threatresearch.ext.hp.com Open in urlscan Pro
192.124.249.59 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://threatresearch.ext.hp.com/detecting-ta551-domains/
Submission: On December 15 via api (December 15th 2021, 9:22:52 pm UTC) from US — Scanned from DE

Summary HTTP 178 Redirects Links 207 Behaviour Indicators

Summary

This website contacted 17 IPs in 4 countries across 14 domains to perform 178 HTTP transactions. The main IP is 192.124.249.59, located in Menifee, United States and belongs to SUCURI-SEC, US. The main domain is threatresearch.ext.hp.com.
TLS certificate: Issued by Starfield Secure Certificate Authorit... on March 15th 2021. Valid for: a year.

This is the only time threatresearch.ext.hp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
131	192.124.249.59 192.124.249.59	30148 (SUCURI-SEC) (SUCURI-SEC)
2 14	104.121.152.52 104.121.152.52	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a02:26f0:fb:... 2a02:26f0:fb::5f64:9952	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
3	104.121.173.167 104.121.173.167	16625 (AKAMAI-AS) (AKAMAI-AS)
4	152.195.15.58 152.195.15.58	15133 (EDGECAST) (EDGECAST)
1	15.73.192.108 15.73.192.108	11680 (CPQ-ALF-IOMC) (CPQ-ALF-IOMC)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:ef:... 2a02:26f0:ef::5c7b:c25c	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
7	2606:4700::68... 2606:4700::6810:9440	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:df:... 2a02:26f0:df:69f::19fd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6814:b944	13335 (CLOUDFLAR...) (CLOUDFLARENET)
178	17

131 192.124.249.59 (Menifee, United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10059.sucuri.net

threatresearch.ext.hp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 104.121.152.52 (Munich, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-121-152-52.deploy.static.akamaitechnologies.com

www8.hp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:fb::5f64:9952 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.hp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.121.173.167 (Munich, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-121-173-167.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 152.195.15.58 (United States)

ASN15133 (EDGECAST, US)

cdn.bizible.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.bizibly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.73.192.108 (United States)

ASN11680 (CPQ-ALF-IOMC, US)
PTR: compaq.my

hp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:ef::5c7b:c25c (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

497-itq-712.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:df:69f::19fd (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b944 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
149	hp.com 2 redirects threatresearch.ext.hp.com www8.hp.com www.hp.com hp.com	8 MB
7	cookielaw.org cdn.cookielaw.org	139 KB
4	google-analytics.com www.google-analytics.com	20 KB
4	googletagmanager.com www.googletagmanager.com	201 KB
3	bizible.com cdn.bizible.com	32 KB
3	marketo.net munchkin.marketo.net	7 KB
2	typekit.net use.typekit.net p.typekit.net	1 KB
2	gstatic.com fonts.gstatic.com	40 KB
1	onetrust.com geolocation.onetrust.com	374 B
1	google.com www.google.com	501 B
1	mktoresp.com 497-itq-712.mktoresp.com	311 B
1	doubleclick.net stats.g.doubleclick.net	446 B
1	bizibly.com cdn.bizibly.com	203 B
1	googleapis.com fonts.googleapis.com	1 KB
178	14

	Domain	Requested by
131	threatresearch.ext.hp.com	threatresearch.ext.hp.com
14	www8.hp.com	2 redirects threatresearch.ext.hp.com www8.hp.com
7	cdn.cookielaw.org	www.hp.com cdn.bizible.com cdn.cookielaw.org
4	www.google-analytics.com	www.googletagmanager.com cdn.bizible.com threatresearch.ext.hp.com
4	www.googletagmanager.com	threatresearch.ext.hp.com www.googletagmanager.com
3	cdn.bizible.com	threatresearch.ext.hp.com cdn.bizible.com
3	munchkin.marketo.net	threatresearch.ext.hp.com munchkin.marketo.net
3	www.hp.com	threatresearch.ext.hp.com www8.hp.com
2	fonts.gstatic.com	threatresearch.ext.hp.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	www.google.com	threatresearch.ext.hp.com
1	p.typekit.net	use.typekit.net
1	497-itq-712.mktoresp.com	munchkin.marketo.net
1	stats.g.doubleclick.net	cdn.bizible.com
1	use.typekit.net	www8.hp.com
1	cdn.bizibly.com	threatresearch.ext.hp.com
1	hp.com	threatresearch.ext.hp.com
1	fonts.googleapis.com	threatresearch.ext.hp.com
178	18

This site contains links to these domains. Also see Links.

Domain
www.hp.com
www.omen.com
h20429.www2.hp.com
support.hp.com
h30434.www3.hp.com
instantink.hpconnected.com
parts.hp.com
register.hp.com
twitter.com
www.linkedin.com
www.facebook.com
apt.thaicert.or.th
unit42.paloaltonetworks.com
hp.com
docs.microsoft.com
attack.mitre.org
github.com
www.virustotal.com
www8.hp.com
jobs.hp.com
investor.hp.com
press.hp.com
garage.hp.com
locator.hp.com
h20212.www2.hp.com
www.hpsalescentral.com
partner.hp.com
developers.hp.com
www.youtube.com
h20195.www2.hp.com
www.onetrust.com

Subject Issuer	Validity	Valid
threatresearch.ext.hp.com Starfield Secure Certificate Authority - G2	`2021-03-15` - `2022-03-15`	a year	crt.sh
www8.hp.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2021-02-25` - `2022-03-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2021-03-29` - `2022-04-06`	a year	crt.sh
io.bizible.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-30` - `2022-07-05`	a year	crt.sh
hp.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2021-04-28` - `2022-05-06`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2021-08-16` - `2022-08-16`	a year	crt.sh
www.hp.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2021-01-28` - `2022-02-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.mktoresp.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2022-01-21`	2 years	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
*.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2021-12-05` - `2022-12-06`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2021-02-12` - `2022-02-11`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://threatresearch.ext.hp.com/detecting-ta551-domains/
Frame ID: 8008A6A28055819E821E92C5A3B528FA
Requests: 178 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Detecting TA551 domains | HP Wolf SecurityBack ButtonFilter Button

Page Statistics

178
Requests

99 %
HTTPS

65 %
IPv6

14
Domains

18
Subdomains

17
IPs

4
Countries

8805 kB
Transfer

13863 kB
Size

19
Cookies

207 Outgoing links

These are links going to different origins than the main page.

URL: https://www.hp.com/us-en/home.html

Search URL Search Domain Scan URL

URL: https://www.hp.com/webapp/wcs/stores/servlet/AjaxOrderItemDisplayView?langId=-1&catalogId=10051&storeId=10151

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/printers/hp-plus.html
Title: HP+ smart printing system

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/printers/instant-ink.html
Title: Instant Ink

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/printers/printandplay.html
Title: Print, play, learn

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/laptops/premium-high-performance-laptops.html
Title: Latest home laptops

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/vr/vr-products.html
Title: VR

Search URL Search Domain Scan URL

URL: https://www.omen.com/us/en.html
Title: Gaming

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/pavilion.html
Title: School

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/envy/envy-laptop.html
Title: Everyday

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/laptops/high-performance-laptop-computers.html
Title: Premium

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/desktops-computers.html
Title: Home desktops and All-in-Ones

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/chrome/chrome-family.html
Title: Chromebooks & Chromebase All-in-Ones

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/laptops/business-laptops-and-2-in-1s.html
Title: Business laptops

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/desktops/business-desktops.html
Title: Business desktops

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/workstations/workstation-pcs.html
Title: Z Workstations

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/monitors-accessories/computer-monitors.html
Title: Monitors

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/cartridge/ink-toner-paper.html
Title: Ink, toner & papers

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/printers/home-printers.html
Title: Home printers

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/printers/business-printers.html
Title: Home office & Business printers

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/printers/enterprise-printers.html
Title: Enterprise printers

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/printers/scanners.html
Title: Scanners

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/commercial-printers/graphic-arts.html
Title: Large-format printers

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/industrial-digital-presses.html
Title: Industrial presses

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/specialty-printing-solutions.html
Title: Specialty printing solutions

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/services/managed-print-services.html
Title: Managed print services

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/printers/3d-printers.html
Title: 3D print & digital manufacturing

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/security/endpoint-security-solutions.html
Title: Security

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/solutions/presence.html
Title: Collaboration

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/solutions/industries.html
Title: Industry solutions

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/services.html
Title: HP Services

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/solutions/business-solutions.html
Title: Explore all

Search URL Search Domain Scan URL

URL: https://h20429.www2.hp.com/HP2B/landingpages/US_Public_Sector.html
Title: Public sector purchasing

