blog.talosintelligence.com Open in urlscan Pro
2606:4700::6811:3b4c Public Scan

Go To Rescan
Add Verdict Report

URL:
https://blog.talosintelligence.com/2021/05/transparent-tribe-infra-and-targeting.html
Submission: On May 18 via api (May 18th 2021, 8:44:22 am UTC) from US

Summary HTTP 67 Redirects Links 84 Behaviour Indicators

Summary

This website contacted 18 IPs in 3 countries across 13 domains to perform 67 HTTP transactions. The main IP is 2606:4700::6811:3b4c, located in United States and belongs to CLOUDFLARENET, US. The main domain is blog.talosintelligence.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 1st 2020. Valid for: a year.

This is the only time blog.talosintelligence.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2606:4700::68... 2606:4700::6811:3b4c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 13	2a00:1450:400... 2a00:1450:4001:831::2009	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2009	15169 (GOOGLE) (GOOGLE)
14	2606:4700::68... 2606:4700::6812:c73a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:1901:1:c... 2600:1901:1:c36::	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:802::200d	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5e41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
6	2a04:4e42:62:... 2a04:4e42:62::760	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
1	35.188.42.15 35.188.42.15	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:5... 2600:1901:0:524d::	15169 (GOOGLE) (GOOGLE)
2	2600:1901:1:6... 2600:1901:1:64a::	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
67	18

2 2606:4700::6811:3b4c (United States)

ASN13335 (CLOUDFLARENET, US)

blog.talosintelligence.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.talosintelligence.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:831::2009 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
resources.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

img2.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700::6812:c73a (United States)

ASN13335 (CLOUDFLARENET, US)

www.talosintelligence.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
blog.talosintelligence.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:1:c36:: (United States)

ASN15169 (GOOGLE, US)

open.spotify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200d (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5e41 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a04:4e42:62::760 (United States)

ASN54113 (FASTLY, US)

open.scdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.scdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.188.42.15 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 15.42.188.35.bc.googleusercontent.com

o22381.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:524d:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

apresolve.spotify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:1:64a:: (United States)

ASN15169 (GOOGLE, US)

gew-spclient.spotify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	blogspot.com 1.bp.blogspot.com	3 MB
16	talosintelligence.com blog.talosintelligence.com www.talosintelligence.com	52 KB
10	blogger.com 1 redirects www.blogger.com	309 KB
6	scdn.co open.scdn.co i.scdn.co	769 KB
5	spotify.com open.spotify.com apresolve.spotify.com gew-spclient.spotify.com	11 KB
4	blogblog.com img2.blogblog.com resources.blogblog.com	3 KB
3	gstatic.com fonts.gstatic.com	69 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	google.com 1 redirects accounts.google.com www.google.com	6 KB
1	sentry.io o22381.ingest.sentry.io	406 B
1	doubleclick.net stats.g.doubleclick.net	92 B
1	cloudflareinsights.com static.cloudflareinsights.com	5 KB
1	googleapis.com fonts.googleapis.com	1 KB
67	13

	Domain	Requested by
17	1.bp.blogspot.com	blog.talosintelligence.com
13	www.talosintelligence.com	blog.talosintelligence.com
10	www.blogger.com	1 redirects blog.talosintelligence.com www.blogger.com
5	open.scdn.co	open.spotify.com
3	resources.blogblog.com	blog.talosintelligence.com www.blogger.com
3	fonts.gstatic.com	fonts.googleapis.com
3	blog.talosintelligence.com	blog.talosintelligence.com static.cloudflareinsights.com
2	gew-spclient.spotify.com	open.scdn.co
2	www.google-analytics.com	blog.talosintelligence.com www.google-analytics.com
2	open.spotify.com	blog.talosintelligence.com open.scdn.co
1	www.google.com	www.blogger.com
1	apresolve.spotify.com	open.scdn.co
1	o22381.ingest.sentry.io	open.scdn.co
1	i.scdn.co	open.spotify.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	static.cloudflareinsights.com	blog.talosintelligence.com
1	accounts.google.com	1 redirects
1	img2.blogblog.com	blog.talosintelligence.com
1	fonts.googleapis.com	blog.talosintelligence.com
67	19

This site contains links to these domains. Also see Links.

Domain
www.talosintelligence.com
snort.org
www.clamav.net
www.spamcop.net
talosintelligence.com
twitter.com
malpedia.caad.fkie.fraunhofer.de
www.claws.in
www.finmin.nic.in
www.kaspersky.com
cdm.ap.nic.in
heartofasiasociety.org
1.bp.blogspot.com
www.cisco.com
cisco.com
meraki.cisco.com
umbrella.cisco.com
www.snort.org
orbital.amp.cisco.com
github.com
www.blogger.com
www.facebook.com
www.linkedin.com
www.reddit.com
blogs.cisco.com
blog.snort.org
feedproxy.google.com
blog.clamav.net
www.youtube.com
tools.cisco.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-01` - `2021-08-01`	a year	crt.sh
*.blogger.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.spotify.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-03` - `2022-05-03`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.scdn.co DigiCert SHA2 Secure Server CA	`2020-08-05` - `2021-09-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.ingest.sentry.io R3	`2021-04-27` - `2021-07-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://blog.talosintelligence.com/2021/05/transparent-tribe-infra-and-targeting.html
Frame ID: 3C5438D75755535006F57176D4D26126
Requests: 48 HTTP requests in this frame

Frame: https://open.spotify.com/embed-podcast/episode/7DqBSPHYlnhsNb2Kr1WXI5
Frame ID: F973C3B77059B1ED6DBD835B2902A0E4
Requests: 11 HTTP requests in this frame

Frame: https://www.blogger.com/comment-iframe.g?blogID=1029833275466591797&postID=7666782930518017442&blogspotRpcToken=748363&bpli=1
Frame ID: 6BA64F2FBE8FCE2062833BEEEE4A4922
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Blogger (Blogs) Expand

Overall confidence: 100%
Detected patterns

meta generator /^Blogger$/i

Python (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

meta generator /^Blogger$/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

67
Requests

100 %
HTTPS

95 %
IPv6

13
Domains

19
Subdomains

18
IPs

3
Countries

4214 kB
Transfer

5975 kB
Size

6
Cookies

84 Outgoing links

These are links going to different origins than the main page.

URL: https://www.talosintelligence.com/
Title:

Search URL Search Domain Scan URL

URL: https://www.talosintelligence.com/software
Title: Software

Search URL Search Domain Scan URL

URL: https://www.talosintelligence.com/vulnerability_info
Title: Vulnerability Information

Search URL Search Domain Scan URL

URL: https://www.talosintelligence.com/vulnerability_reports
Title: Vulnerability Reports

Search URL Search Domain Scan URL

URL: https://www.talosintelligence.com/ms_advisories
Title: Microsoft Advisories

Search URL Search Domain Scan URL

URL: https://www.talosintelligence.com/reputation
Title: Reputation Center

Search URL Search Domain Scan URL

URL: https://www.talosintelligence.com/reputation_center
Title: IP & Domain Reputation

Search URL Search Domain Scan URL

URL: https://www.talosintelligence.com/talos_file_reputation
Title: Talos File Reputation

Search URL Search Domain Scan URL

URL: https://www.talosintelligence.com/support
Title: Reputation Support

Search URL Search Domain Scan URL

URL: https://www.talosintelligence.com/amp-naming
Title: AMP Threat Naming Conventions

Search URL Search Domain Scan URL

URL: https://www.talosintelligence.com/awbo_intro
Title: AWBO Exercises

Search URL Search Domain Scan URL

URL: https://www.talosintelligence.com/categories
Title: Intelligence Categories

Search URL Search Domain Scan URL

URL: https://www.talosintelligence.com/resources
Title: Library

Search URL Search Domain Scan URL

URL: https://www.talosintelligence.com/community
Title: Support

Search URL Search Domain Scan URL

URL: https://www.talosintelligence.com/reputation_center/support#reputation_center_support_ticket
Title: Reputation Center Support

Search URL Search Domain Scan URL

URL: https://snort.org/community
Title: Snort Community

Search URL Search Domain Scan URL

URL: https://www.clamav.net/contact.html#ml
Title: ClamAV Community

Search URL Search Domain Scan URL

URL: https://www.spamcop.net/
Title: SpamCop

Search URL Search Domain Scan URL

URL: https://www.talosintelligence.com/incident_response
Title: Incident Response

Search URL Search Domain Scan URL

URL: https://www.talosintelligence.com/careers
Title: Careers

Search URL Search Domain Scan URL

URL: https://talosintelligence.com/podcasts
Title: Podcasts

Search URL Search Domain Scan URL

URL: https://talosintelligence.com/podcasts/shows/beers_with_talos
Title: Beers with Talos

Search URL Search Domain Scan URL

URL: https://talosintelligence.com/podcasts/shows/talos_takes
Title: Talos Takes

Search URL Search Domain Scan URL

URL: https://www.talosintelligence.com/about
Title: About

Search URL Search Domain Scan URL

URL: https://talosintelligence.com/users/auth/saml
Title: Cisco Login

Search URL Search Domain Scan URL

URL: https://twitter.com/asheermalhotra
Title: Asheer Malhotra

Search URL Search Domain Scan URL

URL: https://twitter.com/ThattilJustin
Title: Justin Thattil

Search URL Search Domain Scan URL

URL: https://twitter.com/kkmckay22
Title: Kendall McKay

Search URL Search Domain Scan URL

URL: https://malpedia.caad.fkie.fraunhofer.de/details/win.crimson
Title: CrimsonRAT

Search URL Search Domain Scan URL

URL: https://www.claws.in/
Title: Center For Land Warfare Studies (CLAWS)

Search URL Search Domain Scan URL

URL: https://www.claws.in/static/CoAS-CoE-2021-PROPOSAL.pdf
Title: documentation

Search URL Search Domain Scan URL

URL: https://www.finmin.nic.in/seven-cpc
Title: The 7th Central Pay Commission (CPC)

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/about/press-releases/2020_transparent-tribe-transparent-lives-new-android-spyware-distributed-under-the-guise-of-popular-apps
Title: previous reporting

Search URL Search Domain Scan URL

URL: https://cdm.ap.nic.in/
Title: College of Defense Management's

Search URL Search Domain Scan URL

URL: https://twitter.com/HAS_Afghanistan/status/1277971943489105925
Title: "Building a Peaceful Afghanistan: Regional and International Support for afghan Peace" dialogue series

Search URL Search Domain Scan URL

URL: https://heartofasiasociety.org/
Title: Heart of Asia Society

Search URL Search Domain Scan URL

URL: https://1.bp.blogspot.com/-q6cgZnleS8k/YJwjPgTphYI/AAAAAAAAAS4/B82hCpLQMOk6UtsFfTKeH64kfVEU4qOjwCLcBGAsYHQ/s1999/image11.png

Search URL Search Domain Scan URL

URL: https://www.cisco.com/c/en/us/products/security/advanced-malware-protection
Title: Cisco Secure Endpoint

Search URL Search Domain Scan URL

URL: https://cisco.com/go/tryamp
Title: here.

