml-attr.com *.doubleclick.net *.facebook.com *.adroll.com *.yahoo.com *.google.com *.getsmartcontent.com *.pubmatic.com *.adnxs.com t.co attr.ml-api.io pixel.rubiconproject.com trc.taboola.com sync.outbrain.com *.casalemedia.com idsync.rlcdn.com *.bidswitch.net us-u.openx.net bsw.digitru.st ps.eyeota.net match.adsrvr.org sync-tm.everesttech.net dmp.adform.net i.w55c.net d.turn.com tags.w55c.net sync.tidaltv.com sync.mathtag.com in.v12group.com sync.adap.tv eyeota-sync.dotomi.com p.rfihub.com *.demdex.net *.tealiumiq.com *.vidyard.com *.bing.com s3.amazonaws.com *.s3.amazonaws.com *.driftt.com eb2.3lift.com *.gartner.com *.liadm.com *.krxd.net *.pippio.com *.amazon-adsystem.com *.visualwebsiteoptimizer.com *.cloudfront.net *.cdnwidget.com tags.bluekai.com *.adsymptotic.com cm.everesttech.net su.addthis.com lrpush.apxlv.com global.ib-ibi.com bcp.crwdcntrl.net analytics.twitter.com api.bizographics.com sync.placelocal.com segments.company-target.com pixel.tapad.com lrp.mxptint.net match.prod.bidr.io p.univide.com rp.gwallet.com ds.reson8.com dmp.truoptik.com aa.agkn.com bs.serving-sys.com *.entitytag.co.uk token.rubiconproject.com liveramp-eicm-global.dsp.io thrtle.com apolloprogram.io live.rzsync.com *.youtube.com insight.adsrvr.org *.crazyegg.com thematrixstg2.prod.acquia-sites.com thematrixstg3.prod.acquia-sites.com *.googleapis.com *.cloudflare.com *.linkedin.com *.sharethis.com; connect-src 'self' app.vwo.com dpm.demdex.net websense.tt.omtrdc.net *.mktoresp.com *.cdnbasket.net ids.cdnwidget.com *.forcepoint.com sample-api-v2.crazyegg.com *.visualwebsiteoptimizer.com insight.adsrvr.org bam.nr-data.net *.tealiumiq.com live-evercurrent-clone.pantheonsite.io *.sharethis.com *.doubleclick.net; report-uri /admin/config/system/seckit/csp-report
accept-ranges: bytes
content-type: text/html; charset=UTF-8
x-drupal-cache: MISS
expires: Sun, 19 Nov 1978 05:00:00 GMT

GET /
www.forcepoint.com/ajax/eu-cookie-compliance/ 0
0

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ 2 KB
1 KB 71ms
23ms Script
application/javascript 104.111.236.11
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?rnd=1573776195957&cid=c010&dmn=www.forcepoint.com

Requested by

Host: www.forcepoint.com
URL: https://www.forcepoint.com/sites/default/files/advagg_relocate/https-ws.sharethis.com-button-buttons.js?q0xf11

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.236.11 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-236-11.deploy.static.akamaitechnologies.com

Software

Resource Hash

4954b5d2ccd0484903a4124d3cb7002e5c3f2315ec4fdb7e660f537adb3b25b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 Nov 2019 00:03:16 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: application/javascript
P3P: policyref="/w3c/p3p.xml", CP="DSP LAW NID OUR DEL SAM BUS UNI PUR COM NAV INT STA PRE LOC OTC"
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 958
Expires: Fri, 15 Nov 2019 01:03:16 GMT

GET
H/1.1 200
OK t_.htm
t.sharethis.com/a/ Frame E379 0
0 25ms
24ms Document
text/html 104.111.236.11
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://t.sharethis.com/a/t_.htm?ver=0.317.15648&cid=c010
Requested by: Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?rnd=1573776195957&cid=c010&dmn=www.forcepoint.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.11 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-236-11.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Host: t.sharethis.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://www.forcepoint.com/cyber-edu/malware
Accept-Encoding: gzip, deflate, br
Cookie: __stid=ZGYAA13N60MAAAASQKaaAw==
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.forcepoint.com/cyber-edu/malware