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/solutions/pos-systems.html#All-in-OneSystems
Title: Retail solutions

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/shop
Title: HP.com store

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/shop/cat/ink--toner---paper
Title: Ink & toner cartridges

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/shop/cv/instantink
Title: Instant Ink

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/shop/slp/weekly-deals
Title: Weekly Deals

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/shop/cat/business-solutions
Title: Business store

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/shop/cv/hp-education
Title: University student discounts

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/shop/cv/hp-business-club
Title: Business discounts

Search URL Search Domain Scan URL

URL: https://www.hp.com/webapp/wcs/stores/servlet/MyAccountOrderStatusView?catalogId=10051&langId=-1&storeId=10151&krypto=7GuY4YJJvZeu0wI0CGjE%2Bw%3D%3D&ddkey=http:MyAccountOrderStatusView
Title: Track your order

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/shop/cat/laptops
Title: Laptops

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/shop/cat/desktops
Title: Desktops

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/shop/slp/hp-gaming
Title: Gaming PCs

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/shop/vwa/business-solutions/availability=In-Stock;bizcat=Laptop
Title: Business laptops

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/shop/mlp/business-solutions/desktops-and-workstations
Title: Business desktops

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/shop/mlp/business-solutions/workstations
Title: Z Workstations

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/shop/cv/hp-chromebooks
Title: Chromebooks

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/shop/cv/printers
Title: Printers

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/shop/vwa/printers/prnttyp=Laser;availability=In-Stock
Title: Laser printers

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/shop/vwa/printers/segm=Home,Home-and-home-office
Title: Home & home office printers

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/shop/slp/designjet-plotter-printers
Title: Large format plotter printers

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/shop/slp/hp-plus-printers/hp-plus
Title: HP+

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/shop/vwa/ink--toner---paper/availability=In-Stock;papertyp=Inkjet-Photo-Paper,Large-Format-Paper,Multipurpose-Paper-for-Inkjet-and-Laser,Laser-Brochure-and-Presentation-Paper,Ink-and-Paper-Value-Packs,Inkjet-Brochure-and-Presentation-Paper,Laser-Everyday-Paper,Inkjet-Everyday-Paper
Title: Paper

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/shop/cv/accessories
Title: Accessories

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/shop/plp/accessories/computer-monitors&availability=in-stock
Title: Monitors

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/shop/plp/accessories/computer-input-devices&availability=in-stock
Title: Mice & keyboards

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/shop/plp/accessories/office-accessories&availability=in-stock&type=docking-stations
Title: Docking stations

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/shop/plp/accessories/hp-laptop-charger-and-adapter&availability=in-stock
Title: Chargers & adapters

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/shop/plp/accessories/computer-software&availability=in-stock
Title: Software

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/shop/cat/care-packs-88343--1
Title: Care Packs

Search URL Search Domain Scan URL

URL: https://support.hp.com/us-en
Title: Support & troubleshooting

Search URL Search Domain Scan URL

URL: https://support.hp.com/us-en/drivers
Title: Software & drivers

Search URL Search Domain Scan URL

URL: https://support.hp.com/us-en/topic/diagnostics
Title: Diagnostic tools

Search URL Search Domain Scan URL

URL: https://h30434.www3.hp.com/
Title: Community

Search URL Search Domain Scan URL

URL: https://support.hp.com/us-en/topic/windows-10-support-center
Title: Windows 10 support center

Search URL Search Domain Scan URL

URL: https://support.hp.com/us-en/printer
Title: Printing

Search URL Search Domain Scan URL

URL: https://support.hp.com/us-en/computer
Title: Computing

Search URL Search Domain Scan URL

URL: https://instantink.hpconnected.com/us/en/l/
Title: Instant Ink

Search URL Search Domain Scan URL

URL: https://support.hp.com/us-en/products
Title: Other Products

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/contact-hp/contact.html
Title: Contact us

Search URL Search Domain Scan URL

URL: https://support.hp.com/us-en/checkwarranty
Title: Check warranty

Search URL Search Domain Scan URL

URL: https://support.hp.com/us-en/service-center
Title: Authorized service providers

Search URL Search Domain Scan URL

URL: https://support.hp.com/us-en/security-bulletins
Title: Security bulletin archive

Search URL Search Domain Scan URL

URL: https://parts.hp.com/hpparts/default.aspx?cc=US&lang=EN
Title: Parts store

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/services/consumer/services-overview.html
Title: Consumer services

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/solutions/business-solutions/services.html
Title: Business services

Search URL Search Domain Scan URL

URL: https://register.hp.com/americas/flowPage/registration/index.do?execution=e1s1&cc=US&lang=en
Title: Product registration

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https://threatresearch.ext.hp.com/detecting-ta551-domains/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?url=https://threatresearch.ext.hp.com/detecting-ta551-domains/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https://threatresearch.ext.hp.com/detecting-ta551-domains/

Search URL Search Domain Scan URL

URL: https://apt.thaicert.or.th/cgi-bin/showcard.cgi?g=TA551%2C%20Shathak&n=1
Title: TA551

Search URL Search Domain Scan URL

URL: https://unit42.paloaltonetworks.com/valak-evolution/
Title: Palo Alto Networks

Search URL Search Domain Scan URL

URL: https://hp.com/wolf
Title: HP Wolf Security

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/en-us/office/vba/language/reference/user-interface-help/strreverse-function
Title: StrReverse function

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1566/001/
Title: email with the malicious attachment

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1218/005/
Title: mshta.exe

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1218/010/
Title: regsvr32.exe

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1036/
Title: file type masquerading

Search URL Search Domain Scan URL

URL: https://github.com/pan-unit42/iocs/tree/master/TA551
Title: public IOCs published by Palo Alto Networks

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/gui/domain/fhnz798comic.com/relations
Title: domain used on 30 November

Search URL Search Domain Scan URL

URL: https://github.com/hpthreatresearch/iocs/tree/main/TA551
Title: GitHub repository

Search URL Search Domain Scan URL

URL: https://www8.hp.com/lamerica_nsc_cnt_amer/es/home.html
Title: América Central