Search URL Search Domain Scan URL

URL: https://www.cisco.com/c/en/us/products/security/email-security-appliance/index.html
Title: Cisco Secure Email

Search URL Search Domain Scan URL

URL: https://www.cisco.com/c/en/us/products/security/firewalls/index.html
Title: Cisco Secure Firewall

Search URL Search Domain Scan URL

URL: https://www.cisco.com/c/en/us/products/collateral/security/firepower-ngfw-virtual/datasheet-c78-742858.html
Title: Threat Defense Virtual

Search URL Search Domain Scan URL

URL: https://www.cisco.com/c/en/us/products/security/adaptive-security-appliance-asa-software/index.html
Title: Adaptive Security Appliance

Search URL Search Domain Scan URL

URL: https://meraki.cisco.com/products/appliances
Title: Meraki MX

Search URL Search Domain Scan URL

URL: https://www.cisco.com/c/en/us/solutions/enterprise-networks/amp-threat-grid/index.html
Title: Cisco Secure Malware Analytics

Search URL Search Domain Scan URL

URL: https://umbrella.cisco.com/
Title: Umbrella

Search URL Search Domain Scan URL

URL: https://www.cisco.com/c/en/us/products/security/web-security-appliance/index.html
Title: Cisco Secure Web Appliance

Search URL Search Domain Scan URL

URL: https://www.cisco.com/c/en/us/products/security/firepower-management-center/index.html
Title: Cisco Secure Firewall Management Center

Search URL Search Domain Scan URL

URL: https://www.snort.org/products
Title: Snort.org

Search URL Search Domain Scan URL

URL: https://orbital.amp.cisco.com/help/#:~:text=Cisco%20Orbital%20(%E2%80%9COrbital%E2%80%9D),(Creators%20Update)%20or%20later.
Title: Orbital Advanced Search

Search URL Search Domain Scan URL

URL: https://github.com/Cisco-Talos/osquery_queries/blob/master/win_malware/malware_obliquerat_filepath.yaml
Title: here

Search URL Search Domain Scan URL

URL: https://github.com/Cisco-Talos/osquery_queries/blob/master/win_malware/malware_obliquerat_mutex.yaml
Title: here

Search URL Search Domain Scan URL

URL: https://talosintelligence.com/resources/209
Title: here

Search URL Search Domain Scan URL

URL: https://www.blogger.com/post-edit.g?blogID=1029833275466591797&postID=7666782930518017442&from=pencil
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https://blog.talosintelligence.com/2021/05/transparent-tribe-infra-and-targeting.html&text=Transparent%20Tribe%20APT%20expands%20its%20Windows%20malware%20arsenal
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https://blog.talosintelligence.com/2021/05/transparent-tribe-infra-and-targeting.html&text=Transparent%20Tribe%20APT%20expands%20its%20Windows%20malware%20arsenal
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/sharing/share-offsite/?url=https://blog.talosintelligence.com/2021/05/transparent-tribe-infra-and-targeting.html&text=Transparent%20Tribe%20APT%20expands%20its%20Windows%20malware%20arsenal
Title:

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?url=https://blog.talosintelligence.com/2021/05/transparent-tribe-infra-and-targeting.html&title=Transparent%20Tribe%20APT%20expands%20its%20Windows%20malware%20arsenal
Title:

Search URL Search Domain Scan URL

URL: https://www.blogger.com/comment-iframe.g?blogID=1029833275466591797&postID=7666782930518017442&blogspotRpcToken=748363

Search URL Search Domain Scan URL

URL: https://www.talosintelligence.com/blog_subscription
Title: Subscribe via Email

Search URL Search Domain Scan URL

URL: https://blogs.cisco.com/
Title: Cisco Blog

Search URL Search Domain Scan URL

URL: https://blogs.cisco.com/ciscoit/journey-to-a-software-defined-access-fabric-network-part-2
Title: Journey to a software-defined access fabric network, part 2

Search URL Search Domain Scan URL

URL: https://blog.snort.org/
Title: Snort Blog

Search URL Search Domain Scan URL

URL: https://feedproxy.google.com/~r/Snort/~3/dFWNg4ig5rM/snort-rule-update-for-may-13-2021.html
Title: Snort rule update for May 13, 2021

Search URL Search Domain Scan URL

URL: http://blog.clamav.net/
Title: ClamAV® blog

Search URL Search Domain Scan URL

URL: https://feedproxy.google.com/~r/Clamav/~3/HLo75DA2w0E/clamav-devel-github-repository-name.html
Title: "clamav-devel" GitHub repository name change to "clamav"

Search URL Search Domain Scan URL

URL: https://talosintelligence.com/software
Title: Software

Search URL Search Domain Scan URL

URL: https://talosintelligence.com/reputation_center
Title: Reputation Center

Search URL Search Domain Scan URL

URL: https://talosintelligence.com/vulnerability_info
Title: Vulnerability Information

Search URL Search Domain Scan URL

URL: https://talosintelligence.com/ms_advisories
Title: Microsoft Advisory Snort Rules

Search URL Search Domain Scan URL

URL: https://talosintelligence.com/amp-naming
Title: AMP Naming Conventions

Search URL Search Domain Scan URL

URL: https://talosintelligence.com/talos_file_reputation
Title: Talos File Reputation

Search URL Search Domain Scan URL

URL: https://talosintelligence.com/awbo_intro
Title: AWBO Exercises

Search URL Search Domain Scan URL

URL: https://talosintelligence.com/resources
Title: Library

Search URL Search Domain Scan URL

URL: https://talosintelligence.com/community
Title: Support Communities

Search URL Search Domain Scan URL

URL: https://talosintelligence.com/about
Title: About

Search URL Search Domain Scan URL

URL: https://talosintelligence.com/careers
Title: Careers

Search URL Search Domain Scan URL

URL: https://talosintelligence.com/newsletters
Title: Threat Source Newsletter

Search URL Search Domain Scan URL

URL: https://twitter.com/talossecurity
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/playlist?list=PLFT-9JpKjRTDn_qtGN238gzycJfaVzMqD
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/cisco-talos-intelligence-group/
Title:

Search URL Search Domain Scan URL

URL: https://tools.cisco.com/security/center/home.x
Title:

Search URL Search Domain Scan URL

URL: https://www.cisco.com/web/siteassets/legal/privacy_full.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/blogspot-cookies
Title: Weitere Informationen

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://www.blogger.com/comment-iframe.g?blogID=1029833275466591797&postID=7666782930518017442&blogspotRpcToken=748363 HTTP 302
https://accounts.google.com/ServiceLogin?continue=https://www.blogger.com/comment-iframe.g?blogID%3D1029833275466591797%26postID%3D7666782930518017442%26blogspotRpcToken%3D748363%26bpli%3D1&followup=https://www.blogger.com/comment-iframe.g?blogID%3D1029833275466591797%26postID%3D7666782930518017442%26blogspotRpcToken%3D748363%26bpli%3D1&passive=true&go=true HTTP 302
https://www.blogger.com/comment-iframe.g?blogID=1029833275466591797&postID=7666782930518017442&blogspotRpcToken=748363&bpli=1

67 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request transparent-tribe-infra-and-targeting.html Show response
blog.talosintelligence.com/2021/05/ 187 KB
33 KB 213ms
196ms Document
text/html 2606:4700::6811:3b4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.talosintelligence.com/2021/05/transparent-tribe-infra-and-targeting.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:3b4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb9b1260c780f395cf92d12a99df8dbef1fc7537a608a6806013ac7bc8373818

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: blog.talosintelligence.com
:scheme: https
:path: /2021/05/transparent-tribe-infra-and-targeting.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 08:44:04 GMT
content-type: text/html; charset=UTF-8
expires: Tue, 18 May 2021 08:44:04 GMT
cache-control: private, max-age=0
last-modified: Mon, 17 May 2021 18:01:42 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
cf-request-id: 0a203e92ce00001772500c5000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 6513cd314f111772-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 115981500-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 36 KB
37 KB 28ms
6ms Stylesheet
text/css 2a00:1450:4001:831::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/115981500-css_bundle_v2.css

Requested by

Host: blog.talosintelligence.com
URL: https://blog.talosintelligence.com/2021/05/transparent-tribe-infra-and-targeting.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22ca5e3dcd26fa66a4af4b4a5d47a6a3a17f4cb9abdd03707901758b28f5c1d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.talosintelligence.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 23:27:25 GMT
x-content-type-options: nosniff
last-modified: Fri, 14 May 2021 18:28:49 GMT
server: sffe
age: 292599
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36990
x-xss-protection: 0
expires: Sat, 14 May 2022 23:27:25 GMT

GET
H2 200 css
fonts.googleapis.com/ 15 KB
1 KB 16ms
16ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,300,400|Exo+2:500,400,300,100,700|Fira+Mono

Requested by

Host: blog.talosintelligence.com
URL: https://blog.talosintelligence.com/2021/05/transparent-tribe-infra-and-targeting.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2fc708a149338bc9e4af67790f9e19d88a8f9377d6021cf2a0134688162fbe79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://blog.talosintelligence.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 18 May 2021 08:44:04 GMT
server: ESF
date: Tue, 18 May 2021 08:44:04 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 18 May 2021 08:44:04 GMT

GET
H2 200 authorization.css
www.blogger.com/dyn-css/ 1 B
688 B 116ms
113ms Stylesheet
text/css 2a00:1450:4001:831::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=1029833275466591797&zx=4e7cabbe-5909-4cb9-8ad3-d179fcac907f

Requested by

Host: blog.talosintelligence.com
URL: https://blog.talosintelligence.com/2021/05/transparent-tribe-infra-and-targeting.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blog.talosintelligence.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 18 May 2021 08:44:04 GMT
server: GSE
date: Tue, 18 May 2021 08:44:04 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 logo_cisco_white.svg
www.talosintelligence.com/assets/ 4 KB
1 KB 31ms
29ms Image
image/svg+xml 2606:4700::6811:3b4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.talosintelligence.com/assets/logo_cisco_white.svg

Requested by

Host: blog.talosintelligence.com
URL: https://blog.talosintelligence.com/2021/05/transparent-tribe-infra-and-targeting.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:3b4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5d2405df2a95c974d5c0771e3a45b2dea1a2c2824cf6a917a605bf4a967c86d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.talosintelligence.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 08:44:04 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
age: 81715
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a203e93c200001772fa3b9000000001
x-request-id: 072d5183-6e88-4e43-ace5-c6adee2d8eaf
x-runtime: 0.002941
server: cloudflare
etag: W/"e5d2405df2a95c974d5c0771e3a45b2dea1a2c2824cf6a917a605bf4a967c86d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=86400
cf-ray: 6513cd32d9e71772-FRA
expires: Wed, 19 May 2021 08:44:04 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400|Exo+2:500,400,300,100,700|Fira+Mono