Response headers

Content-Length: 1084
Cache-Control: max-age=604800
Expires: Fri, 22 Nov 2019 00:03:16 GMT
Date: Fri, 15 Nov 2019 00:03:16 GMT
Connection: keep-alive
Content-Encoding: gzip
P3P: policyref="/w3c/p3p.xml", CP="DSP LAW NID OUR DEL SAM BUS UNI PUR COM NAV INT STA PRE LOC OTC"
Content-Type: text/html
X-Robots-Tag: noindex, nofollow

GET
H2 200 s06015415953874
analyticsssl.forcepoint.com/b/ss/websense-fp-prod/1/JS-2.12.0/ 43 B
222 B 32ms
31ms Image
image/gif 15.188.31.119
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analyticsssl.forcepoint.com/b/ss/websense-fp-prod/1/JS-2.12.0/s06015415953874?AQB=1&ndh=1&pf=1&t=15%2F10%2F2019%201%3A3%3A16%205%20-60&sdid=5217F807B593F02B-33401CA5B85FC4D3&mid=11858988113554787043806562658485578778&aamlh=6&ce=UTF-8&pageName=fp%3Aresources%3Acyber%20edu%3Amalware&g=https%3A%2F%2Fwww.forcepoint.com%2Fcyber-edu%2Fmalware&cc=USD&ch=resources&server=www.forcepoint.com&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=cyber%20edu&v1=cyber%20edu&v2=resources&c3=resources%3Acyber%20edu&v3=resources%3Acyber%20edu&v4=D%3DpageName&v9=nl&v10=europe&v11=english&c15=https%3A%2F%2Fwww.forcepoint.com%2Fcyber-edu%2Fmalware&v18=no%20value&c20=timing%20data%20not%20available&c21=2.12.0&c22=fp%3Aus%3Aresources%3Acyber%20edu%3Amalware&v47=D%3Dg&v50=D%3Dc15&v63=fp%3Aus%3Aresources%3Acyber%20edu%3Amalware&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=8DC067C25245AFA80A490D4C%40AdobeOrg&AQE=1

Requested by

Host: www.forcepoint.com
URL: https://www.forcepoint.com/cyber-edu/malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.31.119 Paris, France, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-15-188-31-119.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:15 GMT
x-content-type-options: nosniff
x-c: master-1061.Iecc33a.M0-311
p3p: CP="This is not a P3P policy"
status: 200
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 16 Nov 2019 00:03:16 GMT
server: jag
xserver: anedge-5fc496b8d4-fwn9d
etag: 3379658646606938112-4613739166903544816
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Thu, 14 Nov 2019 00:03:16 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
634 B 185ms
140ms Script
application/javascript 104.244.42.3
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=l6a6s&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.forcepoint.com%2Fcyber-edu%2Fmalware

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/oct.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.forcepoint.com/cyber-edu/malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:03:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
content-length: 57
x-xss-protection: 0
x-response-time: 119
pragma: no-cache
last-modified: Fri, 15 Nov 2019 00:03:16 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 874c0d960c18d5f7fb16731240ecd31e
x-transaction: 00e216d000bc3be0
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 index.html
js.driftt.com/deploy/assets/ Frame 77DF 0
0 33ms
33ms Document
text/html 143.204.101.129
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/deploy/assets/index.html

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1573776300000/bt3rzfauhdaf.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.204.101.129 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-143-204-101-129.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: js.driftt.com
:scheme: https
:path: /deploy/assets/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.forcepoint.com/cyber-edu/malware
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.forcepoint.com/cyber-edu/malware

Response headers

status: 200
content-type: text/html; charset=utf-8
content-length: 938
server: nginx
last-modified: Thu, 14 Nov 2019 22:04:13 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 15 Nov 2019 00:00:40 GMT
etag: "e4e399dd638bbc950217c67e638e0986"
cache-control: max-age=10
x-cache: Hit from cloudfront
via: 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: y_jSRsKzf0rjhVOeLZRBOThNWBbH_VXw8jVbDxSbo4Lx0kULVTUXAQ==

GET
H2 200 index.html
ws.sharethis.com/secure/ Frame FEDB 0
0 9ms
6ms Document
text/html 2600:9000:21f3:dc00:3:c04e:c780:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sharethis.com/secure/index.html
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:dc00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash

Request headers

:method: GET
:authority: ws.sharethis.com
:scheme: https
:path: /secure/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.forcepoint.com/cyber-edu/malware
accept-encoding: gzip, deflate, br
cookie: __stid=ZGYAA13N60MAAAASQKaaAw==
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.forcepoint.com/cyber-edu/malware