Search URL Search Domain Scan URL

URL: https://www8.hp.com/ar/es/home.html
Title: Argentina

Search URL Search Domain Scan URL

URL: https://www8.hp.com/bo/es/home.html
Title: Bolivia

Search URL Search Domain Scan URL

URL: https://www8.hp.com/br/pt/home.html
Title: Brasil

Search URL Search Domain Scan URL

URL: https://www8.hp.com/ca/en/home.html
Title: Canada

Search URL Search Domain Scan URL

URL: https://www8.hp.com/ca/fr/home.html
Title: Canada - Français

Search URL Search Domain Scan URL

URL: https://www8.hp.com/lamerica_nsc_carib/en/home.html
Title: Caribbean

Search URL Search Domain Scan URL

URL: https://www8.hp.com/cl/es/home.html
Title: Chile

Search URL Search Domain Scan URL

URL: https://www8.hp.com/co/es/home.html
Title: Colombia

Search URL Search Domain Scan URL

URL: https://www8.hp.com/ec/es/home.html
Title: Ecuador

Search URL Search Domain Scan URL

URL: https://www8.hp.com/mx/es/home.html
Title: México

Search URL Search Domain Scan URL

URL: https://www8.hp.com/py/es/home.html
Title: Paraguay

Search URL Search Domain Scan URL

URL: https://www8.hp.com/pe/es/home.html
Title: Perú

Search URL Search Domain Scan URL

URL: https://www8.hp.com/pr/es/home.html
Title: Puerto Rico

Search URL Search Domain Scan URL

URL: https://www8.hp.com/us/en/home.html
Title: United States

Search URL Search Domain Scan URL

URL: https://www8.hp.com/uy/es/home.html
Title: Uruguay

Search URL Search Domain Scan URL

URL: https://www8.hp.com/ve/es/home.html
Title: Venezuela

Search URL Search Domain Scan URL

URL: https://www8.hp.com/asia_pac/en/default.html
Title: Asia Pacific

Search URL Search Domain Scan URL

URL: https://www8.hp.com/au/en/home.html
Title: Australia

Search URL Search Domain Scan URL

URL: https://www.hp.com/bd-en/home.html
Title: Bangladesh

Search URL Search Domain Scan URL

URL: https://www8.hp.com/hk/en/home.html
Title: Hong Kong SAR

Search URL Search Domain Scan URL

URL: https://www8.hp.com/in/en/home.html
Title: India

Search URL Search Domain Scan URL

URL: https://www8.hp.com/id/en/home.html
Title: Indonesia

Search URL Search Domain Scan URL

URL: https://www8.hp.com/my/en/home.html
Title: Malaysia

Search URL Search Domain Scan URL

URL: https://www8.hp.com/nz/en/home.html
Title: New Zealand

Search URL Search Domain Scan URL

URL: https://www8.hp.com/ph/en/home.html
Title: Philippines

Search URL Search Domain Scan URL

URL: https://www8.hp.com/sg/en/home.html
Title: Singapore

Search URL Search Domain Scan URL

URL: https://www.hp.com/lk-en/home.html
Title: Sri Lanka

Search URL Search Domain Scan URL

URL: https://www8.hp.com/vn/en/home.html
Title: Việt Nam

Search URL Search Domain Scan URL

URL: https://www8.hp.com/th/en/home.html
Title: ไทย

Search URL Search Domain Scan URL

URL: https://www8.hp.com/cn/zh/home.html
Title: 中华人民共和国

Search URL Search Domain Scan URL

URL: https://www8.hp.com/hk/zh/home.html
Title: 中國香港 - 繁體中文

Search URL Search Domain Scan URL

URL: https://www8.hp.com/tw/zh/home.html
Title: 臺灣地區

Search URL Search Domain Scan URL

URL: https://www8.hp.com/jp/ja/home.html
Title: 日本

Search URL Search Domain Scan URL

URL: https://www8.hp.com/kr/ko/home.html
Title: 한국

Search URL Search Domain Scan URL

URL: https://www8.hp.com/emea_africa/en/home.html
Title: Africa

Search URL Search Domain Scan URL

URL: https://www8.hp.com/emea_africa/fr/home.html
Title: Afrique

Search URL Search Domain Scan URL

URL: https://www8.hp.com/be/nl/home.html
Title: België

Search URL Search Domain Scan URL

URL: https://www8.hp.com/be/fr/home.html
Title: Belgique

Search URL Search Domain Scan URL

URL: https://www8.hp.com/cz/cs/home.html
Title: Česká republika

Search URL Search Domain Scan URL

URL: https://www8.hp.com/dk/da/home.html
Title: Danmark

Search URL Search Domain Scan URL

URL: https://www8.hp.com/de/de/home.html
Title: Deutschland

Search URL Search Domain Scan URL

URL: https://www8.hp.com/ee/et/home.html
Title: Eesti

Search URL Search Domain Scan URL

URL: https://www8.hp.com/es/es/home.html
Title: España

Search URL Search Domain Scan URL

URL: https://www8.hp.com/fr/fr/home.html
Title: France

Search URL Search Domain Scan URL

URL: https://www8.hp.com/hr/hr/home.html
Title: Hrvatska

Search URL Search Domain Scan URL

URL: https://www8.hp.com/ie/en/home.html
Title: Ireland

Search URL Search Domain Scan URL

URL: https://www8.hp.com/it/it/home.html
Title: Italia

Search URL Search Domain Scan URL

URL: https://www8.hp.com/lv/lv/home.html
Title: Latvija

Search URL Search Domain Scan URL

URL: https://www8.hp.com/lt/lt/home.html
Title: Lietuva

Search URL Search Domain Scan URL

URL: https://www8.hp.com/hu/hu/home.html
Title: Magyarország

Search URL Search Domain Scan URL

URL: https://www8.hp.com/emea_middle_east/en/home.html
Title: Middle East

Search URL Search Domain Scan URL

URL: https://www8.hp.com/nl/nl/home.html
Title: Nederland

Search URL Search Domain Scan URL

URL: https://www8.hp.com/no/no/home.html
Title: Norge

Search URL Search Domain Scan URL

URL: https://www8.hp.com/at/de/home.html
Title: Österreich

Search URL Search Domain Scan URL

URL: https://www8.hp.com/pl/pl/home.html
Title: Polska

Search URL Search Domain Scan URL

URL: https://www8.hp.com/pt/pt/home.html
Title: Portugal

Search URL Search Domain Scan URL

URL: https://www8.hp.com/ro/ro/home.html
Title: România

Search URL Search Domain Scan URL

URL: https://www8.hp.com/sa/en/home.html
Title: Saudi Arabia

Search URL Search Domain Scan URL

URL: https://www8.hp.com/si/sl/home.html
Title: Slovenija

Search URL Search Domain Scan URL

URL: https://www8.hp.com/sk/sk/home.html
Title: Slovensko

Search URL Search Domain Scan URL

URL: https://www8.hp.com/za/en/home.html
Title: South Africa

Search URL Search Domain Scan URL

URL: https://www8.hp.com/ch/fr/home.html
Title: Suisse

Search URL Search Domain Scan URL

URL: https://www8.hp.com/fi/fi/home.html
Title: Suomi

Search URL Search Domain Scan URL

URL: https://www8.hp.com/se/sv/home.html
Title: Sverige

Search URL Search Domain Scan URL

URL: https://www8.hp.com/ch/de/home.html
Title: Switzerland

Search URL Search Domain Scan URL

URL: https://www8.hp.com/tr/tr/home.html
Title: Türkiye

Search URL Search Domain Scan URL

URL: https://www8.hp.com/uk/en/home.html
Title: United Kingdom

Search URL Search Domain Scan URL

URL: https://www8.hp.com/gr/el/home.html
Title: Ελλάδα

Search URL Search Domain Scan URL

URL: https://www8.hp.com/by/ru/home.html
Title: Беларусь

Search URL Search Domain Scan URL

URL: https://www8.hp.com/bg/bg/home.html
Title: България

Search URL Search Domain Scan URL

URL: https://www8.hp.com/kz/ru/home.html
Title: Казахстан

Search URL Search Domain Scan URL

URL: https://www8.hp.com/ru/ru/home.html
Title: Россия

Search URL Search Domain Scan URL

URL: https://www8.hp.com/rs/sr/home.html
Title: Србија

Search URL Search Domain Scan URL

URL: https://www.hp.com/ua-uk/home.html
Title: Україна

Search URL Search Domain Scan URL

URL: https://www8.hp.com/il/he/home.html
Title: ישראל

Search URL Search Domain Scan URL

URL: https://www8.hp.com/emea_middle_east/ar/home.html
Title: الشرق الأوسط

Search URL Search Domain Scan URL

URL: https://www8.hp.com/sa/ar/home.html
Title: المملكة العربية السعودية

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/hp-information.html
Title: About Us

Search URL Search Domain Scan URL

URL: https://jobs.hp.com/en-us/
Title: Careers

Search URL Search Domain Scan URL

URL: https://investor.hp.com/home/default.aspx
Title: Investor relations

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/hp-information/sustainable-impact.html
Title: Sustainable impact

Search URL Search Domain Scan URL

URL: https://press.hp.com/us/en.html
Title: Press center

Search URL Search Domain Scan URL

URL: https://garage.hp.com/us/en.html
Title: The Garage

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/contact-hp/shopping.html
Title: Call an HP rep

Search URL Search Domain Scan URL

URL: https://locator.hp.com/us/en/?ml___lang=en-US%20(1)&ml___region=us&ml___cont=US
Title: Find a reseller

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/hp-information/business-site/index.html
Title: Enterprise store

Search URL Search Domain Scan URL

URL: https://support.hp.com/us-en/
Title: Support

Search URL Search Domain Scan URL

URL: https://register.hp.com/apac/flowPage/registration/index.do?execution=e1s1&cc=us&lang=en
Title: Register your product

Search URL Search Domain Scan URL

URL: https://h20212.www2.hp.com/Cso_Status/CsoStatus.aspx?lc=en&cc=us
Title: Check repair status

Search URL Search Domain Scan URL

URL: https://www.hpsalescentral.com/#/training/training
Title: Training & certification

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/hpfraud-alert.html
Title: Fraud alert

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/security/cyber-security-center.html
Title: Security Center

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/solutions/hp-amplify-partner-program.html
Title: HP Amplify Partner Program

Search URL Search Domain Scan URL

URL: https://partner.hp.com/login
Title: HP Partner Portal

Search URL Search Domain Scan URL

URL: https://developers.hp.com/
Title: Developers

Search URL Search Domain Scan URL

URL: http://www.facebook.com/HP

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/hp

Search URL Search Domain Scan URL

URL: https://twitter.com/HP

Search URL Search Domain Scan URL

URL: http://www.youtube.com/hp

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/hp-information/recalls.html
Title: Recalls

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/hp-information/environment/product-recycling.html
Title: Product recycling

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/hp-information/accessibility-aging/index.html
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://h20195.www2.hp.com/v2/GetDocument.aspx?docname=c05388050
Title: CA Supply Chains Act