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://blog.talosintelligence.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 04:23:23 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
age: 188441
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
expires: Mon, 16 May 2022 04:23:23 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 15ms
15ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400|Exo+2:500,400,300,100,700|Fira+Mono

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://blog.talosintelligence.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 01:43:32 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
age: 457232
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
expires: Fri, 13 May 2022 01:43:32 GMT

GET
H2 200 image17.png
1.bp.blogspot.com/-a73MLoAZdfw/YJwYbCreVUI/AAAAAAAAAQ4/3vTvWfSuUuUyvf0U3Khry-gtVoKCv28aACLcBGAsYHQ/s16000/ 370 KB
370 KB 42ms
18ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-a73MLoAZdfw/YJwYbCreVUI/AAAAAAAAAQ4/3vTvWfSuUuUyvf0U3Khry-gtVoKCv28aACLcBGAsYHQ/s16000/image17.png

Requested by

Host: blog.talosintelligence.com
URL: https://blog.talosintelligence.com/2021/05/transparent-tribe-infra-and-targeting.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0500c837038a0e76f3cebee1377a80df53a86546add3a4e508a7f11d8afb7e45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.talosintelligence.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 05:34:05 GMT
x-content-type-options: nosniff
age: 11400
content-disposition: inline;filename="image17.png"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 378498
x-xss-protection: 0
server: fife
etag: "v10f"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 14 May 2021 12:19:04 GMT

GET
H2 200 image12.png
1.bp.blogspot.com/-AqXBjDWCpPg/YJwZEUxqcdI/AAAAAAAAARA/p5t4S7eCuuwtS-Jp19vBtC5eHmeqfJlpQCLcBGAsYHQ/s16000/ 87 KB
87 KB 39ms
14ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-AqXBjDWCpPg/YJwZEUxqcdI/AAAAAAAAARA/p5t4S7eCuuwtS-Jp19vBtC5eHmeqfJlpQCLcBGAsYHQ/s16000/image12.png

Requested by

Host: blog.talosintelligence.com
URL: https://blog.talosintelligence.com/2021/05/transparent-tribe-infra-and-targeting.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4db7e66a4c99c6455baf6b60033a91c65b32c636b2d94655d7882680598202d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.talosintelligence.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 06:35:40 GMT
x-content-type-options: nosniff
age: 7705
content-disposition: inline;filename="image12.png"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89335
x-xss-protection: 0
server: fife
etag: "v111"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 14 May 2021 12:19:04 GMT

GET
H2 200 image15.png
1.bp.blogspot.com/-f3W8XekC6TA/YJwZe7-jmpI/AAAAAAAAARI/iOL2tpsV75Y6NbM7u0r31e-kFQ3b4vsJACLcBGAsYHQ/s16000/ 56 KB
56 KB 32ms
8ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-f3W8XekC6TA/YJwZe7-jmpI/AAAAAAAAARI/iOL2tpsV75Y6NbM7u0r31e-kFQ3b4vsJACLcBGAsYHQ/s16000/image15.png

Requested by

Host: blog.talosintelligence.com
URL: https://blog.talosintelligence.com/2021/05/transparent-tribe-infra-and-targeting.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

75e191bc50cee0e969ccb8dc501916695c4fb16919f5cdb4da6d4b7e0aac4d58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.talosintelligence.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 06:35:40 GMT
x-content-type-options: nosniff
age: 7705
content-disposition: inline;filename="image15.png"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57067
x-xss-protection: 0
server: fife
etag: "v113"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 14 May 2021 12:19:04 GMT

GET
H2 200 image9.png
1.bp.blogspot.com/-gSQjDvjSAmE/YJwafkAPuBI/AAAAAAAAARQ/uKPxmYsp3qofIBf19_H_dmST6qcCT0-fwCLcBGAsYHQ/s16000/ 357 KB
358 KB 53ms
29ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-gSQjDvjSAmE/YJwafkAPuBI/AAAAAAAAARQ/uKPxmYsp3qofIBf19_H_dmST6qcCT0-fwCLcBGAsYHQ/s16000/image9.png

Requested by

Host: blog.talosintelligence.com
URL: https://blog.talosintelligence.com/2021/05/transparent-tribe-infra-and-targeting.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9192b16e06a3cd217ee3849187406406ffa7d21aa321ef2e992ad466bc5de869

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.talosintelligence.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 06:35:40 GMT
x-content-type-options: nosniff
age: 7705
content-disposition: inline;filename="image9.png"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 365792
x-xss-protection: 0
server: fife
etag: "v115"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 14 May 2021 12:19:04 GMT

GET
H2 200 image3.png
1.bp.blogspot.com/-H8Fh8N9XUiQ/YJwa2e8PJvI/AAAAAAAAARY/vQz9a5cEDcAzeNx0dx-xinxmRYsVPBoLwCLcBGAsYHQ/s16000/ 655 KB
656 KB 50ms
26ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-H8Fh8N9XUiQ/YJwa2e8PJvI/AAAAAAAAARY/vQz9a5cEDcAzeNx0dx-xinxmRYsVPBoLwCLcBGAsYHQ/s16000/image3.png

Requested by

Host: blog.talosintelligence.com
URL: https://blog.talosintelligence.com/2021/05/transparent-tribe-infra-and-targeting.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ea760d3d76b2a6da25e31dc630fcd0e2fe7be91e1a1938308410dfad0a5bbd16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.talosintelligence.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 06:35:40 GMT
x-content-type-options: nosniff
age: 7705
content-disposition: inline;filename="image3.png"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 671224
x-xss-protection: 0
server: fife
etag: "v117"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 14 May 2021 12:19:04 GMT

GET
H2 200 image4.png
1.bp.blogspot.com/-EN36MOjGO4Q/YJwbiXRikbI/AAAAAAAAARg/sG3I_Eaezf4wlaztJ0kdAKt54vYahdWvACLcBGAsYHQ/s16000/ 144 KB
144 KB 51ms
28ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-EN36MOjGO4Q/YJwbiXRikbI/AAAAAAAAARg/sG3I_Eaezf4wlaztJ0kdAKt54vYahdWvACLcBGAsYHQ/s16000/image4.png

Requested by

Host: blog.talosintelligence.com
URL: https://blog.talosintelligence.com/2021/05/transparent-tribe-infra-and-targeting.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

385207f20b5339c8de012b93c6a79e86a72ddbb98aa55390b3ab773aa6b76010

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.talosintelligence.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 06:35:40 GMT
x-content-type-options: nosniff
age: 7705
content-disposition: inline;filename="image4.png"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 147195
x-xss-protection: 0
server: fife
etag: "v119"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 14 May 2021 12:19:05 GMT

GET
H2 200 image2.png
1.bp.blogspot.com/-Ga6ioiS2cZ4/YJwb5YuMEEI/AAAAAAAAARo/UMSff1gkuiM3TkmWJegfrWOaQGFty7t7wCLcBGAsYHQ/s16000/ 69 KB
69 KB 31ms
29ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-Ga6ioiS2cZ4/YJwb5YuMEEI/AAAAAAAAARo/UMSff1gkuiM3TkmWJegfrWOaQGFty7t7wCLcBGAsYHQ/s16000/image2.png

Requested by

Host: blog.talosintelligence.com
URL: https://blog.talosintelligence.com/2021/05/transparent-tribe-infra-and-targeting.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

70283e21b9766b5bdebdc08a89760b935fb99d8bf25695b9dbf8f74553783b0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.talosintelligence.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 06:35:40 GMT
x-content-type-options: nosniff
age: 7705
content-disposition: inline;filename="image2.png"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70159
x-xss-protection: 0
server: fife
etag: "v11d"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 14 May 2021 12:19:05 GMT

GET
H2 200 image16.png
1.bp.blogspot.com/-dlfVi7r-Ddg/YJwcEUEfBBI/AAAAAAAAARs/dmQnNgNd8XkONjteZsnO3P-Gd7tVaw2wgCLcBGAsYHQ/s16000/ 167 KB
167 KB 25ms
23ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-dlfVi7r-Ddg/YJwcEUEfBBI/AAAAAAAAARs/dmQnNgNd8XkONjteZsnO3P-Gd7tVaw2wgCLcBGAsYHQ/s16000/image16.png

Requested by

Host: blog.talosintelligence.com
URL: https://blog.talosintelligence.com/2021/05/transparent-tribe-infra-and-targeting.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

784c7a163770aa20e46cb984eeffbded5e6d9d913d36c96da061fa8041749050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.talosintelligence.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 06:35:40 GMT
x-content-type-options: nosniff
age: 7705
content-disposition: inline;filename="image16.png"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 171005
x-xss-protection: 0
server: fife
etag: "v11d"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 14 May 2021 12:19:05 GMT

GET
H2 200 image14.png
1.bp.blogspot.com/-ndCWxslxXos/YJwcQje9QkI/AAAAAAAAARw/PaV0w0948xMXbjdrghNWLhdCHA2BFmC9wCLcBGAsYHQ/s16000/ 122 KB
122 KB 25ms
24ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-ndCWxslxXos/YJwcQje9QkI/AAAAAAAAARw/PaV0w0948xMXbjdrghNWLhdCHA2BFmC9wCLcBGAsYHQ/s16000/image14.png

Requested by

Host: blog.talosintelligence.com
URL: https://blog.talosintelligence.com/2021/05/transparent-tribe-infra-and-targeting.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8596fa31e572f4f319150599761f0261bed3edf14a31bfe525395a507d6ac9d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.talosintelligence.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 06:35:40 GMT
x-content-type-options: nosniff
age: 7705
content-disposition: inline;filename="image14.png"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124883
x-xss-protection: 0
server: fife
etag: "v11d"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 14 May 2021 12:19:05 GMT

GET
H2 200 image1.png
1.bp.blogspot.com/-EEvBUzG-lXA/YJwcxG7QNlI/AAAAAAAAAR4/VqSCm0hqhdIXBPJsLJAKL4MorypBgGgkwCLcBGAsYHQ/s16000/ 204 KB
204 KB 31ms
30ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-EEvBUzG-lXA/YJwcxG7QNlI/AAAAAAAAAR4/VqSCm0hqhdIXBPJsLJAKL4MorypBgGgkwCLcBGAsYHQ/s16000/image1.png

Requested by

Host: blog.talosintelligence.com
URL: https://blog.talosintelligence.com/2021/05/transparent-tribe-infra-and-targeting.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