Response headers

status: 200
content-type: text/html
content-length: 2090
content-encoding: gzip
last-modified: Wed, 09 Oct 2019 22:29:37 GMT
server: nginx/1.12.2
x-robots-tag: noindex, nofollow
date: Thu, 14 Nov 2019 01:20:38 GMT
etag: W/"5d9e5f51-1ade"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: 99Pw4FSZppPCJ1T6JBXWxfM9I3-UsYB8pIsRWsoUhIWEXDUtfBTiCA==
age: 81758

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.forcepoint.com
URL: https://www.forcepoint.com/en/ajax/eu-cookie-compliance/

Domain: www.google.com
URL: https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-72298027-1&cid=894132799.1573776196&jid=1580679210&_v=j79&z=1710056612

Domain: www.google.de
URL: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-72298027-1&cid=894132799.1573776196&jid=1580679210&_v=j79&z=1710056612&slf_rd=1&random=3383411974

Domain: www.google.de
URL: https://www.google.de/pagead/1p-user-list/801634614/?random=1573776195908&cv=9&fst=1573776000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oaav3&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.forcepoint.com%2Fcyber-edu%2Fmalware&tiba=What%20is%20Malware%3F%20Defined%2C%20Explained%2C%20and%20Explored%20%7C%20Forcepoint&async=1&fmt=3&is_vtc=1&random=3524317034&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Domain: www.forcepoint.com
URL: http://www.forcepoint.com/ajax/eu-cookie-compliance/

Verdicts & Comments Add Verdict or Comment

174 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bluekai.com/	1970-01-19 09:28:48	Name: bkpa Value: KJhkMXWvyM91CoIZmlqgrZ8bsavxKH9aXSuUDg5Y0pjUNMO4lt0/i9r88Wd0dDAzcJCRqWVHfDReoRVIifhNE0C5xdMI4gCJ04Q8E6TuTlG8SiN4t1eXpY7NSaUfPdLHOxFQ9IsuoODZ6s9NKkQUSel63mCjPHx2YSXZ1bXAknmY1oa7s8nZ2UJe7qeAk2t+6n8jLU6py669BR0bfQybvaen8F4eCESChiZMwmozfb9D6PCZQgsY8KAqEv5jV9==
.bluekai.com/	1970-01-19 09:28:48	Name: bkdc Value: phx
.t.sharethis.com/	1970-01-19 05:19:40	Name: pxcelPage_c010 Value: 0_7_1573776196130
.sharethis.com/	1970-01-19 13:56:38	Name: __stid Value: ZGYAA13N60MAAAASQKaaAw==
.doubleclick.net/	1970-01-19 14:31:12	Name: IDE Value: AHWqTUl46vS07MSyw3VMn4E61obpIVJnOo3iv9USJpiUg_Hw-pa_IcuzMrTgcUlV
.demdex.net/	1970-01-19 09:28:48	Name: demdex Value: 19169922926704231354484475181911398133