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/sitemap.html
Title: Site Map

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/privacy/privacy-central.html
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/privacy/use-of-cookies.html
Title: Use of cookies

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/personal-data-rights.html
Title: Personal data rights

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/terms-of-use.html
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/privacy/limited_warranty.html
Title: Limited warranty statement

Search URL Search Domain Scan URL

URL: https://www.hp.com/us-en/shop/cv/termsandconditions?jumpid=re_r11662_redirect_ETR&ts=20151012014516_LIymYBM9Ho1W
Title: Terms & conditions of sales & service

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

URL: https://www8.hp.com/us/en/privacy/privacy.html?pd4=1#=What_Data_We_Collect
Title: (What data we collect)

Search URL Search Domain Scan URL

URL: https://www8.hp.com/us/en/privacy/use-of-cookies.html
Title: Use of cookies

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://www8.hp.com/us/en/scripts/framework/jquery/v-1-8/jquery.js HTTP 301
https://www.hp.com/us-en/scripts/framework/jquery/v-1-8/jquery.js

Request Chain 1

https://www8.hp.com/us/en/scripts/framework/jquery/v-1-8/can.jquery.js HTTP 301
https://www.hp.com/us-en/scripts/framework/jquery/v-1-8/can.jquery.js

178 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
threatresearch.ext.hp.com/detecting-ta551-domains/ 1 MB
136 KB 3341ms
2357ms Document
text/html 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

0812e7587fc57a2cbb310774282b56d25147f34a92215839f5685911ad5466aa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
date: Wed, 15 Dec 2021 21:22:45 GMT
content-type: text/html; charset=UTF-8
x-sucuri-id: 15009
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding
x-cache-enabled: False
x-pingback: https://threatresearch.ext.hp.com/xmlrpc.php
link: <https://threatresearch.ext.hp.com/wp-json/>; rel="https://api.w.org/", <https://threatresearch.ext.hp.com/wp-json/wp/v2/posts/21621>; rel="alternate"; type="application/json", <https://threatresearch.ext.hp.com/?p=21621>; rel=shortlink
x-httpd: 1
access-control-allow-origin: *
host-header: 6b7412fb82ca5edfd0917e3957f05d89
x-proxy-cache: MISS
x-proxy-cache-info: W NC:000000 UP:SKIP_CACHE_SET_COOKIE
content-encoding: br
x-sucuri-cache: MISS

GET
H2

200

jquery.js Show response
www.hp.com/us-en/scripts/framework/jquery/v-1-8/
Redirect Chain

https://www8.hp.com/us/en/scripts/framework/jquery/v-1-8/jquery.js
https://www.hp.com/us-en/scripts/framework/jquery/v-1-8/jquery.js

141 KB
42 KB

410ms
58ms

Script
application/javascript

2a02:26f0:fb::5f64:9952
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hp.com/us-en/scripts/framework/jquery/v-1-8/jquery.js

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Server

2a02:26f0:fb::5f64:9952 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

4504ebe0b37dc30638127168ce5791579dc963de69c2e16f4d242af4ef22ce8b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
vary: Accept-Encoding
akamai-grn: , 0.4e99645f.1639603366.1d1d80b3
strict-transport-security: max-age=600
content-length: 42952
last-modified: Wed, 28 Apr 2021 04:32:43 GMT
server: Apache
date: Wed, 15 Dec 2021 21:22:46 GMT
access-control-max-age: 3600
access-control-allow-methods: GET, OPTIONS, POST, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
access-control-allow-headers: Access-Control-Allow-Origin, Origin, X-Requested-With, Content-Type, Accept
expires: Thu, 16 Dec 2021 21:22:46 GMT

Redirect headers

location: https://www.hp.com/us-en/scripts/framework/jquery/v-1-8/jquery.js
pragma: no-cache
date: Wed, 15 Dec 2021 21:22:46 GMT
cache-control: max-age=0, no-cache, no-store
server: AkamaiGHost
content-length: 0
expires: Wed, 15 Dec 2021 21:22:46 GMT

GET
H2

200

can.jquery.js Show response
www.hp.com/us-en/scripts/framework/jquery/v-1-8/
Redirect Chain

https://www8.hp.com/us/en/scripts/framework/jquery/v-1-8/can.jquery.js
https://www.hp.com/us-en/scripts/framework/jquery/v-1-8/can.jquery.js

49 KB
16 KB

496ms
148ms

Script
application/javascript

2a02:26f0:fb::5f64:9952
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hp.com/us-en/scripts/framework/jquery/v-1-8/can.jquery.js

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Server

2a02:26f0:fb::5f64:9952 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

648edf9ae916dfcdee76440a254934829a87dc6d4e4cd7b8f23ded200cde2ebd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
vary: Accept-Encoding
akamai-grn: , , , 0.4e99645f.1639603366.1d1d80be
strict-transport-security: max-age=600
content-length: 15923
last-modified: Mon, 18 Oct 2021 07:33:11 GMT
server: Apache
date: Wed, 15 Dec 2021 21:22:46 GMT
access-control-max-age: 3600
access-control-allow-methods: GET, OPTIONS, POST, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
access-control-allow-headers: Access-Control-Allow-Origin, Origin, X-Requested-With, Content-Type, Accept
expires: Thu, 16 Dec 2021 21:22:46 GMT

Redirect headers

location: https://www.hp.com/us-en/scripts/framework/jquery/v-1-8/can.jquery.js
pragma: no-cache
date: Wed, 15 Dec 2021 21:22:46 GMT
cache-control: max-age=0, no-cache, no-store
server: AkamaiGHost
content-length: 0
expires: Wed, 15 Dec 2021 21:22:46 GMT

GET
H2 200 latest.r Show response
www8.hp.com/caas/header-footer/us/en/default/ 320 KB
24 KB 628ms
73ms Script
application/javascript 104.121.152.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www8.hp.com/caas/header-footer/us/en/default/latest.r?contentType=js

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.121.152.52 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-121-152-52.deploy.static.akamaitechnologies.com

Software

Apache/2.4.6 (Red Hat Enterprise Linux) Communique/4.3.2 /

Resource Hash

1e8884b812a0a793a7f2ddba68172c2eb07561a283357cf1dcb6abb123216a0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-dispatcher: dispatcher2eastus2
date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-vhost: globalnav
content-length: 24208
last-modified: Tue, 14 Dec 2021 18:10:04 GMT
server: Apache/2.4.6 (Red Hat Enterprise Linux) Communique/4.3.2
x-frame-options: SAMEORIGIN
etag: "500a8-5d31f193ee749-gzip"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=506892
accept-ranges: bytes
expires: Tue, 21 Dec 2021 18:10:58 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 93 KB
37 KB 187ms
72ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-197588716-1

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a4c1a28b558123a2b5d360e8c0fba3f7cb58ea5ccd964d922faf7de4ad71a2b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37097
x-xss-protection: 0
expires: Wed, 15 Dec 2021 21:22:46 GMT

GET
H2 200 blocks.style.build.css
threatresearch.ext.hp.com/wp-content/plugins/social-warfare/assets/js/post-editor/dist/ 2 KB
1 KB 56ms
54ms Stylesheet
text/css 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/plugins/social-warfare/assets/js/post-editor/dist/blocks.style.build.css?ver=5.8.2

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

4834aa58000857ce42bdc4ae2322104fbbb5c0e96a7dbd4deab73900ae9d23a7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:45 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Fri, 27 Aug 2021 01:59:25 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"8a1-5ca80d536d39a"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 layerslider.css
threatresearch.ext.hp.com/wp-content/plugins/LayerSlider/assets/static/layerslider/css/ 21 KB
4 KB 59ms
56ms Stylesheet
text/css 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/plugins/LayerSlider/assets/static/layerslider/css/layerslider.css?ver=6.11.9

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

e0f987f16687328f1504bff870acba9b30333eff550220a7307f9fe7e73fb5d2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:45 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Oct 2021 00:20:36 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"555a-5cefa18cf4dc7"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 187ms
63ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,300,regular,700,900%7COpen+Sans:300%7CIndie+Flower:regular%7COswald:300,regular,700&subset=latin%2Clatin-ext

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

443fbb7859059f3f3646c43bc57d5fd0d0120327f3841c0ed37e921873ac5be7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 15 Dec 2021 20:13:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 15 Dec 2021 21:22:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 15 Dec 2021 21:22:45 GMT