768b1698c212fb73544aef1db15025c5c9fa6d2d409870936edf02a87e39530a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.talosintelligence.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 06:35:40 GMT
x-content-type-options: nosniff
age: 7705
content-disposition: inline;filename="image1.png"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 209191
x-xss-protection: 0
server: fife
etag: "v120"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 14 May 2021 12:19:05 GMT

GET
H2 200 image5.png
1.bp.blogspot.com/-8SZNMYkZZ84/YJwc-Mg_1FI/AAAAAAAAAR8/tIyZXEML4i8putLEOqVCvAcrNBvjsHDSgCLcBGAsYHQ/s16000/ 380 KB
380 KB 32ms
30ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-8SZNMYkZZ84/YJwc-Mg_1FI/AAAAAAAAAR8/tIyZXEML4i8putLEOqVCvAcrNBvjsHDSgCLcBGAsYHQ/s16000/image5.png

Requested by

Host: blog.talosintelligence.com
URL: https://blog.talosintelligence.com/2021/05/transparent-tribe-infra-and-targeting.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8eb91515b33b4c717020c8f5c6ba4927b4b8dd018e697c2681f3dcda85d7591a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.talosintelligence.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 06:35:40 GMT
x-content-type-options: nosniff
age: 7705
content-disposition: inline;filename="image5.png"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 388811
x-xss-protection: 0
server: fife
etag: "v122"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 14 May 2021 12:19:05 GMT

GET
H2 200 image8.png
1.bp.blogspot.com/-tjpClvrVdHk/YJwdNEYmnJI/AAAAAAAAASE/UUOPdIdDNvwctTjl9FqbHGCHAl4-XTl3wCLcBGAsYHQ/s16000/ 145 KB
145 KB 34ms
32ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-tjpClvrVdHk/YJwdNEYmnJI/AAAAAAAAASE/UUOPdIdDNvwctTjl9FqbHGCHAl4-XTl3wCLcBGAsYHQ/s16000/image8.png

Requested by

Host: blog.talosintelligence.com
URL: https://blog.talosintelligence.com/2021/05/transparent-tribe-infra-and-targeting.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

30d97518efc27c375b5925ba5f87035273c38ea251424c7a10bec927995937cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.talosintelligence.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 06:35:40 GMT
x-content-type-options: nosniff
age: 7705
content-disposition: inline;filename="image8.png"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 148280
x-xss-protection: 0
server: fife
etag: "v124"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 14 May 2021 12:19:06 GMT

GET
H2 200 image10.png
1.bp.blogspot.com/-W7qjP2lXtDE/YJwdYk11MAI/AAAAAAAAASM/w-kRAig_7l0ISx7h-KgcKrfRN0w4wJq1QCLcBGAsYHQ/s16000/ 21 KB
21 KB 38ms
36ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-W7qjP2lXtDE/YJwdYk11MAI/AAAAAAAAASM/w-kRAig_7l0ISx7h-KgcKrfRN0w4wJq1QCLcBGAsYHQ/s16000/image10.png

Requested by

Host: blog.talosintelligence.com
URL: https://blog.talosintelligence.com/2021/05/transparent-tribe-infra-and-targeting.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c95c4d412dcab57d6c1788e3133cff83a2eb459c94bde0131e9ed0871039277c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.talosintelligence.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 06:35:40 GMT
x-content-type-options: nosniff
age: 7705
content-disposition: inline;filename="image10.png"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21569
x-xss-protection: 0
server: fife
etag: "v126"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 14 May 2021 12:19:06 GMT

GET
H2 200 image13.png
1.bp.blogspot.com/-FXfxomwHEg0/YJwdlG8WTjI/AAAAAAAAASU/gJpX7ilR3VgR1iAiTQKAllc6gA5ubKcXQCLcBGAsYHQ/s16000/ 120 KB
120 KB 40ms
38ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-FXfxomwHEg0/YJwdlG8WTjI/AAAAAAAAASU/gJpX7ilR3VgR1iAiTQKAllc6gA5ubKcXQCLcBGAsYHQ/s16000/image13.png

Requested by

Host: blog.talosintelligence.com
URL: https://blog.talosintelligence.com/2021/05/transparent-tribe-infra-and-targeting.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c768d5a9bdb6c5ce9b4369da088ab5d26c1dffaad1abe212bf99868b6cfde668

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.talosintelligence.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 06:35:40 GMT
x-content-type-options: nosniff
age: 7705
content-disposition: inline;filename="image13.png"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123191
x-xss-protection: 0
server: fife
etag: "v128"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 14 May 2021 12:19:06 GMT

GET
H2 200 image6.png
1.bp.blogspot.com/-oBzmpWi1X-o/YJwdwoGJQpI/AAAAAAAAASc/BtLSmYMkf_gtPqnVdyZNPc_1QFpqL255QCLcBGAsYHQ/s0/ 10 KB
10 KB 21ms
19ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-oBzmpWi1X-o/YJwdwoGJQpI/AAAAAAAAASc/BtLSmYMkf_gtPqnVdyZNPc_1QFpqL255QCLcBGAsYHQ/s0/image6.png

Requested by

Host: blog.talosintelligence.com
URL: https://blog.talosintelligence.com/2021/05/transparent-tribe-infra-and-targeting.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d7992466071814c0f05beaa30522153589bb1c55d198944d3ad7f96763961f57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.talosintelligence.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 06:35:40 GMT
x-content-type-options: nosniff
age: 7705
content-disposition: inline;filename="image6.png"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10375
x-xss-protection: 0
server: fife
etag: "v12a"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 14 May 2021 12:19:06 GMT

GET
H2 200 image7.png
1.bp.blogspot.com/-UzmQJqsTdB8/YJwd6gtL0NI/AAAAAAAAASk/ypI0W0jQT34F2iljdz1ZVO2lNnhMWVXkACLcBGAsYHQ/s0/ 3 KB
3 KB 37ms
35ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-UzmQJqsTdB8/YJwd6gtL0NI/AAAAAAAAASk/ypI0W0jQT34F2iljdz1ZVO2lNnhMWVXkACLcBGAsYHQ/s0/image7.png

Requested by

Host: blog.talosintelligence.com
URL: https://blog.talosintelligence.com/2021/05/transparent-tribe-infra-and-targeting.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2f90eee6bf178d6c4d800444f2ece7695b3c0d5a15e1eaa6c00ea229c1f91e5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.talosintelligence.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 06:35:40 GMT
x-content-type-options: nosniff
age: 7705
content-disposition: inline;filename="image7.png"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3455
x-xss-protection: 0
server: fife
etag: "v12c"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 14 May 2021 12:19:06 GMT

GET
H2 200 image11.png
1.bp.blogspot.com/-q6cgZnleS8k/YJwjPgTphYI/AAAAAAAAAS4/B82hCpLQMOk6UtsFfTKeH64kfVEU4qOjwCLcBGAsYHQ/w308-h400/ 58 KB
58 KB 42ms
41ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-q6cgZnleS8k/YJwjPgTphYI/AAAAAAAAAS4/B82hCpLQMOk6UtsFfTKeH64kfVEU4qOjwCLcBGAsYHQ/w308-h400/image11.png

Requested by

Host: blog.talosintelligence.com
URL: https://blog.talosintelligence.com/2021/05/transparent-tribe-infra-and-targeting.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7207c40e773c4db6443285e83073752a89d6b0b138d6365e0552dea3cc4f8386

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.talosintelligence.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 06:35:40 GMT
x-content-type-options: nosniff
age: 7705
content-disposition: inline;filename="image11.png"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58936
x-xss-protection: 0
server: fife
etag: "v12f"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 14 May 2021 12:19:06 GMT

GET
H2 200 icon18_edit_allbkg.gif
img2.blogblog.com/img/ 162 B
519 B 28ms
6ms Image
image/gif 2a00:1450:4001:813::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img2.blogblog.com/img/icon18_edit_allbkg.gif

Requested by

Host: blog.talosintelligence.com
URL: https://blog.talosintelligence.com/2021/05/transparent-tribe-infra-and-targeting.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.talosintelligence.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 19:40:14 GMT
x-content-type-options: nosniff
last-modified: Tue, 11 May 2021 23:11:18 GMT
server: sffe
age: 479031
content-type: image/gif
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 162
x-xss-protection: 0
expires: Wed, 19 May 2021 19:40:14 GMT

GET
H3-29 200 icon_fb-share_grey.svg
www.talosintelligence.com/assets/ 851 B
967 B 49ms
38ms Image
image/svg+xml 2606:4700::6812:c73a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.talosintelligence.com/assets/icon_fb-share_grey.svg

Requested by

Host: blog.talosintelligence.com
URL: https://blog.talosintelligence.com/2021/05/transparent-tribe-infra-and-targeting.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:c73a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba5753dfae9cdac414e27b1b74973e9041d76173a44fe2151bdecc03e13599da

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.talosintelligence.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 08:44:05 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
age: 81716
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a203e9407000005b788ac8000000001
x-request-id: f5668c6e-74da-4651-90d0-5ca943beb5da
x-runtime: 0.002391
server: cloudflare
etag: W/"ba5753dfae9cdac414e27b1b74973e9041d76173a44fe2151bdecc03e13599da"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=86400
cf-ray: 6513cd333bc705b7-FRA
expires: Wed, 19 May 2021 08:44:05 GMT

GET
H3-29 200 icon_tw-share_grey.svg
www.talosintelligence.com/assets/ 1 KB
1 KB 53ms
42ms Image
image/svg+xml 2606:4700::6812:c73a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.talosintelligence.com/assets/icon_tw-share_grey.svg

Requested by

Host: blog.talosintelligence.com
URL: https://blog.talosintelligence.com/2021/05/transparent-tribe-infra-and-targeting.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:c73a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f23e9081ad69daedd9c1e7c4cd22513ba3ac3160b3a032d55a307c91be730920

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.talosintelligence.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 08:44:05 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
age: 81716
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a203e9407000005b7a1a26000000001
x-request-id: a96255d1-4234-4475-aa62-d429223b3e25
x-runtime: 0.003282
server: cloudflare
etag: W/"f23e9081ad69daedd9c1e7c4cd22513ba3ac3160b3a032d55a307c91be730920"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=86400
cf-ray: 6513cd333bc905b7-FRA
expires: Wed, 19 May 2021 08:44:05 GMT

GET
H3-29 200 icon_li-share_grey.svg
www.talosintelligence.com/assets/ 808 B
943 B 44ms
33ms Image
image/svg+xml 2606:4700::6812:c73a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.talosintelligence.com/assets/icon_li-share_grey.svg

Requested by

Host: blog.talosintelligence.com
URL: https://blog.talosintelligence.com/2021/05/transparent-tribe-infra-and-targeting.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:c73a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf55ba3b96089db93b4bd39967be8f2c908b00382937f8becb560f70bffa0ced