.forcepoint.com/	1970-01-19 22:40:48	Name: s_ecid Value: MCMID%7C11858988113554787043806562658485578778
.forcepoint.com/	1969-12-31 23:59:59	Name: s_cc Value: true
www.forcepoint.com/	1970-01-19 22:42:14	Name: driftt_aid Value: 99eeb018-04fc-4869-9b7e-28d39c694d77
.forcepoint.com/	1969-12-31 23:59:59	Name: AMCVS_8DC067C25245AFA80A490D4C%40AdobeOrg Value: 1
.forcepoint.com/	1970-01-19 22:42:14	Name: AMCV_8DC067C25245AFA80A490D4C%40AdobeOrg Value: 281789898%7CMCIDTS%7C18216%7CMCMID%7C11858988113554787043806562658485578778%7CMCAAMLH-1574380995%7C6%7CMCAAMB-1574380995%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1573783396s%7CNONE%7CMCSYNCSOP%7C411-18223%7CMCAID%7CNONE%7CvVersion%7C4.1.0
.forcepoint.com/	1970-01-19 22:40:48	Name: _mkto_trk Value: id:018-NKF-008&token:_mch-forcepoint.com-1573776195884-35904
.forcepoint.com/	1970-01-19 05:09:37	Name: v18 Value: fp%3Aresources%3Acyber%20edu%3Amalware
.forcepoint.com/	1970-01-19 05:09:36	Name: _gat_tealium_0 Value: 1
.forcepoint.com/	1970-01-19 07:19:12	Name: _gcl_au Value: 1.1.973648885.1573776196
.forcepoint.com/	1970-01-19 05:11:02	Name: _gid Value: GA1.2.385663644.1573776196
.forcepoint.com/	1970-01-19 11:44:02	Name: __unam Value: 1724677-16e6c5f003d-121e7f89-2
.forcepoint.com/	1970-01-19 13:55:12	Name: utag_main Value: v_id:016e6c5f00450041fb1837bd79c000079002c07100b08$_sn:1$_ss:1$_st:1573777995657$ses_id:1573776195657%3Bexp-session$_pn:1%3Bexp-session$vapi_domain:forcepoint.com
.forcepoint.com/	1970-01-19 07:19:12	Name: _vwo_ds Value: 3%3Aa_0%2Ct_0%3A0%241573776194%3A12.79691771%3A%3A%3A4_0%2C3_0%3A0
.forcepoint.com/	1970-01-19 22:40:48	Name: _ga Value: GA1.2.894132799.1573776196
.bluekai.com/	1970-01-19 09:28:48	Name: bku Value: +rQ99WEgpPNz0hRX
www.forcepoint.com/	1969-12-31 23:59:59	Name: has_js Value: 1
.forcepoint.com/	1970-01-19 05:09:37	Name: _vwo_sn Value: 0%3A1
.forcepoint.com/	1970-01-22 20:45:36	Name: _vwo_uuid Value: DA8D9DABF581F4D2B9D65550EBE358BD0
.forcepoint.com/	1970-01-19 07:33:36	Name: _vis_opt_s Value: 1%7C
.forcepoint.com/	1969-12-31 23:59:59	Name: _vis_opt_test_cookie Value: 1
.forcepoint.com/	1970-01-19 13:56:38	Name: _vwo_uuid_v2 Value: DA8D9DABF581F4D2B9D65550EBE358BD0\|409fc1b1df2db40eb2b03aa5f8a11945