GET
H2 200 mediaelementplayer-legacy.min.css
threatresearch.ext.hp.com/wp-includes/js/mediaelement/ 11 KB
3 KB 62ms
57ms Stylesheet
text/css 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:45 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Fri, 30 Apr 2021 03:10:53 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"2bf8-5c127f5aab452"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-mediaelement.min.css
threatresearch.ext.hp.com/wp-includes/js/mediaelement/ 4 KB
1 KB 65ms
60ms Stylesheet
text/css 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=5.8.2

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:45 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Tue, 17 Dec 2019 03:59:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"105a-599de5bea507f"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 views-frontend.css
threatresearch.ext.hp.com/wp-content/plugins/wp-views/public/css/ 23 KB
4 KB 68ms
64ms Stylesheet
text/css 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/plugins/wp-views/public/css/views-frontend.css?ver=3.6.1

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

d068841edda9bc2bc6e85dee475dc732a4632e2dc48000b616536fb5aaa4625d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:45 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Fri, 24 Sep 2021 00:15:28 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5daf-5ccb2a5022c73"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 styles.css
threatresearch.ext.hp.com/wp-content/plugins/ditty-news-ticker/inc/static/libs/fontastic/ 5 KB
1 KB 71ms
66ms Stylesheet
text/css 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/plugins/ditty-news-ticker/inc/static/libs/fontastic/styles.css?ver=2.3.12

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

578332cd14c1c8f1c9ea7cc966ca50ae73945b7de3055e07f06dc099d4feeee0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:45 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Fri, 24 Sep 2021 00:18:41 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"1421-5ccb2b08b67b9"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
threatresearch.ext.hp.com/wp-content/plugins/ditty-news-ticker/inc/static/css/ 10 KB
2 KB 72ms
67ms Stylesheet
text/css 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/plugins/ditty-news-ticker/inc/static/css/style.css?ver=1632442721

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

e19a0e64789068d756a1b250084e54bb0ef77da66685e3dd9eafdc9a71ea1406

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:45 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Fri, 24 Sep 2021 00:18:41 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"2678-5ccb2b08b4878"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
threatresearch.ext.hp.com/wp-content/plugins/thumbs-rating/css/ 859 B
646 B 74ms
70ms Stylesheet
text/css 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/plugins/thumbs-rating/css/style.css?ver=4.0.3

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

ee991e02add6bbe26b55d521d8f83e94031eb9f9f636b30756d4e3fc09a3cff4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:45 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Fri, 30 Apr 2021 02:10:54 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"35b-5c1271f2f1cab"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ult_marketo_forms-public.css
threatresearch.ext.hp.com/wp-content/plugins/ultimate-marketo-forms/public/css/ 35 B
465 B 74ms
70ms Stylesheet
text/css 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/plugins/ultimate-marketo-forms/public/css/ult_marketo_forms-public.css?ver=1.0.1

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

7a109bbaf31b60ea0c1182758f73e7e2050aeabc9d37913ebc0c72030a48cf23

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:45 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Mon, 17 Dec 2018 17:45:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"23-57d3b59d188c0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wonderplugin3dcarousel.css
threatresearch.ext.hp.com/wp-content/plugins/wonderplugin-3dcarousel/engine/ 24 KB
2 KB 75ms
70ms Stylesheet
text/css 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/plugins/wonderplugin-3dcarousel/engine/wonderplugin3dcarousel.css?ver=4.2C

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

62855a25508bf218a96a1179788320756ce0ae0346a586cca1fc5a6b5e7a4668

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:45 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Fri, 27 Aug 2021 02:07:15 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"61f9-5ca80f13c50e2"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wonderpluginsliderengine.css
threatresearch.ext.hp.com/wp-content/plugins/wonderplugin-slider/engine/ 16 KB
1 KB 106ms
102ms Stylesheet
text/css 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/plugins/wonderplugin-slider/engine/wonderpluginsliderengine.css?ver=13.0C

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

c3ef28a4f156c353239b74328046126175c702be2d89b9a24c8527a8b53ee0e4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:45 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Oct 2021 00:10:09 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"4039-5cef9f36b0c8a"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 frontend.min.css
threatresearch.ext.hp.com/wp-content/plugins/wp-user-avatar/assets/css/ 68 KB
9 KB 117ms
113ms Stylesheet
text/css 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/plugins/wp-user-avatar/assets/css/frontend.min.css?ver=3.2.3

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

3e6acde1a483c1cfd05ef515b8a74523c2aa0c12e16d8ce04ae32275731d8782

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:45 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Thu, 18 Nov 2021 01:10:09 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"111f7-5d105d1dd3f86"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 flatpickr.min.css
threatresearch.ext.hp.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/ 16 KB
3 KB 120ms
116ms Stylesheet
text/css 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.css?ver=3.2.3

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

661e00570c65c29528d9ce6ee19e5e9939986716c293def67b07f8b6a191b018

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:45 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Thu, 18 Nov 2021 01:10:09 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"3e52-5d105d1dd8da7"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 select2.min.css
threatresearch.ext.hp.com/wp-content/plugins/wp-user-avatar/assets/select2/ 15 KB
2 KB 122ms
119ms Stylesheet
text/css 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.css?ver=5.8.2

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

044efea78208376302aad3808aaabdf3c2f7bdd80ba9d55c9e0e4d3baa7a3908

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:45 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Thu, 18 Nov 2021 01:10:09 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"3a75-5d105d1dd4756"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.min.css
threatresearch.ext.hp.com/wp-content/plugins/social-warfare/assets/css/ 87 KB
10 KB 131ms
128ms Stylesheet
text/css 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/plugins/social-warfare/assets/css/style.min.css?ver=4.3.0

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

f975207e21041e251c165009f22311cc20b0acf1477d309fd62538beb50e0eb6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:45 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Fri, 27 Aug 2021 01:59:25 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"15c19-5ca80d536bc29"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
threatresearch.ext.hp.com/wp-content/themes/Avada/ 505 B
708 B 135ms
132ms Stylesheet
text/css 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/themes/Avada/style.css?ver=5.8.2

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

5222d5b2ac9707fd616d1c3fe9e3e6feef28a8c4db471ed018debeaf87f55ccf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:45 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Oct 2021 00:17:17 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"1f9-5cefa0ceb94cd"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.min.css
threatresearch.ext.hp.com/wp-content/themes/Avada/assets/css/ 81 KB
14 KB 144ms
141ms Stylesheet
text/css 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/themes/Avada/assets/css/style.min.css?ver=7.5

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

e231a94b4ca4df6170ef81b5fed34e3bf6fbb32d1a94d4c441029c63e373b81c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:45 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Oct 2021 00:17:17 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"14260-5cefa0cebcf66"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 toolset-common-es-frontend.js Show response
threatresearch.ext.hp.com/wp-content/plugins/wp-views/vendor/toolset/common-es/public/ 4 KB
2 KB 65ms
46ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/plugins/wp-views/vendor/toolset/common-es/public/toolset-common-es-frontend.js?ver=161000

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

7c356a9d56062296d80aaa7faa72446bedb5e783aa6a9c557e1efddaa6055258

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Fri, 24 Sep 2021 00:15:28 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"10f5-5ccb2a5031ea8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
threatresearch.ext.hp.com/wp-includes/js/jquery/ 87 KB
30 KB 166ms
163ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:45 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Fri, 27 Aug 2021 03:00:41 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"15db1-5ca81b05be81a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-migrate.min.js Show response
threatresearch.ext.hp.com/wp-includes/js/jquery/ 11 KB
4 KB 65ms
46ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Fri, 30 Apr 2021 03:10:53 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"2bd8-5c127f5aa6e01"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 layerslider.utils.js Show response
threatresearch.ext.hp.com/wp-content/plugins/LayerSlider/assets/static/layerslider/js/ 120 KB
39 KB 66ms
47ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.utils.js?ver=6.11.9

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

f67eb60570b3cafc392cb473d3f7f2dc3ea0f0299f34d6efbdb2506433745516

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Oct 2021 00:20:36 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"1e065-5cefa18cf5597"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 layerslider.kreaturamedia.jquery.js Show response
threatresearch.ext.hp.com/wp-content/plugins/LayerSlider/assets/static/layerslider/js/ 120 KB
44 KB 114ms
95ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.kreaturamedia.jquery.js?ver=6.11.9

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

e0adb7430cf5745bf1d05eec5a8f8fc6985e6561b3437fcb43f84f55219c02b7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Oct 2021 00:20:36 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"1e11c-5cefa18cf5597"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 layerslider.transitions.js Show response
threatresearch.ext.hp.com/wp-content/plugins/LayerSlider/assets/static/layerslider/js/ 21 KB
3 KB 124ms
105ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.transitions.js?ver=6.11.9