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.talosintelligence.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 08:44:05 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
age: 81716
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a203e9407000005b77e353000000001
x-request-id: 827f6669-8d23-447c-a633-cb2ebdd13bbb
x-runtime: 0.003126
server: cloudflare
etag: W/"cf55ba3b96089db93b4bd39967be8f2c908b00382937f8becb560f70bffa0ced"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=86400
cf-ray: 6513cd333bcd05b7-FRA
expires: Wed, 19 May 2021 08:44:05 GMT

GET
H3-29 200 icon_re-share_grey.svg
www.talosintelligence.com/assets/ 3 KB
2 KB 52ms
41ms Image
image/svg+xml 2606:4700::6812:c73a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.talosintelligence.com/assets/icon_re-share_grey.svg

Requested by

Host: blog.talosintelligence.com
URL: https://blog.talosintelligence.com/2021/05/transparent-tribe-infra-and-targeting.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:c73a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0fb32319c8ca714cbddda23041581d8ebae13d6ad925913f5b26e1664d680d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.talosintelligence.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 08:44:05 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
age: 81716
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a203e9409000005b7ac9e1000000001
x-request-id: 060cc3cc-f27b-43c2-be08-996aa184dc67
x-runtime: 0.002877
server: cloudflare
etag: W/"b0fb32319c8ca714cbddda23041581d8ebae13d6ad925913f5b26e1664d680d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=86400
cf-ray: 6513cd333bce05b7-FRA
expires: Wed, 19 May 2021 08:44:05 GMT

GET
H3-29 200 icon_em-share_grey.svg
www.talosintelligence.com/assets/ 835 B
952 B 52ms
41ms Image
image/svg+xml 2606:4700::6812:c73a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.talosintelligence.com/assets/icon_em-share_grey.svg

Requested by

Host: blog.talosintelligence.com
URL: https://blog.talosintelligence.com/2021/05/transparent-tribe-infra-and-targeting.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:c73a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1179f7c2d10f3ea42022f84cca8cadf9cc17acb9d2e928c79961d753b5d89275

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.talosintelligence.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 08:44:05 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
age: 81716
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a203e9407000005b7e50ad000000001
x-request-id: ea562760-4b3c-4546-848c-c93cf9f52a55
x-runtime: 0.024723
server: cloudflare
etag: W/"1179f7c2d10f3ea42022f84cca8cadf9cc17acb9d2e928c79961d753b5d89275"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=86400
cf-ray: 6513cd333bc305b7-FRA
expires: Wed, 19 May 2021 08:44:05 GMT

GET
H3-29 200 1706263374-comment_from_post_iframe.js Show response
www.blogger.com/static/v1/jsbin/ 13 KB
13 KB 22ms
6ms Script
text/javascript 2a00:1450:4001:831::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/jsbin/1706263374-comment_from_post_iframe.js

Requested by

Host: blog.talosintelligence.com
URL: https://blog.talosintelligence.com/2021/05/transparent-tribe-infra-and-targeting.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f357179b3067abfb538e82da01bd7e49c093ff7f0ffe266dd567b30e600fd6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.talosintelligence.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 01:59:48 GMT
x-content-type-options: nosniff
last-modified: Mon, 17 May 2021 01:09:13 GMT
server: sffe
age: 24257
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13390
x-xss-protection: 0
expires: Wed, 18 May 2022 01:59:48 GMT

GET
H2 200 7DqBSPHYlnhsNb2Kr1WXI5 Show response
open.spotify.com/embed-podcast/episode/ Frame F973 40 KB
10 KB 188ms
170ms Document
text/html 2600:1901:1:c36::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://open.spotify.com/embed-podcast/episode/7DqBSPHYlnhsNb2Kr1WXI5

Requested by

Host: blog.talosintelligence.com
URL: https://blog.talosintelligence.com/2021/05/transparent-tribe-infra-and-targeting.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:1:c36:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

20f0d21703a645a80b7eaf2db1fd6f67d6ffc3b2cc7655e4ee1a4947d4123773

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: open.spotify.com
:scheme: https
:path: /embed-podcast/episode/7DqBSPHYlnhsNb2Kr1WXI5
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://blog.talosintelligence.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://blog.talosintelligence.com/

Response headers

server: envoy
date: Tue, 18 May 2021 08:44:05 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
spotify-request-id: e4645f92-36f5-4a96-81cd-ce8de00772a4
set-cookie: sp_t=b9fa43c66a7860a53f09a9cd2bb94d8f; path=/; expires=Wed, 18 May 2022 08:44:05 GMT; domain=.spotify.com; samesite=none; secure sp_landing=https%3A%2F%2Fopen.spotify.com%2Fembed-podcast%2Fepisode%2F7DqBSPHYlnhsNb2Kr1WXI5; path=/; expires=Wed, 19 May 2021 08:44:05 GMT; domain=.spotify.com; samesite=none; secure; httponly
content-encoding: br
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: clear

GET
H3-29 200 7cHmv4okm5zmbtYoK-4.woff2
fonts.gstatic.com/s/exo2/v10/ 39 KB
39 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/exo2/v10/7cHmv4okm5zmbtYoK-4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400|Exo+2:500,400,300,100,700|Fira+Mono

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b0c93ac0aae114510c15f0e7b1e4973ec408a5b480d3f39f43cd336bc640829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://blog.talosintelligence.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 00:55:49 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 23:03:01 GMT
server: sffe
age: 28095
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39496
x-xss-protection: 0
expires: Wed, 18 May 2022 00:55:49 GMT

GET
H2 200 icon18_wrench_allbkg.png
resources.blogblog.com/img/ 475 B
612 B 17ms
6ms Image
image/png 2a00:1450:4001:831::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/icon18_wrench_allbkg.png

Requested by

Host: blog.talosintelligence.com
URL: https://blog.talosintelligence.com/2021/05/transparent-tribe-infra-and-targeting.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.talosintelligence.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 11:52:27 GMT
x-content-type-options: nosniff
last-modified: Fri, 14 May 2021 12:12:59 GMT
server: sffe
age: 247898
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 475
x-xss-protection: 0
expires: Sat, 22 May 2021 11:52:27 GMT

GET
H3-29 200 icon_rss_orange.svg
www.talosintelligence.com/assets/ 1 KB
1 KB 39ms
34ms Image
image/svg+xml 2606:4700::6812:c73a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.talosintelligence.com/assets/icon_rss_orange.svg

Requested by

Host: blog.talosintelligence.com
URL: https://blog.talosintelligence.com/2021/05/transparent-tribe-infra-and-targeting.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:c73a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29ec20506c9a93aaf3444bd98e2ecd22fe41b085002c9cdf1b1e1f8c2dc931f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.talosintelligence.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 08:44:05 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
age: 76691
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a203e943c000005b7982c1000000001
x-request-id: 5b24af86-cc5c-43a3-b41a-95004668e361
x-runtime: 0.003056
server: cloudflare
etag: W/"29ec20506c9a93aaf3444bd98e2ecd22fe41b085002c9cdf1b1e1f8c2dc931f8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=86400
cf-ray: 6513cd339cc105b7-FRA
expires: Wed, 19 May 2021 08:44:05 GMT

GET
H3-29 200 icon_email_orange.svg
www.talosintelligence.com/assets/ 839 B
902 B 31ms
25ms Image
image/svg+xml 2606:4700::6812:c73a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.talosintelligence.com/assets/icon_email_orange.svg

Requested by

Host: blog.talosintelligence.com
URL: https://blog.talosintelligence.com/2021/05/transparent-tribe-infra-and-targeting.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:c73a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f352db86262c5cbe0af82f15f00b097c7bb8fae116d50cd615540970f03b3da

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.talosintelligence.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 08:44:05 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
age: 81716
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a203e943c000005b78e88a000000001
x-request-id: d3dfd493-8bd7-47af-b953-63f08a6e6220
x-runtime: 0.003025
server: cloudflare
etag: W/"3f352db86262c5cbe0af82f15f00b097c7bb8fae116d50cd615540970f03b3da"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=86400
cf-ray: 6513cd339cc405b7-FRA
expires: Wed, 19 May 2021 08:44:05 GMT

GET
H3-29

200

comment-iframe.g Show response
www.blogger.com/ Frame 6BA6
Redirect Chain

https://www.blogger.com/comment-iframe.g?blogID=1029833275466591797&postID=7666782930518017442&blogspotRpcToken=748363
https://accounts.google.com/ServiceLogin?continue=https://www.blogger.com/comment-iframe.g?blogID%3D1029833275466591797%26postID%3D7666782930518017442%26blogspotRpcToken%3D748363%26bpli%3D1&followu...
https://www.blogger.com/comment-iframe.g?blogID=1029833275466591797&postID=7666782930518017442&blogspotRpcToken=748363&bpli=1

5 KB
2 KB

169ms
168ms

Document
text/html

2a00:1450:4001:831::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/comment-iframe.g?blogID=1029833275466591797&postID=7666782930518017442&blogspotRpcToken=748363&bpli=1

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/jsbin/1706263374-comment_from_post_iframe.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e66d6d2d9a266366bce410f850d3c135adb4ff00cc684e3b11e0cc5936789373

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.blogger.com
:scheme: https
:path: /comment-iframe.g?blogID=1029833275466591797&postID=7666782930518017442&blogspotRpcToken=748363&bpli=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://blog.talosintelligence.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: about:blank

Response headers

p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 18 May 2021 08:44:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1748
server: GSE
set-cookie: S=blogger=bZw8FBgUFXwMNM5TcIsubFEpPI_3AM2eJ6vNuPeDmJ8; Domain=.blogger.com; Path=/; Secure; HttpOnly; Priority=LOW; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 18 May 2021 08:44:05 GMT
location: https://www.blogger.com/comment-iframe.g?blogID=1029833275466591797&postID=7666782930518017442&blogspotRpcToken=748363&bpli=1
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'report-sample' 'nonce-Cky6NOifEppq/yebC7bxmA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 258
server: GSE
set-cookie: __Host-GAPS=1:vbKvxDSm-S8D_1M6KjQuNRluEpHszg:ETqfhh4ErAAX6_IA;Path=/;Expires=Thu, 18-May-2023 08:44:05 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 authorization.css
www.blogger.com/dyn-css/ 1 B
43 B 112ms
110ms Stylesheet
text/css 2a00:1450:4001:831::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=1029833275466591797&zx=4e7cabbe-5909-4cb9-8ad3-d179fcac907f

Requested by

Host: blog.talosintelligence.com
URL: https://blog.talosintelligence.com/2021/05/transparent-tribe-infra-and-targeting.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blog.talosintelligence.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 18 May 2021 08:44:05 GMT
server: GSE
date: Tue, 18 May 2021 08:44:05 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 icon_search.svg
www.talosintelligence.com/assets/ 1 KB
1 KB 34ms
32ms Image
image/svg+xml 2606:4700::6812:c73a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.talosintelligence.com/assets/icon_search.svg