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://tags.tiqcdn.com/utag/websense/forcepoint-2018/prod/utag.sync.js(Line 2) Message: start VWO sync section
console-api	log	URL: https://tags.tiqcdn.com/utag/websense/forcepoint-2018/prod/utag.sync.js(Line 5) Message: VWO load https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=371490&url=https%3A%2F%2Fwww.forcepoint.com%2Fcyber-edu%2Fmalware&random=0.164310250327947
console-api	log	URL: https://tags.tiqcdn.com/utag/websense/forcepoint-2018/prod/utag.sync.js(Line 9) Message: VWO loaded
console-api	log	URL: https://www.forcepoint.com/cyber-edu/malware(Line 140) Message: VWO load https://d5phz18u4wuww.cloudfront.net/vis_opt.js
console-api	log	URL: https://www.forcepoint.com/cyber-edu/malware(Line 140) Message: VWO top initialize
console-api	log	URL: https://www.forcepoint.com/cyber-edu/malware(Line 140) Message: VWO bottom initialize

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' data: 'unsafe-inline' 'unsafe-eval' .fonts.net .licdn.com .tiqcdn.com .marketo.com .marketo.net .mktoresp.com .demdex.net .burly.io .llnwd.net .tealiumiq.com .googleadservices.com .marinsm.com .amazonaws.com .quantserve.com .facebook.net .serving-sys.com .google-analytics.com .hirebridge.com .websense.com .bizographics.com .linkedin.com .cloudfront.net .newrelic.com .nr-data.net .adnxs.com .demandbase.com .twitter.com .omtrdc.net .youtube.com static.ads-twitter.com .company-target.com .omniture.com .doubleclick.net .forcepoint.com .google.com .facebook.com .getsmartcontent.com .vidyard.com .adroll.com s.ml-attr.com attr.ml-api.io .driftt.com .sharethis.com .vimeo.com .slideshare.net .techvalidate.com .gartner.com .gstatic.com .libsyn.com .cdnbasket.net ids.cdnwidget.com app.vwo.com .visualwebsiteoptimizer.com use.typekit.net p.typekit.net cdn.vwo-analytics.com thematrixstg2.prod.acquia-sites.com thematrixstg3.prod.acquia-sites.com .googleapis.com .cloudflare.com .sharethis.mgr.consensu.org; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' pixel.cdnwidget.com .tealiumiq.com .google.com .googleadservices.com .doubleclick.net .websense.com .marinsm.com .facebook.com .quantserve.com .google-analytics.com .w55c.net .marketo.com .iasds01.com .linkedin.com .cloudfront.net .forcepoint.com .adnxs.com .twitter.com t.co .omtrdc.net tags.w55c.net .demandbase.com .company-target.com maps.gstatic.com tags.tiqcdn.com munchkin.marketo.net .newrelic.com connect.facebook.net static.ads-twitter.com a.burly.io sjs.bizographics.com bam.nr-data.net snap.licdn.com .getsmartcontent.com .adroll.com .vidyard.com s.ml-attr.com attr.ml-api.io ml314.com .ml314.com .bing.com .driftt.com .crazyegg.com .sharethis.com .vimeo.com .slideshare.net .techvalidate.com .gartner.com .googletagmanager.com .visualwebsiteoptimizer.com app.vwo.com .js.ubembed.com assets.ubembed.com cdn.vwo-analytics.com .s3.amazonaws.com s3.amazonaws.com thematrixstg2.prod.acquia-sites.com thematrixstg3.prod.acquia-sites.com .clearbit.com .googleapis.com .cloudflare.com; img-src 'self' data: pixel.advertising.com .forcepoint.com .marinsm.com .google-analytics.com s.ml-attr.com .doubleclick.net .facebook.com .adroll.com .yahoo.com .google.com .getsmartcontent.com .pubmatic.com .adnxs.com t.co attr.ml-api.io pixel.rubiconproject.com trc.taboola.com sync.outbrain.com .casalemedia.com idsync.rlcdn.com .bidswitch.net us-u.openx.net bsw.digitru.st ps.eyeota.net match.adsrvr.org sync-tm.everesttech.net dmp.adform.net i.w55c.net d.turn.com tags.w55c.net sync.tidaltv.com sync.mathtag.com in.v12group.com sync.adap.tv eyeota-sync.dotomi.com p.rfihub.com .demdex.net .tealiumiq.com .vidyard.com .bing.com s3.amazonaws.com .s3.amazonaws.com .driftt.com eb2.3lift.com .gartner.com .liadm.com .krxd.net .pippio.com .amazon-adsystem.com .visualwebsiteoptimizer.com .cloudfront.net .cdnwidget.com tags.bluekai.com .adsymptotic.com cm.everesttech.net su.addthis.com lrpush.apxlv.com global.ib-ibi.com bcp.crwdcntrl.net analytics.twitter.com api.bizographics.com sync.placelocal.com segments.company-target.com pixel.tapad.com lrp.mxptint.net match.prod.bidr.io p.univide.com rp.gwallet.com ds.reson8.com dmp.truoptik.com aa.agkn.com bs.serving-sys.com .entitytag.co.uk token.rubiconproject.com liveramp-eicm-global.dsp.io thrtle.com apolloprogram.io live.rzsync.com .youtube.com insight.adsrvr.org .crazyegg.com thematrixstg2.prod.acquia-sites.com thematrixstg3.prod.acquia-sites.com .googleapis.com .cloudflare.com .linkedin.com .sharethis.com; connect-src 'self' app.vwo.com dpm.demdex.net websense.tt.omtrdc.net .mktoresp.com .cdnbasket.net ids.cdnwidget.com .forcepoint.com sample-api-v2.crazyegg.com .visualwebsiteoptimizer.com insight.adsrvr.org bam.nr-data.net .tealiumiq.com live-evercurrent-clone.pantheonsite.io .sharethis.com *.doubleclick.net; report-uri /admin/config/system/seckit/csp-report
Strict-Transport-Security	max-age=18410000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.forcepoint.com thematrixstg2.prod.acquia-sites.com thematrixstg3.prod.acquia-sites.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