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

ef138d7fbd35f65650c0cc7812600026e6ddd9daf470e3e3d7699ccdce1b1642

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Oct 2021 00:20:36 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5513-5cefa18cf5597"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 frontend-gtag.min.js Show response
threatresearch.ext.hp.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/ 12 KB
3 KB 124ms
106ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.2.0

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

e69d17966c87ced93f60016674f0e6b10786838cfc6973e34e195649166b225e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Thu, 18 Nov 2021 01:09:31 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"2e81-5d105cf9b3418"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 rbtools.min.js Show response
threatresearch.ext.hp.com/wp-content/plugins/revslider/public/assets/js/ 121 KB
45 KB 125ms
107ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.7

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

a5f70e90e97e6ac1952a1a116dba485b468fa98dca2977853768a946227c7bc0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Fri, 24 Sep 2021 00:39:37 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"1e4e6-5ccb2fb5d7ba9"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 rs6.min.js Show response
threatresearch.ext.hp.com/wp-content/plugins/revslider/public/assets/js/ 369 KB
90 KB 161ms
141ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.7

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

af8154b4747aed3f4ad58f3b3d69168bf81a701b0e2eb4d91799195183ad76c6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Fri, 24 Sep 2021 00:39:37 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5c5f6-5ccb2fb5d7ba9"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 general.js Show response
threatresearch.ext.hp.com/wp-content/plugins/thumbs-rating/js/ 2 KB
1 KB 174ms
154ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/plugins/thumbs-rating/js/general.js?ver=4.0.3

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

0a3364d1f00ceab070910d588e47e47a584e60e0dc2b235270195f8bbf5a36d1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Fri, 30 Apr 2021 02:10:54 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"6c2-5c1271f2f2c4c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 forms2.min.js Show response
threatresearch.ext.hp.com/wp-content/plugins/ultimate-marketo-forms/public/js/ 164 KB
54 KB 191ms
189ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/plugins/ultimate-marketo-forms/public/js/forms2.min.js?ver=1.0.1

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

de5ba330570616401d1840de0075059a65e62280b8d2524334be84290f43a4d7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:45 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Mon, 17 Dec 2018 17:45:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"29076-57d3b59d188c0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ult_marketo_forms-public.js Show response
threatresearch.ext.hp.com/wp-content/plugins/ultimate-marketo-forms/public/js/ 2 KB
1 KB 216ms
214ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/plugins/ultimate-marketo-forms/public/js/ult_marketo_forms-public.js?ver=1.0.1

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

4463996b808a043a2091ce400b56adcdb7407264272e6d2e389075e143e1c901

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:45 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Mon, 17 Dec 2018 17:45:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"6fb-57d3b59d188c0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 800ms
107ms Script
application/x-javascript 104.121.173.167
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js?ver=1.0.1
Requested by: Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.121.173.167 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-121-173-167.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4bf3aca933aa233702f890083af601fb16149ec8a17f8c1b90d30450562bde08

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 21:22:47 GMT
Content-Encoding: gzip
Last-Modified: Fri, 29 Oct 2021 01:24:07 GMT
Server: AkamaiNetStorage
ETag: "461ce1cffaadfebf2e7659745618ba8e:1635470647.434977"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 753

GET
H2 200 wp3dcarousellightbox.js Show response
threatresearch.ext.hp.com/wp-content/plugins/wonderplugin-3dcarousel/engine/ 120 KB
24 KB 202ms
183ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/plugins/wonderplugin-3dcarousel/engine/wp3dcarousellightbox.js?ver=4.2C

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

a1323bcfc774c0eca14adb6af88eac4bf5a2f4ab1779f49a427e04704395f086

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Fri, 27 Aug 2021 02:07:15 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"1df10-5ca80f13c4141"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wonderplugin3dcarousel.js Show response
threatresearch.ext.hp.com/wp-content/plugins/wonderplugin-3dcarousel/engine/ 60 KB
11 KB 205ms
186ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/plugins/wonderplugin-3dcarousel/engine/wonderplugin3dcarousel.js?ver=4.2C

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

568f1348a060326db6e1cf816b7beff8a5bf6ba2b57f3d11d58639ff969b6f3e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Fri, 27 Aug 2021 02:07:15 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"f052-5ca80f13c5c9a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wonderpluginsliderskins.js Show response
threatresearch.ext.hp.com/wp-content/plugins/wonderplugin-slider/engine/ 175 KB
7 KB 216ms
215ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/plugins/wonderplugin-slider/engine/wonderpluginsliderskins.js?ver=13.0C

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

0c54a2b60a83d5b02034550c173617b744d53f0ba29d5747425f80f359d107c7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:45 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Oct 2021 00:10:09 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"2bb6b-5cef9f36af902"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wonderpluginslider.js Show response
threatresearch.ext.hp.com/wp-content/plugins/wonderplugin-slider/engine/ 317 KB
49 KB 216ms
215ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/plugins/wonderplugin-slider/engine/wonderpluginslider.js?ver=13.0C

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

4e339691cd1f12186b031362222f78b1e0acd8c11e5e914824353e7092ca7d5a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:45 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Oct 2021 00:10:09 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"4f2a3-5cef9f36b04ba"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 flatpickr.min.js Show response
threatresearch.ext.hp.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/ 49 KB
14 KB 208ms
189ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.js?ver=5.8.2

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

587e022b442a0d7013a27f5fd2db035e28a74318d44dac1ac431f124c615bb37

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Thu, 18 Nov 2021 01:10:09 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"c205-5d105d1dd8da7"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 select2.min.js Show response
threatresearch.ext.hp.com/wp-content/plugins/wp-user-avatar/assets/select2/ 69 KB
18 KB 210ms
191ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.js?ver=5.8.2

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

00501810e93307a8882a74d864e7547fd1458deea539361dc1124ac133799a4b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Thu, 18 Nov 2021 01:10:09 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"114c3-5d105d1dd4756"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
35 KB 250ms
137ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-31745238-1

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fa812cf93c26919828ff799b345e6955e91c68a3daa7f405dbcd5f7de80bada4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36211
x-xss-protection: 0
last-modified: Wed, 15 Dec 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 15 Dec 2021 21:22:46 GMT

GET
H2 200 bizible.js Show response
cdn.bizible.com/scripts/ 83 KB
32 KB 216ms
50ms Script
application/x-javascript 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bizible.com/scripts/bizible.js
Requested by: Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67D4) /
Resource Hash: 47d11b41f78f9e37dcb3a72ee46bf1d485026a70062133b13c05ff38ec76a5ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: gzip
last-modified: Fri, 10 Dec 2021 22:16:44 GMT
server: ECS (frb/67D4)
age: 72406
etag: "51fd799d13eed71:0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 32302

GET
H/1.1 200
OK privacy-banner.js Show response
hp.com/cma/ng/lib/exceptions/ 36 KB
19 KB 980ms
220ms Script
text/javascript 15.73.192.108
CPQ-ALF-IOMC

General

Check archive.org

Show headers Download Go to

Full URL

https://hp.com/cma/ng/lib/exceptions/privacy-banner.js

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

15.73.192.108 , United States, ASN11680 (CPQ-ALF-IOMC, US),

Reverse DNS

compaq.my

Software

Apache /

Resource Hash

d13387653d66a2b69f03b18aa15c681d81b9b2fc25bf66bf0525802ba706da05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 21:22:47 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
ETag: "5d2ccc633d400"
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Cache-Control: max-age=7200
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 18798
Expires: Wed, 15 Dec 2021 23:22:47 GMT

GET
H2 200 blogImage__b6.jpg
threatresearch.ext.hp.com/wp-content/uploads/2021/05/ 2 MB
2 MB 210ms
193ms Image
image/jpeg 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://threatresearch.ext.hp.com/wp-content/uploads/2021/05/blogImage__b6.jpg

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

c85d4f64101e48851e2a89069e50aefd6aeb901c535c7aa39986903d4baf1353

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 2050865
x-xss-protection: 1; mode=block
last-modified: Wed, 12 May 2021 11:13:55 GMT
server: nginx
etag: "1f4b31-5c2201b3ceea5"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-httpd: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: HIT

GET
H2 200 ta551_001_v2.png
threatresearch.ext.hp.com/wp-content/uploads/2021/07/ 103 KB
104 KB 773ms
756ms Image
image/png 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://threatresearch.ext.hp.com/wp-content/uploads/2021/07/ta551_001_v2.png