Requested by

Host: blog.talosintelligence.com
URL: https://blog.talosintelligence.com/2021/05/transparent-tribe-infra-and-targeting.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:c73a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ec2e33c88eec72d7050b474be41d3e79282421602d9120efc96d620b911c60e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.talosintelligence.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 08:44:05 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
age: 81716
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a203e943d000005b7d417f000000001
x-request-id: 064d0613-272f-4a8a-ae4b-7c0a47be17fe
x-runtime: 0.002766
server: cloudflare
etag: W/"1ec2e33c88eec72d7050b474be41d3e79282421602d9120efc96d620b911c60e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=86400
cf-ray: 6513cd339cc705b7-FRA
expires: Wed, 19 May 2021 08:44:05 GMT

GET
H3-29 200 footer_icon_tw.svg
www.talosintelligence.com/assets/ 1 KB
1 KB 32ms
31ms Image
image/svg+xml 2606:4700::6812:c73a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.talosintelligence.com/assets/footer_icon_tw.svg

Requested by

Host: blog.talosintelligence.com
URL: https://blog.talosintelligence.com/2021/05/transparent-tribe-infra-and-targeting.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:c73a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc0e96790d3264696a88a27c94294f32187c98547bcc5f0aaa422f8ddfb69dd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.talosintelligence.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 08:44:05 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
age: 76690
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a203e9455000005b7ef302000000001
x-request-id: df77a6d6-4506-420b-a38e-4aebc36b7e61
x-runtime: 0.003501
server: cloudflare
etag: W/"bc0e96790d3264696a88a27c94294f32187c98547bcc5f0aaa422f8ddfb69dd1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=86400
cf-ray: 6513cd33bd3e05b7-FRA
expires: Wed, 19 May 2021 08:44:05 GMT

GET
H3-29 200 footer_icon_yt.svg
www.talosintelligence.com/assets/ 1 KB
1 KB 32ms
31ms Image
image/svg+xml 2606:4700::6812:c73a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.talosintelligence.com/assets/footer_icon_yt.svg

Requested by

Host: blog.talosintelligence.com
URL: https://blog.talosintelligence.com/2021/05/transparent-tribe-infra-and-targeting.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:c73a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b812952e2ecbdd529f7423a246bca7bdba383e2bb484730a7895dc884e87446c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.talosintelligence.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 08:44:05 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
age: 76690
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a203e9458000005b7a1a2f000000001
x-request-id: f1d26896-0d04-48ad-a057-a4d42cf950fe
x-runtime: 0.003130
server: cloudflare
etag: W/"b812952e2ecbdd529f7423a246bca7bdba383e2bb484730a7895dc884e87446c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=86400
cf-ray: 6513cd33bd4305b7-FRA
expires: Wed, 19 May 2021 08:44:05 GMT

GET
H3-29 200 footer_icon_li.svg
www.talosintelligence.com/assets/ 1013 B
1 KB 33ms
32ms Image
image/svg+xml 2606:4700::6812:c73a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.talosintelligence.com/assets/footer_icon_li.svg

Requested by

Host: blog.talosintelligence.com
URL: https://blog.talosintelligence.com/2021/05/transparent-tribe-infra-and-targeting.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:c73a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd0ddcd91a27b1c50c11176142adcf7f1f7bd4ab581b1f04518f681674889461

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.talosintelligence.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 08:44:05 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
age: 81716
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a203e9455000005b7eb92c000000001
x-request-id: 842f50b9-535f-4dfe-9f73-bdfece9baacd
x-runtime: 0.002598
server: cloudflare
etag: W/"bd0ddcd91a27b1c50c11176142adcf7f1f7bd4ab581b1f04518f681674889461"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=86400
cf-ray: 6513cd33bd4405b7-FRA
expires: Wed, 19 May 2021 08:44:05 GMT

GET
H3-29 200 logo_cisco_grey.svg
www.talosintelligence.com/assets/ 7 KB
3 KB 33ms
32ms Image
image/svg+xml 2606:4700::6812:c73a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.talosintelligence.com/assets/logo_cisco_grey.svg

Requested by

Host: blog.talosintelligence.com
URL: https://blog.talosintelligence.com/2021/05/transparent-tribe-infra-and-targeting.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:c73a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26f5ea290915effad3bcafe2acabaad611aefc3a6ecee6fa50322de01686545c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.talosintelligence.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 08:44:05 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
age: 81716
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a203e9456000005b7c03c0000000001
x-request-id: 6d6a632e-ba2c-411e-9205-855a89c52a66
x-runtime: 0.002912
server: cloudflare
etag: W/"26f5ea290915effad3bcafe2acabaad611aefc3a6ecee6fa50322de01686545c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=86400
cf-ray: 6513cd33bd4505b7-FRA
expires: Wed, 19 May 2021 08:44:05 GMT

GET
H3-29 200 cookienotice.js Show response
blog.talosintelligence.com/js/ 6 KB
2 KB 35ms
33ms Script
text/javascript 2606:4700::6812:c73a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.talosintelligence.com/js/cookienotice.js

Requested by

Host: blog.talosintelligence.com
URL: https://blog.talosintelligence.com/2021/05/transparent-tribe-infra-and-targeting.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:c73a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:path: /js/cookienotice.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: blog.talosintelligence.com
referer: https://blog.talosintelligence.com/2021/05/transparent-tribe-infra-and-targeting.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://blog.talosintelligence.com/2021/05/transparent-tribe-infra-and-targeting.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 08:44:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 356152
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a203e9456000005b7a69f2000000001
last-modified: Thu, 13 May 2021 21:16:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
x-xss-protection: 0
cache-control: public, max-age=604800
cf-ray: 6513cd33bd4905b7-FRA
expires: Tue, 25 May 2021 08:44:05 GMT

GET
H3-29 200 75914390-widgets.js Show response
www.blogger.com/static/v1/widgets/ 145 KB
145 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/75914390-widgets.js

Requested by

Host: blog.talosintelligence.com
URL: https://blog.talosintelligence.com/2021/05/transparent-tribe-infra-and-targeting.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c733c892b5b0c222708477ba428d1838215af99ef8b04c5934c8a32d07fe82f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.talosintelligence.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 01:35:31 GMT
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 01:17:42 GMT
server: sffe
age: 457714
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 148194
x-xss-protection: 0
expires: Fri, 13 May 2022 01:35:31 GMT

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ 13 KB
5 KB 28ms
27ms Script
text/javascript 2606:4700::6810:5e41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: blog.talosintelligence.com
URL: https://blog.talosintelligence.com/2021/05/transparent-tribe-infra-and-targeting.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01792efdc4db0e623b6502a69343d848522937f3fd8caa95ebfa1f403fa13808

Request headers

Referer: https://blog.talosintelligence.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 08:44:05 GMT
content-encoding: gzip
last-modified: Wed, 12 May 2021 21:46:11 GMT
server: cloudflare
etag: W/"89decaaa-7498-4eb6-ad31-b36c5f88ec19"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 6513cd33bea163fb-FRA
cf-request-id: 0a203e9455000063fb2c9c3000000001

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: blog.talosintelligence.com
URL: https://blog.talosintelligence.com/2021/05/transparent-tribe-infra-and-targeting.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.talosintelligence.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 1033
date: Tue, 18 May 2021 08:26:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Tue, 18 May 2021 10:26:52 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 28ms
13ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=652178805&t=pageview&_s=1&dl=https%3A%2F%2Fblog.talosintelligence.com%2F2021%2F05%2Ftransparent-tribe-infra-and-targeting.html&ul=en-us&de=UTF-8&dt=Cisco%20Talos%20Intelligence%20Group%20-%20Comprehensive%20Threat%20Intelligence%3A%20Transparent%20Tribe%20APT%20expands%20its%20Windows%20malware%20arsenal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=185451718&gjid=274935419&cid=1597965766.1621327445&tid=UA-30016562-3&_gid=1126719495.1621327445&_r=1&_slc=1&z=1292160252

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.talosintelligence.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 18 May 2021 08:44:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.talosintelligence.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK CircularSpUIv3T-Bold.8d0a45cc.woff2
open.scdn.co/cdn/fonts/ Frame F973 71 KB
72 KB 23ms
6ms Font
application/octet-stream 2a04:4e42:62::760
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://open.scdn.co/cdn/fonts/CircularSpUIv3T-Bold.8d0a45cc.woff2
Requested by: Host: open.spotify.com
URL: https://open.spotify.com/embed-podcast/episode/7DqBSPHYlnhsNb2Kr1WXI5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:62::760 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 897cda707d438f8d6b6b92cfcb2c1fd2035ff59f5f0c5b9943d2f04d411f7fda

Request headers

Origin: https://open.spotify.com
Referer: https://open.spotify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 18 May 2021 08:44:05 GMT
Last-Modified: Mon, 15 Mar 2021 18:32:45 GMT
Age: 5490928
ETag: "c147cc237b8b07e0a8875dfbbe857b29"
X-Served-By: cache-ord1722-ORD, cache-hhn11571-HHN
X-Cache: HIT, HIT
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 72840
X-Cache-Hits: 1, 877367

GET
H/1.1 200
OK spoticon_regular_2.d319d911.woff2
open.scdn.co/cdn/fonts/ Frame F973 56 KB
56 KB 22ms
6ms Font
application/octet-stream 2a04:4e42:62::760
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://open.scdn.co/cdn/fonts/spoticon_regular_2.d319d911.woff2
Requested by: Host: open.spotify.com
URL: https://open.spotify.com/embed-podcast/episode/7DqBSPHYlnhsNb2Kr1WXI5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:62::760 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d728648c3e1d90bf50f0e988787ce26ea1111fa697b0a9daeb95d6724842a9c1

Request headers

Origin: https://open.spotify.com
Referer: https://open.spotify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 18 May 2021 08:44:05 GMT
Last-Modified: Thu, 25 Feb 2021 09:21:47 GMT
Age: 7078264
ETag: "3b7bbfac9ed3e75d426728e900579aa9"
X-Served-By: cache-ord1735-ORD, cache-hhn11555-HHN
X-Cache: HIT, HIT
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 56996
X-Cache-Hits: 1, 364795

GET
H/1.1 200
OK vendor~embed-podcast.42279b3b.js Show response
open.scdn.co/cdn/build/embed-podcast/ Frame F973 2 MB
477 KB 21ms
6ms Script
application/javascript 2a04:4e42:62::760
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://open.scdn.co/cdn/build/embed-podcast/vendor~embed-podcast.42279b3b.js
Requested by: Host: open.spotify.com
URL: https://open.spotify.com/embed-podcast/episode/7DqBSPHYlnhsNb2Kr1WXI5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:62::760 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ced3a98cbbf1081607dfdc0f78cd696fcc3f22292fe03ad6177fa02e4e75193a