018-nkf-008.mktoresp.com
6634a5cdf59e4bb3a8f70dcd111da346.js.ubembed.com
9563368.fls.doubleclick.net
ajax.googleapis.com
analytics.twitter.com
analyticsssl.forcepoint.com
app-abm.marketo.com
assets.ubembed.com
attr.ml-api.io
c.sharethis.mgr.consensu.org
cdnjs.cloudflare.com
cm.everesttech.net
d5phz18u4wuww.cloudfront.net
dev.visualwebsiteoptimizer.com
dpm.demdex.net
googleads.g.doubleclick.net
js.driftt.com
l.sharethis.com
munchkin.marketo.net
p.typekit.net
platform.twitter.com
px.ads.linkedin.com
s.ml-attr.com
secure.adnxs.com
snap.licdn.com
static.ads-twitter.com
t.co
t.sharethis.com
tags.tiqcdn.com
use.typekit.net
websenseinc.demdex.net
ws.sharethis.com
www.forcepoint.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.forcepoint.com
www.google.com
www.google.de
104.111.215.74
104.111.236.11
104.16.94.80
104.244.42.3
104.244.42.69
13.224.196.58
13.224.196.93
13.224.197.121
143.204.101.129
15.188.31.119
151.101.12.157
151.101.13.131
152.199.23.241
159.122.87.148
172.217.21.230
184.31.84.223
185.33.223.210
192.28.144.124
216.58.205.226
2600:9000:20eb:4e00:c:a9b7:ddc0:93a1
2600:9000:21f3:dc00:3:c04e:c780:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700::6811:523b
2a00:1450:4001:808::2008
2a00:1450:4001:81b::200e
2a00:1450:4001:81f::2002
2a00:1450:4001:825::2004
2a00:1450:4001:825::200a
2a02:26f0:6c00:296::25ea
2a05:f500:10:101::b93f:9105
2a05:f500:11:101::b93f:9001
3.120.46.255
34.247.192.223
52.213.115.189
54.191.140.180
66.117.28.86
68.67.153.60
011af481a6c21ebe9524e49d785ca76479a7f44c63e013848d2992cba4e12532
02fd8218c0d1addb88c653b2f7211b8cd273312e59e6de51e5d2791627e7ef9d
056a4e1b6dae094d40dc036f7c14bbf67bec689da69476fdcaf6fc88354c4a52
07d2c2d4dd9d16e83abe315702d047a36fa215ceaecc2efd75de0a22ee1b3c7f
0b2f93c4ca70057a13ff644be0aeb4a4c56a598c994c9e90d90d7845078b1d68
0b83d6d20535213572ffe076a75e720327f953bc0b1da87b1427a939c7349385
10979d0bf76262c125b3559c66208504c91bea31e247b46e6796ee32cd1660db
13be2fe24ef2f32d509d2e1b9a1d545043032200b70309d29b457352b4bdfc0b
1430f42c0d760ba8e05bb3762480502e541f654fec5739ee40625ab22dc38c4f
16089a42741acc5fd00ab17da92be9458e8f0029fd645f159e582a7ea0f52ec1
165ce8263ca664be948ad36d6dc751b06a81d6f63771fc13d6628c021bac4f08
19f42b5f8e49428651f2c67b5fd7ef8e841944cdc01bcee33f2225bee85b53f7
1bc631b8619af42059b75dee6c0e7f06ed78ea9d718cf265bbc7e46791236b13
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
20b2920e1eb0e8988ec59f3a92c40e8269645b867ba778e15499297d0cc8f79c
26e99e06771527b1910c77822cd645c9757fbeaddf94aba93a36d540f1a007bd
2b54ce972b3dc67894821f556fe623ca70d57910fe0b8ef654a9c231c24dad9f
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
3227f6069098cdc37c2ead28fa22bca6c3522c82276e645294a49e27a8c64861
35a6940cbfb4bc9faa8aef5a40f404ab7314f0a2d921015aa4917bfde5aa92bc
3efdb6f594f25fbecf4ca4c9267a0b483c6355a059845c837e45809639a059dc
3f43092af27c8c824e6319fb3b08830040761387ebb63977467ccd3bd04a7bfb
40e4dd489a6604c9784e4eed1bd68cb283b2f1a78ca0a4101d8bafa74d3f5cc6
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
423d93b5e3f5735f22d497170a618ca6180435b033bfc2ad9300d7b5b3819b8e
4460f1596174d06cca957fdaca2c71e1a377cf1d6f07ee4c75ffb3bf3fc97a03