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

c7784ca8f7f2210f1e951a9e3a3433278af55374c5fdbb4f33d730c1229b0888

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
x-content-type-options: nosniff
x-sucuri-cache: MISS
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 105583
x-xss-protection: 1; mode=block
last-modified: Fri, 30 Jul 2021 15:08:24 GMT
server: nginx
etag: "19c6f-5c858974d043e"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ta551_002-768x239.png
threatresearch.ext.hp.com/wp-content/uploads/2021/07/ 98 KB
98 KB 1011ms
994ms Image
image/png 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://threatresearch.ext.hp.com/wp-content/uploads/2021/07/ta551_002-768x239.png

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

4b74b7b6a66111151aeb7bedd0efa51fb7583e823f4e688ed5fa55ce19ed0de6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:47 GMT
x-content-type-options: nosniff
x-proxy-cache-info: 0 NC:000000 UP:
x-sucuri-cache: MISS
host-header: 6b7412fb82ca5edfd0917e3957f05d89
content-length: 100096
x-xss-protection: 1; mode=block
last-modified: Fri, 30 Jul 2021 13:39:08 GMT
server: nginx
etag: "18700-5c857580704f6"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: EXPIRED
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ta551_003.png
threatresearch.ext.hp.com/wp-content/uploads/2021/07/ 101 KB
101 KB 1014ms
997ms Image
image/png 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://threatresearch.ext.hp.com/wp-content/uploads/2021/07/ta551_003.png

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

59c8443986ab4a9ccddb2b552c26376cfa8e83891aeaf2f18fb841b648eb1841

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:47 GMT
x-content-type-options: nosniff
x-proxy-cache-info: 0 NC:000000 UP:
x-sucuri-cache: MISS
host-header: 6b7412fb82ca5edfd0917e3957f05d89
content-length: 103344
x-xss-protection: 1; mode=block
last-modified: Fri, 30 Jul 2021 13:39:09 GMT
server: nginx
etag: "193b0-5c8575823671c"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: EXPIRED
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ta551_004.png
threatresearch.ext.hp.com/wp-content/uploads/2021/07/ 12 KB
13 KB 1009ms
993ms Image
image/png 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://threatresearch.ext.hp.com/wp-content/uploads/2021/07/ta551_004.png

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

9f63a857b5ebb64b3da797bf94dfc4a55cf5093abf3827f2a3363a5607711996

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:47 GMT
x-content-type-options: nosniff
x-proxy-cache-info: 0 NC:000000 UP:
x-sucuri-cache: MISS
host-header: 6b7412fb82ca5edfd0917e3957f05d89
content-length: 12504
x-xss-protection: 1; mode=block
last-modified: Fri, 30 Jul 2021 13:39:13 GMT
server: nginx
etag: "30d8-5c8575857d9db"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: EXPIRED
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ta551_005.png
threatresearch.ext.hp.com/wp-content/uploads/2021/07/ 422 KB
423 KB 1011ms
995ms Image
image/png 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://threatresearch.ext.hp.com/wp-content/uploads/2021/07/ta551_005.png

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

ceed2b896bd2336f7492c8568f1d28ec27043c57e0fde01f383f242658d0496c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:47 GMT
x-content-type-options: nosniff
x-proxy-cache-info: 0 NC:000000 UP:
x-sucuri-cache: MISS
host-header: 6b7412fb82ca5edfd0917e3957f05d89
content-length: 431948
x-xss-protection: 1; mode=block
last-modified: Fri, 30 Jul 2021 13:39:15 GMT
server: nginx
etag: "6974c-5c857587a9137"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: EXPIRED
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ta551_006.png
threatresearch.ext.hp.com/wp-content/uploads/2021/07/ 24 KB
24 KB 1013ms
997ms Image
image/png 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://threatresearch.ext.hp.com/wp-content/uploads/2021/07/ta551_006.png

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

1cbdf0ae9abb3ca541bac1e7b45aff35c712eaed7f066a55ed8b2f3934cc0ba3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:47 GMT
x-content-type-options: nosniff
x-proxy-cache-info: 0 NC:000000 UP:
x-sucuri-cache: MISS
host-header: 6b7412fb82ca5edfd0917e3957f05d89
content-length: 24441
x-xss-protection: 1; mode=block
last-modified: Fri, 30 Jul 2021 13:39:19 GMT
server: nginx
etag: "5f79-5c85758baf2de"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: EXPIRED
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ta551_007.png
threatresearch.ext.hp.com/wp-content/uploads/2021/07/ 24 KB
24 KB 1017ms
1000ms Image
image/png 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://threatresearch.ext.hp.com/wp-content/uploads/2021/07/ta551_007.png

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

7915441a8142774ad40d9d34446b14e61bd474e475e71569a4e9aa0249e6f052

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:47 GMT
x-content-type-options: nosniff
x-proxy-cache-info: 0 NC:000000 UP:
x-sucuri-cache: MISS
host-header: 6b7412fb82ca5edfd0917e3957f05d89
content-length: 24070
x-xss-protection: 1; mode=block
last-modified: Fri, 30 Jul 2021 13:39:21 GMT
server: nginx
etag: "5e06-5c85758d0b1ad"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: EXPIRED
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ta551_008.png
threatresearch.ext.hp.com/wp-content/uploads/2021/07/ 37 KB
38 KB 1016ms
1000ms Image
image/png 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://threatresearch.ext.hp.com/wp-content/uploads/2021/07/ta551_008.png

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

43f76ddeb74fd27404931626f538479f9e8712998f771e163da794109c54eb5b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:47 GMT
x-content-type-options: nosniff
x-proxy-cache-info: 0 NC:000000 UP:
x-sucuri-cache: MISS
host-header: 6b7412fb82ca5edfd0917e3957f05d89
content-length: 38267
x-xss-protection: 1; mode=block
last-modified: Fri, 30 Jul 2021 13:39:23 GMT
server: nginx
etag: "957b-5c85758f48a1e"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: EXPIRED
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ta551_009.png
threatresearch.ext.hp.com/wp-content/uploads/2021/07/ 69 KB
69 KB 1015ms
999ms Image
image/png 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://threatresearch.ext.hp.com/wp-content/uploads/2021/07/ta551_009.png

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

6e5e428db22023b1be6d12085c442e65337af4d50a755103d221377931f6b3fb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:47 GMT
x-content-type-options: nosniff
x-proxy-cache-info: 0 NC:000000 UP:
x-sucuri-cache: MISS
host-header: 6b7412fb82ca5edfd0917e3957f05d89
content-length: 70477
x-xss-protection: 1; mode=block
last-modified: Fri, 30 Jul 2021 13:39:26 GMT
server: nginx
etag: "1134d-5c8575919878c"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: EXPIRED
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ta551_010.png
threatresearch.ext.hp.com/wp-content/uploads/2021/07/ 29 KB
30 KB 1014ms
998ms Image
image/png 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://threatresearch.ext.hp.com/wp-content/uploads/2021/07/ta551_010.png

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

41807a5e23946d0b786f2c78b61eacc9372e977e3db74e5d377b93298d5a85bf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:47 GMT
x-content-type-options: nosniff
x-proxy-cache-info: 0 NC:000000 UP:
x-sucuri-cache: MISS
host-header: 6b7412fb82ca5edfd0917e3957f05d89
content-length: 29996
x-xss-protection: 1; mode=block
last-modified: Fri, 30 Jul 2021 13:39:28 GMT
server: nginx
etag: "752c-5c857593ff431"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: EXPIRED
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 profile_img-150x150.jpg
threatresearch.ext.hp.com/wp-content/uploads/2021/01/ 8 KB
8 KB 1009ms
993ms Image
image/jpeg 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://threatresearch.ext.hp.com/wp-content/uploads/2021/01/profile_img-150x150.jpg

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

6eb52a97833a253a404e06ef580bfc474b9883681a2e7abf223b1a9434201bae

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:47 GMT
x-content-type-options: nosniff
x-sucuri-cache: MISS
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 8242
x-xss-protection: 1; mode=block
last-modified: Tue, 19 Jan 2021 12:52:40 GMT
server: nginx
etag: "2032-5b940505ef0ed"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-httpd: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: HIT

GET
H2 200 blogImage__b2.jpg
threatresearch.ext.hp.com/wp-content/uploads/2021/05/ 2 MB
2 MB 374ms
358ms Image
image/jpeg 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://threatresearch.ext.hp.com/wp-content/uploads/2021/05/blogImage__b2.jpg

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

d68605f97c0c27101ea06a1276a2e55c2bf65f0e07e8e0c11be145addde1344b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 2112187
x-xss-protection: 1; mode=block
last-modified: Wed, 12 May 2021 11:13:47 GMT
server: nginx
etag: "203abb-5c2201ac87831"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-httpd: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: HIT