Request headers

Referer: https://open.spotify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 18 May 2021 08:44:05 GMT
Content-Encoding: gzip
Last-Modified: Mon, 17 May 2021 17:17:42 GMT
Age: 55421
ETag: "49dc09fa24d5b065b99cf026cf6480e0"
X-Served-By: cache-ord1745-ORD, cache-hhn11539-HHN
X-Cache: HIT, HIT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 487475
X-Cache-Hits: 1, 7510

GET
H/1.1 200
OK embed-podcast.b557c8b4.js Show response
open.scdn.co/cdn/build/embed-podcast/ Frame F973 221 KB
53 KB 21ms
7ms Script
application/javascript 2a04:4e42:62::760
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://open.scdn.co/cdn/build/embed-podcast/embed-podcast.b557c8b4.js
Requested by: Host: open.spotify.com
URL: https://open.spotify.com/embed-podcast/episode/7DqBSPHYlnhsNb2Kr1WXI5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:62::760 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b4b5dffaf6cd0b3c562f6515b117a5086de99beac194b2dc020dba9bba6b16ff

Request headers

Referer: https://open.spotify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 18 May 2021 08:44:05 GMT
Content-Encoding: gzip
Last-Modified: Tue, 18 May 2021 08:10:43 GMT
Age: 1891
ETag: "aad09f6aac6bb5047fc12a42766ee1a1"
X-Served-By: cache-ord1731-ORD, cache-hhn11523-HHN
X-Cache: HIT, HIT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 53606
X-Cache-Hits: 1, 576

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
92 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-30016562-3&cid=1597965766.1621327445&jid=185451718&gjid=274935419&_gid=1126719495.1621327445&_u=IEBAAEAAAAAAAC~&z=561754484

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.talosintelligence.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 18 May 2021 08:44:05 GMT
content-type: text/plain
access-control-allow-origin: https://blog.talosintelligence.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 01abd976210dac70919c813572504190990b83e3
i.scdn.co/image/ Frame F973 43 KB
44 KB 23ms
7ms Image
image/jpeg 2a04:4e42:62::760
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.scdn.co/image/01abd976210dac70919c813572504190990b83e3
Requested by: Host: open.spotify.com
URL: https://open.spotify.com/embed-podcast/episode/7DqBSPHYlnhsNb2Kr1WXI5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:62::760 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: defad1aec727564ae5a7da3ed815d0f1ad02152d3c8323ed8fee2d91d10acc4b

Request headers

Referer: https://open.spotify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 18 May 2021 08:44:05 GMT
Last-Modified: Mon, 03 Feb 2020 19:27:31 GMT
Age: 422110
ETag: "6f6a75fdc41bd564955677ccbde166bd"
X-Served-By: cache-ord1729-ORD, cache-hhn11554-HHN
X-Cache: HIT, HIT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 44427
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK CircularSpUIv3T-Book.3466e0ec.woff2
open.scdn.co/cdn/fonts/ Frame F973 67 KB
68 KB 7ms
6ms Font
application/octet-stream 2a04:4e42:62::760
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://open.scdn.co/cdn/fonts/CircularSpUIv3T-Book.3466e0ec.woff2
Requested by: Host: open.spotify.com
URL: https://open.spotify.com/embed-podcast/episode/7DqBSPHYlnhsNb2Kr1WXI5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:62::760 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1e9022d2e68559c3306657470dc8b02a28508564a67a45d70012205aca3eba47

Request headers

Origin: https://open.spotify.com
Referer: https://open.spotify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 18 May 2021 08:44:05 GMT
Last-Modified: Thu, 17 Dec 2020 03:54:22 GMT
Age: 13140292
ETag: "6ff898ba447ac00bc6e457d25bcb0be8"
X-Served-By: cache-ord1742-ORD, cache-hhn11571-HHN
X-Cache: HIT, HIT
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 68852
X-Cache-Hits: 1, 540849

POST
H/1.1 200
OK / Show response
o22381.ingest.sentry.io/api/1409086/envelope/ Frame F973 2 B
406 B 466ms
116ms Fetch
application/json 35.188.42.15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://o22381.ingest.sentry.io/api/1409086/envelope/?sentry_key=80341f4271be4aec89050e48a0e4553e&sentry_version=7

Requested by

Host: open.scdn.co
URL: https://open.scdn.co/cdn/build/embed-podcast/vendor~embed-podcast.42279b3b.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

15.42.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://open.spotify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 18 May 2021 08:44:05 GMT
vary: Origin
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/json
access-control-allow-origin: https://open.spotify.com
access-control-expose-headers: retry-after, x-sentry-error, x-sentry-rate-limits
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 2

GET
H2 200 / Show response
apresolve.spotify.com/ Frame F973 205 B
226 B 27ms
14ms Fetch
application/json 2600:1901:0:524d::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://apresolve.spotify.com/?type=dealer&type=spclient
Requested by: Host: open.scdn.co
URL: https://open.scdn.co/cdn/build/embed-podcast/vendor~embed-podcast.42279b3b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:524d:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 73a6efa78dbb65b989a88308a2138fb08422feb16e86371ab956a76b7e00edca

Request headers

Referer: https://open.spotify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 08:44:05 GMT
content-encoding: gzip
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=0
alt-svc: clear
content-length: 98
via: 1.1 google

GET
H2 200 get_access_token Show response
open.spotify.com/ Frame F973 188 B
426 B 28ms
27ms Fetch
application/json 2600:1901:1:c36::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://open.spotify.com/get_access_token?reason=transport&productType=embed_podcast

Requested by

Host: open.scdn.co
URL: https://open.scdn.co/cdn/build/embed-podcast/vendor~embed-podcast.42279b3b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:1:c36:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

a689cf498a6a7b8dc39c3dd243cb1a0037129b133aae1fa12f52c3153b9b6b14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://open.spotify.com/embed-podcast/episode/7DqBSPHYlnhsNb2Kr1WXI5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 08:44:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
spotify-request-id: 428d8009-dded-4a50-91c9-42fc244d55cb
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
via: HTTP/2 edgeproxy, 1.1 google
vary: Accept-Encoding,Accept-Encoding
alt-svc: clear
server: envoy

OPTIONS
H2 200 events
gew-spclient.spotify.com/gabo-receiver-service/v3/ Frame 0
0 32ms
17ms Preflight 2600:1901:1:64a::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gew-spclient.spotify.com/gabo-receiver-service/v3/events

Protocol

Server

2600:1901:1:64a:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://open.spotify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: *
access-control-allow-headers: Accept, Authorization, Origin, Content-Type, Spotify-App-Version, App-Platform, X-Spotify-Connection-Id, X-Client-Id, X-Spotify-Quicksilver-Uri, client-token, content-access-token, x-cloud-trace-context
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH
access-control-allow-credentials: true
access-control-max-age: 604800
content-length: 0
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Tue, 18 May 2021 08:44:05 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: clear

POST
H2 200 events Show response
gew-spclient.spotify.com/gabo-receiver-service/v3/ Frame F973 13 B
139 B 212ms
212ms Fetch
application/json 2600:1901:1:64a::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gew-spclient.spotify.com/gabo-receiver-service/v3/events

Requested by

Host: open.scdn.co
URL: https://open.scdn.co/cdn/build/embed-podcast/vendor~embed-podcast.42279b3b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:1:64a:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

debf84af8d66827e1cbc6791aa686504e3116d8cb20f4697fef23108333061f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://open.spotify.com/
authorization: Bearer BQDowTfcrWbcRT8kguJCoxNHDbT8J-goN0gqVuQ6HuxX52mcL1O2Tr3XwUQMsDnoXlRU8-W_JTV32KxwjDQ
content-type: application/json

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
server: envoy
access-control-allow-headers: Accept, Authorization, Origin, Content-Type, Spotify-App-Version, App-Platform, X-Spotify-Connection-Id, X-Client-Id, X-Spotify-Quicksilver-Uri, client-token, content-access-token, x-cloud-trace-context
date: Tue, 18 May 2021 08:44:05 GMT
access-control-max-age: 604800
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=0
access-control-allow-credentials: true
alt-svc: clear
content-length: 39
via: HTTP/2 edgeproxy, 1.1 google

GET
H3-29 200 2621646369-cmtfp.css
www.blogger.com/static/v1/v-css/ Frame 6BA6 13 KB
13 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:831::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/v-css/2621646369-cmtfp.css

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/comment-iframe.g?blogID=1029833275466591797&postID=7666782930518017442&blogspotRpcToken=748363&bpli=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2529a8451bea93302e41dc0fad03f7550094f4ef5ec4f3800f28c2639d5e2789

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/comment-iframe.g?blogID=1029833275466591797&postID=7666782930518017442&blogspotRpcToken=748363&bpli=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 10:30:04 GMT
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 21:15:39 GMT
server: sffe
age: 425641
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13476
x-xss-protection: 0
expires: Fri, 13 May 2022 10:30:04 GMT

GET
H3-29 200 2475017415-cmt.js Show response
www.blogger.com/static/v1/jsbin/ Frame 6BA6 91 KB
91 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:831::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/jsbin/2475017415-cmt.js

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/comment-iframe.g?blogID=1029833275466591797&postID=7666782930518017442&blogspotRpcToken=748363&bpli=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80dab1233ac272c17ef142797409de5ed066aec94f70706f6fa0af7315a17bbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/comment-iframe.g?blogID=1029833275466591797&postID=7666782930518017442&blogspotRpcToken=748363&bpli=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 02:18:47 GMT
x-content-type-options: nosniff
last-modified: Fri, 14 May 2021 13:14:01 GMT
server: sffe
age: 23118
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92723
x-xss-protection: 0
expires: Wed, 18 May 2022 02:18:47 GMT

GET
H3-29 200 blank.gif
resources.blogblog.com/img/ Frame 6BA6 43 B
63 B 7ms
6ms Image
image/gif 2a00:1450:4001:831::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/blank.gif

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/comment-iframe.g?blogID=1029833275466591797&postID=7666782930518017442&blogspotRpcToken=748363&bpli=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 00:23:42 GMT
x-content-type-options: nosniff
last-modified: Mon, 17 May 2021 21:40:10 GMT
server: sffe
age: 30024
content-type: image/gif
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Tue, 25 May 2021 00:23:42 GMT

GET
H2 200 XEkuV_KLMWD5Al97iCmkDgjGab_rX-gE6bZrQzRSZUo.js Show response
www.google.com/js/bg/ Frame 6BA6 14 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/XEkuV_KLMWD5Al97iCmkDgjGab_rX-gE6bZrQzRSZUo.js