44e017f352177fac2b343b0bed9e7c579ab3873f407d73113ba2123b98f00fe8
4954b5d2ccd0484903a4124d3cb7002e5c3f2315ec4fdb7e660f537adb3b25b2
4ba03e57203ea578ec51f56d317a69cc2bb83af0933780683890fd9e046b66e5
4e81f9fdae3a84ba97ae83d71ccdf89dbdb74c9a0dd0291c4ee7c9c6c4a9d0b4
50606cd81d2ce35f5cc80eece3e09426c424a94f5f240fc7364d9eda5bf4b950
53a4b4d9fcb03daf56eb9d0daf33f42111003ce893992009baea66c45a418264
54c4b4c8cfaad2a095219121aaa89a55c8a7657d0203f2e45b7c90f2a1ec3a09
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5968e6fd2bb447f04cfccd4629a337a9668e8ca1731bf03eefd2ed9840d9a43d
5bc25d8dea40f0a08e4de55180ba479c266d0f8e22f5383fdd993674d50cafe8
630057f76d601d1a93b7a95d98b8e8c3f5ec25a11d26adb6d81f81ebf0ff2427
64755916bfcc7b6b2d39982af788b37ee5ea30c6763fac8f3248e9bb79184c43
653f4d93f336e81c3eabbc455507a83f6f6a3b47aa7aa7b974041c36d5b46ee2
6981f2c15569375be599eef829f1f6cfb1c82f12bf8d4a3a1bc21ef2671e22f8
6b15bfca502a1fd835da1eaa33d575cf5c81570e6e2a63dd74dd924204615aa0
6c73a603331a2aaef27ee7573b9a259e6b95da98a69ed77b158dc269b7cfab6d
7512351622a88647c44b89197102fc8284443cad80b463ed5bd59d071ac883ee
75c51258ee43a5b453c526eba47df808bef09ce59136344ef039d33139240f43
75f0d54be8a1c4d80410662d0342a6caca0af4e3e6c383081d2475004587030a
764262648df23049f6c23fe89dc20106a96c4624412a8ad20ec54bb7bbae6c6e
78bb5fbd98536862dba931de4bdf3185c8fa7270872bb7c1d880257cd586a385
7be499beaf9c4579007d3abc8f55f7a467f9325bab3d8bd54ede5762a907c85a
7d3366a840ad0fcdeea218285ae72c6a42b2305d2f78481a3c5a1d3341cf1d54
7f5c821e9fd780ec5b3b15c4dc80b85fae52b830ea38685d21f8a46fa50972bd
801f5f979a8d4cba5728424da246e1b23bea52d1a03080d78aca71c2ee9ae6f4
81b97093e0bb57e2b59a6c6e470b5f8bf7930af86286c9b0a30d0dc6ebc5c63f
82c7f18b9049b338b5af65d908ef232f6dee011cec43993fe9f7fad1d90d9818
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
833975c410d4a2f66aeaaa86477bcd7573b4fee50c677ed648cffc37896bae4d
87d5dc85e9536d63ea6d84a684ec4c733edc12685130c0ab8776cba0322e7a21
890ed26cc0290a38c48a99ed4816b8237593d8748ee8b9f20e07849f91a28bb6
89661b536520a60b10ed5faf2f6b3f72202ad6a48e46a3448ba95eccbae37f19
8c39ce2883aad8a36c4194dc053127b29efa1677cc12db45e805760c5d9f14d1
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05
96069e32ede08e5dbb97d656859b3718534454c849900ecf1be017d326018154
98652e23a4c0cfcf2cc7001adb4a1795d7f49e57e32298fefc1d8360277c568e
9a1f2cc7238592d06721ba7780a4c4dcc2dd969638cf662f7232a745345f6c6c
9bf02c9770b2f6cca2e8995e99c09c07ef6f970d78f11912f924056a3eaa44e3
a0d9d290c9928affdd7f2816a574b367cbd6aca7ff1ba7b14b3391330d6f1995
a1bd6a4c3dfee38b08fced2dae99560888b3450b6568f268479617385ee9c7d0
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a26a93fa4f6cd38fe9272c6a9bc2aa422b37810fa0bd6a483151348376ade1ed
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a3f4ccf800b795efc4590d993a7743a680f50669e46c19d9acac28ac1731fb6b
a409f44b38d2cd28cfc6f4ccb9d592e838e82ab611c86daa03d8a96b47814d39
a4ab76e5a9fff70a6c624099464e32bc44a3cc9918708442d709bffcb246c498
a67734b167793dc0af9c839d6708d15f0d4d24892035f6ef40b2cb9afa129d5a
a928c8a9bf6e998e13ed54d631a06032e11baa7f399905b88b4080ddd14a1e2b