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/comment-iframe.g?blogID=1029833275466591797&postID=7666782930518017442&blogspotRpcToken=748363&bpli=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c492e57f28b3160f9025f7b8829a40e08c669bfeb5fe804e9b66b433452654a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 16:57:09 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 03 May 2021 11:00:00 GMT
server: sffe
age: 56817
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5683
x-xss-protection: 0
expires: Tue, 17 May 2022 16:57:09 GMT

GET
H3-29 200 comment-iframe-bg.g Show response
www.blogger.com/ Frame 6BA6 10 KB
8 KB 114ms
113ms XHR
text/javascript 2a00:1450:4001:831::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/comment-iframe-bg.g?bgresponse=js_disabled&bgint=XEkuV_KLMWD5Al97iCmkDgjGab_rX-gE6bZrQzRSZUo

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/jsbin/2475017415-cmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5d4a9fef440aa8631741de559d53474c1c93ef64f1e1594c92b2d7fe1a15e3be

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.blogger.com/comment-iframe.g?blogID=1029833275466591797&postID=7666782930518017442&blogspotRpcToken=748363&bpli=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
date: Tue, 18 May 2021 08:44:06 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8119
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 anon36.png
resources.blogblog.com/img/ Frame 6BA6 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:831::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/anon36.png

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/v-css/2621646369-cmtfp.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19a794aab8d93c3cafd1efa4ae19579369f92ed5f1bb114d05aa0d7c7d1b3c22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 01:25:59 GMT
x-content-type-options: nosniff
last-modified: Mon, 17 May 2021 14:11:07 GMT
server: sffe
age: 26287
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1654
x-xss-protection: 0
expires: Tue, 25 May 2021 01:25:59 GMT

POST
H3-29 200 rum Show response
blog.talosintelligence.com/cdn-cgi/ 0
173 B 12ms
12ms XHR
text/plain 2606:4700::6812:c73a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.talosintelligence.com/cdn-cgi/rum?req_id=6513cd314f111772

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:c73a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-fetch-mode: cors
origin: https://blog.talosintelligence.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: _ga=GA1.2.1597965766.1621327445; _gid=GA1.2.1126719495.1621327445; _gat=1
content-length: 15652
:path: /cdn-cgi/rum?req_id=6513cd314f111772
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: blog.talosintelligence.com
referer: https://blog.talosintelligence.com/2021/05/transparent-tribe-infra-and-targeting.html
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://blog.talosintelligence.com/2021/05/transparent-tribe-infra-and-targeting.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json

Response headers

date: Tue, 18 May 2021 08:44:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://blog.talosintelligence.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 6513cd39ba9a05b7-FRA
vary: Origin

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.spotify.com/	1970-01-19 18:23:33	Name: sp_landing Value: https%3A%2F%2Fopen.spotify.com%2Fembed-podcast%2Fepisode%2F7DqBSPHYlnhsNb2Kr1WXI5
.talosintelligence.com/	1970-01-19 18:22:07	Name: _gat Value: 1
.talosintelligence.com/	1970-01-19 18:23:33	Name: _gid Value: GA1.2.1126719495.1621327445
.blogger.com/	1969-12-31 23:59:59	Name: S Value: blogger=bZw8FBgUFXwMNM5TcIsubFEpPI_3AM2eJ6vNuPeDmJ8
.spotify.com/	1970-01-20 03:07:43	Name: sp_t Value: b9fa43c66a7860a53f09a9cd2bb94d8f
.talosintelligence.com/	1970-01-20 11:53:19	Name: _ga Value: GA1.2.1597965766.1621327445

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
accounts.google.com
apresolve.spotify.com
blog.talosintelligence.com
fonts.googleapis.com
fonts.gstatic.com
gew-spclient.spotify.com
i.scdn.co
img2.blogblog.com
o22381.ingest.sentry.io
open.scdn.co
open.spotify.com
resources.blogblog.com
static.cloudflareinsights.com
stats.g.doubleclick.net
www.blogger.com
www.google-analytics.com
www.google.com
www.talosintelligence.com
2600:1901:0:524d::
2600:1901:1:64a::
2600:1901:1:c36::
2606:4700::6810:5e41
2606:4700::6811:3b4c
2606:4700::6812:c73a
2a00:1450:4001:802::2003
2a00:1450:4001:802::200d
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2001
2a00:1450:4001:813::2009
2a00:1450:4001:828::200e
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2003
2a00:1450:4001:831::2004
2a00:1450:4001:831::2009
2a00:1450:400c:c0c::9c
2a04:4e42:62::760
35.188.42.15
01792efdc4db0e623b6502a69343d848522937f3fd8caa95ebfa1f403fa13808
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
0500c837038a0e76f3cebee1377a80df53a86546add3a4e508a7f11d8afb7e45
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
1179f7c2d10f3ea42022f84cca8cadf9cc17acb9d2e928c79961d753b5d89275
19a794aab8d93c3cafd1efa4ae19579369f92ed5f1bb114d05aa0d7c7d1b3c22
1e9022d2e68559c3306657470dc8b02a28508564a67a45d70012205aca3eba47
1ec2e33c88eec72d7050b474be41d3e79282421602d9120efc96d620b911c60e
20f0d21703a645a80b7eaf2db1fd6f67d6ffc3b2cc7655e4ee1a4947d4123773
22ca5e3dcd26fa66a4af4b4a5d47a6a3a17f4cb9abdd03707901758b28f5c1d6
2529a8451bea93302e41dc0fad03f7550094f4ef5ec4f3800f28c2639d5e2789
26f5ea290915effad3bcafe2acabaad611aefc3a6ecee6fa50322de01686545c
29ec20506c9a93aaf3444bd98e2ecd22fe41b085002c9cdf1b1e1f8c2dc931f8
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2f90eee6bf178d6c4d800444f2ece7695b3c0d5a15e1eaa6c00ea229c1f91e5f
2fc708a149338bc9e4af67790f9e19d88a8f9377d6021cf2a0134688162fbe79
30d97518efc27c375b5925ba5f87035273c38ea251424c7a10bec927995937cd
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
385207f20b5339c8de012b93c6a79e86a72ddbb98aa55390b3ab773aa6b76010
3f352db86262c5cbe0af82f15f00b097c7bb8fae116d50cd615540970f03b3da
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4db7e66a4c99c6455baf6b60033a91c65b32c636b2d94655d7882680598202d7
4f357179b3067abfb538e82da01bd7e49c093ff7f0ffe266dd567b30e600fd6e
5c492e57f28b3160f9025f7b8829a40e08c669bfeb5fe804e9b66b433452654a
5d4a9fef440aa8631741de559d53474c1c93ef64f1e1594c92b2d7fe1a15e3be
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70283e21b9766b5bdebdc08a89760b935fb99d8bf25695b9dbf8f74553783b0b
7207c40e773c4db6443285e83073752a89d6b0b138d6365e0552dea3cc4f8386
73a6efa78dbb65b989a88308a2138fb08422feb16e86371ab956a76b7e00edca
75e191bc50cee0e969ccb8dc501916695c4fb16919f5cdb4da6d4b7e0aac4d58
768b1698c212fb73544aef1db15025c5c9fa6d2d409870936edf02a87e39530a
784c7a163770aa20e46cb984eeffbded5e6d9d913d36c96da061fa8041749050
7b0c93ac0aae114510c15f0e7b1e4973ec408a5b480d3f39f43cd336bc640829
80dab1233ac272c17ef142797409de5ed066aec94f70706f6fa0af7315a17bbe
8596fa31e572f4f319150599761f0261bed3edf14a31bfe525395a507d6ac9d2
897cda707d438f8d6b6b92cfcb2c1fd2035ff59f5f0c5b9943d2f04d411f7fda
8c733c892b5b0c222708477ba428d1838215af99ef8b04c5934c8a32d07fe82f
8eb91515b33b4c717020c8f5c6ba4927b4b8dd018e697c2681f3dcda85d7591a
9192b16e06a3cd217ee3849187406406ffa7d21aa321ef2e992ad466bc5de869
a689cf498a6a7b8dc39c3dd243cb1a0037129b133aae1fa12f52c3153b9b6b14
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0fb32319c8ca714cbddda23041581d8ebae13d6ad925913f5b26e1664d680d5
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4b5dffaf6cd0b3c562f6515b117a5086de99beac194b2dc020dba9bba6b16ff
b812952e2ecbdd529f7423a246bca7bdba383e2bb484730a7895dc884e87446c
ba5753dfae9cdac414e27b1b74973e9041d76173a44fe2151bdecc03e13599da
bc0e96790d3264696a88a27c94294f32187c98547bcc5f0aaa422f8ddfb69dd1
bd0ddcd91a27b1c50c11176142adcf7f1f7bd4ab581b1f04518f681674889461
c768d5a9bdb6c5ce9b4369da088ab5d26c1dffaad1abe212bf99868b6cfde668
c95c4d412dcab57d6c1788e3133cff83a2eb459c94bde0131e9ed0871039277c
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
cb9b1260c780f395cf92d12a99df8dbef1fc7537a608a6806013ac7bc8373818
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ced3a98cbbf1081607dfdc0f78cd696fcc3f22292fe03ad6177fa02e4e75193a
cf55ba3b96089db93b4bd39967be8f2c908b00382937f8becb560f70bffa0ced
d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b
d728648c3e1d90bf50f0e988787ce26ea1111fa697b0a9daeb95d6724842a9c1
d7992466071814c0f05beaa30522153589bb1c55d198944d3ad7f96763961f57
debf84af8d66827e1cbc6791aa686504e3116d8cb20f4697fef23108333061f8
defad1aec727564ae5a7da3ed815d0f1ad02152d3c8323ed8fee2d91d10acc4b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5d2405df2a95c974d5c0771e3a45b2dea1a2c2824cf6a917a605bf4a967c86d
e66d6d2d9a266366bce410f850d3c135adb4ff00cc684e3b11e0cc5936789373
ea760d3d76b2a6da25e31dc630fcd0e2fe7be91e1a1938308410dfad0a5bbd16
f23e9081ad69daedd9c1e7c4cd22513ba3ac3160b3a032d55a307c91be730920

blog.talosintelligence.com Open in urlscan Pro 2606:4700::6811:3b4c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

67 Requests

100 %HTTPS

95 %IPv6

13 Domains

19 Subdomains

18 IPs

3 Countries

4214 kBTransfer

5975 kBSize

6 Cookies

84 Outgoing links

Redirected requests

67 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

blog.talosintelligence.com Open in urlscan Pro
2606:4700::6811:3b4c Public Scan

Screenshot
Live screenshot

Full Image

67
Requests

100 %
HTTPS

95 %
IPv6

13
Domains

19
Subdomains

18
IPs

3
Countries

4214 kB
Transfer

5975 kB
Size

6
Cookies

67 HTTP transactions
0 data transactions