a94356ee10b5d03a75ee26811bc68de1a237003c2daf536d7e8c6c000199b0dc
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acabbd6a130811880b5350a7d0f00a853bed85d12b3ae22de1a6c8a3a4180340
af82f815d8e13ce5a219c982662bc727bc22db0b4429883d7334522bddb69cc9
b09a5170d0cf8dc6ce9ca11085832097831d972bdc0dfc03818aeb3fa52799ef
b3464a2f10d4f778b515eef96c079c165ea6bc1ff58b70fd0accdc6cc762fc23
b9c823db89be14289e3b0585970e3d91c3313ec9f82d13c9cb24d90820efc699
bd49cec35e6c1fb7e1635ddddeb03935dd7e02515ae90ee66b520ae01e80a3e2
c0e0b9f64e6354a2677f8cc7b48c489b4fac6183a86dfedc0f52bb0cc17fce3a
c54103ba57ee210ca55c052e70415402707548a4e6a68dd6efb3895019bee392
c712b85f4d57c41bb049c80303067da9790aa76b32a41b422174bd507695f444
c75ed0408e67a8a2853f8444487fb4688720eb60b2988983dbb2dfb059ce209f
cd5edd165cd6a9eb738aac6c6a5c6ba56ed5b998388868894f7959aa86d50a7b
d065f1aadbe98a14f19b0c982f102f11cd32f76298ae629bcf53004b435c6433
d5ccf90219d8f1a0c0da3036c5cedb91be4599ea4ac8c06316eb37e17b66585b
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dc23a7b4a0ea0b90e90908df04bda3ba40b0e8d7a394c06f6bcdf68e8d59ca81
de36a4355106fb331f976513b3090b8ec6586412309ee233a2bdc9f97f8f179e
de502b0503ebafcb2e8a7a7eea68518767d9044d13d7e4459727198b475bd04f
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e37f948152be3cb3ae0d95da84f8f29abbb0ddaaa29e99987e6978a417cd011c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45c02063f0c560ad6a1d39fd69cc5ca4a48d9a1ae0111ecbb01e584dc76fc02
e47c472a3e337cf1f82b63707331b54874a4f65eddabb8a3e35ac047e70bc36f
e57e807ef29a98b3741fb18f2507ef74643c9fc265a139c278857fd9bbce1e93
e7f4f6900a4b2038f5a91a7f6bbb754b7492187ffed2517bded7ce4d1c171526
e96ee4202dd697f4757a0c1502f5b3ae79c0d59d0823d80a80ac3ed97132d861
ec81e4fbe5e2a0af8b2b9153151fb9fa08ad82253728dc1348d84de136d252a8
eeefff6bb825fa6fe1062bfbcbc6b2e4c61cf84ebd51e075d4d0177e0457388a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb6b9732bf508ee305363b10cf2a67ace474e06eb42642f2c3696b2442a5775
f52bcb724efb50eccfad9fcc906faeea58c210b0966b19a63f058f26c40a9666
f66578f61dcd2d00bb8b7a0c5a7a02d39871c2e7c4615826c4e3a6a879a1a66b
f8189a76326254eb6e5dd385f91ef00a19cd87be410e5592bf8134df72d2121d
f837fbdab0ba5ef7e52f8a48c9eae23dc8820a39e5c45f517442da89e46afcd5
f94e2ade1ac459cbd85602ea2cebbc6b8e04d022c302ac6941ddd6eb9739ea2c
f97341de4415531cb15d7472b1a00e875c1ad9b5541fd7e9f8ef5905f2a02092
f9ecdd229eb669bbf201b6ac821b60037c354895760b25c320bdb746fdf5083d
fe9132775150b13960723fdffd15ef8bb7f07d120787874114ac9e3d4f303f46

www.forcepoint.com Open in urlscan Pro 54.191.140.180 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

119 Requests

96 %HTTPS

32 %IPv6

30 Domains

39 Subdomains

33 IPs

7 Countries

1122 kBTransfer

3507 kBSize

27 Cookies

7 Outgoing links

Redirected requests

119 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 14 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.forcepoint.com Open in urlscan Pro
54.191.140.180 Public Scan

Screenshot
Live screenshot

Full Image

119
Requests

96 %
HTTPS

32 %
IPv6

30
Domains

39
Subdomains

33
IPs

7
Countries

1122 kB
Transfer

3507 kB
Size

27
Cookies

119 HTTP transactions
14 data transactions