GET
H2 200 blogImage__b9.jpg
threatresearch.ext.hp.com/wp-content/uploads/2021/05/ 2 MB
2 MB 374ms
359ms Image
image/jpeg 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://threatresearch.ext.hp.com/wp-content/uploads/2021/05/blogImage__b9.jpg

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

9a19f69eb87e131998e91350c4eb6f55a44de97614261b1af11694576949ac39

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
x-content-type-options: nosniff
x-proxy-cache-info: 0 NC:000000 UP:
x-sucuri-cache: HIT
host-header: 6b7412fb82ca5edfd0917e3957f05d89
content-length: 2098561
x-xss-protection: 1; mode=block
last-modified: Wed, 12 May 2021 11:13:43 GMT
server: nginx
etag: "200581-5c2201a89aceb"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 blogImage_refresh_001.jpg
threatresearch.ext.hp.com/wp-content/uploads/2021/10/ 110 KB
110 KB 374ms
359ms Image
image/jpeg 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://threatresearch.ext.hp.com/wp-content/uploads/2021/10/blogImage_refresh_001.jpg

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

100c3577372983a9ae444d3a1fcecec6525dae128e75a396bf38bd23eb972c5c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 112333
x-xss-protection: 1; mode=block
last-modified: Thu, 28 Oct 2021 10:38:17 GMT
server: nginx
etag: "1b6cd-5cf674f0171cb"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-httpd: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: HIT

GET
H2 200 profile_img.jpg
threatresearch.ext.hp.com/wp-content/uploads/2021/01/ 15 KB
15 KB 1016ms
1001ms Image
image/jpeg 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://threatresearch.ext.hp.com/wp-content/uploads/2021/01/profile_img.jpg

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

08de3edfa1e71b1c4ddc7fde8cbdad1e98a05222d7fdf1f9321313d821d20cfa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:47 GMT
x-content-type-options: nosniff
x-sucuri-cache: MISS
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 15350
x-xss-protection: 1; mode=block
last-modified: Tue, 19 Jan 2021 12:52:40 GMT
server: nginx
etag: "3bf6-5b940505b56fe"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-httpd: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: HIT

GET
H2 200 style.min.css
threatresearch.ext.hp.com/wp-includes/css/dist/block-library/ 79 KB
10 KB 51ms
51ms Stylesheet
text/css 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.2

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Fri, 27 Aug 2021 03:00:41 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"13abe-5ca81b05b99f9"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 rs6.css
threatresearch.ext.hp.com/wp-content/plugins/revslider/public/assets/css/ 56 KB
12 KB 51ms
51ms Stylesheet
text/css 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.7

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

c30c5b740610275fd73ab469fea10cc11844d60befb266be86845c738b2ecec4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Fri, 24 Sep 2021 00:39:37 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"e152-5ccb2fb5d77c0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 swiped-events.min.js Show response
threatresearch.ext.hp.com/wp-content/plugins/ditty-news-ticker/inc/static/js/ 2 KB
1 KB 374ms
359ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/plugins/ditty-news-ticker/inc/static/js/swiped-events.min.js?ver=1.1.4

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

db0fe819895d07af230d0f21f183ae4c9ecdec27664f004c6ac8844deaf55adc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Fri, 24 Sep 2021 00:18:41 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"6e8-5ccb2b08b5fe9"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 imagesloaded.min.js Show response
threatresearch.ext.hp.com/wp-includes/js/ 5 KB
2 KB 375ms
360ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Wed, 19 Aug 2020 23:51:51 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"15fd-5ad43b00c07ef"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 effect.min.js Show response
threatresearch.ext.hp.com/wp-includes/js/jquery/ui/ 17 KB
6 KB 375ms
360ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-includes/js/jquery/ui/effect.min.js?ver=1.12.1

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

74cc6a206326b8229276585c91ff2029af2061b89ffbadb4e5873353cf6e93ae

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Fri, 27 Aug 2021 03:00:41 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"4210-5ca81b05bf3d2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ditty-news-ticker.min.js Show response
threatresearch.ext.hp.com/wp-content/plugins/ditty-news-ticker/inc/static/js/ 14 KB
3 KB 375ms
360ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/plugins/ditty-news-ticker/inc/static/js/ditty-news-ticker.min.js?ver=1632442721

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

2627a4b390439046af11a57125360d12a8d41911a60147c25722f2696f45d4c2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Fri, 24 Sep 2021 00:18:41 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"3715-5ccb2b08b63d1"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 frontend.min.js Show response
threatresearch.ext.hp.com/wp-content/plugins/wp-user-avatar/assets/js/ 9 KB
2 KB 375ms
361ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/plugins/wp-user-avatar/assets/js/frontend.min.js?ver=3.2.3

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

3684b8902fe2f3f96b32be42dca7f2621827f8c8b92fde984b5b1787dd06a17b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Thu, 18 Nov 2021 01:10:09 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"236e-5d105d1dd7e07"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 script.min.js Show response
threatresearch.ext.hp.com/wp-content/plugins/social-warfare/assets/js/ 21 KB
6 KB 375ms
361ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/plugins/social-warfare/assets/js/script.min.js?ver=4.3.0

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

824881cb24a4442381024afdf51da2932d717bb59cb549edc4cad3e00394bdce

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Fri, 27 Aug 2021 01:59:25 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"550b-5ca80d536cbc9"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 comment-reply.min.js Show response
threatresearch.ext.hp.com/wp-includes/js/ 3 KB
2 KB 375ms
361ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-includes/js/comment-reply.min.js?ver=5.8.2

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Fri, 30 Apr 2021 03:10:53 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"ba8-5c127f5ab3924"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 new-tab.js Show response
threatresearch.ext.hp.com/wp-content/plugins/page-links-to/dist/ 24 KB
9 KB 375ms
361ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/plugins/page-links-to/dist/new-tab.js?ver=3.3.5

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

d455ab882af3a742e6c9680578e6a590681bda99e34847f550f1f41a7d167969

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Fri, 30 Apr 2021 02:02:02 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"609e-5c126ff783b96"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-embed.min.js Show response
threatresearch.ext.hp.com/wp-includes/js/ 1 KB
1 KB 376ms
361ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-includes/js/wp-embed.min.js?ver=5.8.2

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Fri, 30 Apr 2021 03:10:53 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"592-5c127f5ab5095"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cssua.js Show response
threatresearch.ext.hp.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 3 KB
2 KB 376ms
362ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/cssua.js?ver=2.1.28

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

daf181ab9ead5372eefb6fe5d87704d7abdbfa6c09e4c79a2a2f688c6fac5ada

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Oct 2021 00:17:17 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"d10-5cefa0cee639a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fusion-animations.js Show response
threatresearch.ext.hp.com/wp-content/plugins/fusion-builder/assets/js/min/general/ 2 KB
1 KB 376ms
362ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-animations.js?ver=1

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

6f87c5c6c8e9b349b7fb0517ef8246042cc2a2d64406f9e4a9be1a6b776d7435

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Oct 2021 00:20:20 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"66b-5cefa17d4eb66"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fusion-vertical-menu-widget.js Show response
threatresearch.ext.hp.com/wp-content/plugins/fusion-core/js/min/ 1 KB
866 B 376ms
362ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/plugins/fusion-core/js/min/fusion-vertical-menu-widget.js?ver=5.5

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

d9f03d2078c5342b17d3263a43bfd0a7821403c59e4900e5cc05eff04631960d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Oct 2021 00:19:09 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5c7-5cefa139e55cf"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 modernizr.js Show response
threatresearch.ext.hp.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 13 KB
5 KB 376ms
362ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/modernizr.js?ver=3.3.1

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

45489ffcf01ef61169bda340908095cfc2c0ddcfa78a6cad71a2d1b636feccdf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Oct 2021 00:17:17 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"32bf-5cefa0cee5fb2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fusion.js Show response
threatresearch.ext.hp.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/ 4 KB
2 KB 376ms
363ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion.js?ver=3.4.1

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

c13d9e4af00e319f622cc306225f1286dff17721033f52d7cf91c51e18d0f6eb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Oct 2021 00:17:17 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"11b6-5cefa0cee57e2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bootstrap.transition.js Show response
threatresearch.ext.hp.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 741 B
757 B 377ms
363ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/bootstrap.transition.js?ver=3.3.6

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

bd6def1ae1509946499390f95acaa1fd39a76452c8312f165d2bc0b791c9e0ef

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Oct 2021 00:17:17 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"2e5-5cefa0cee5fb2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bootstrap.tooltip.js Show response
threatresearch.ext.hp.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 11 KB
4 KB 377ms
363ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/bootstrap.tooltip.js?ver=3.3.5

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

23263a19c0dc4b29036a56f858a2b6f915ea0e415ed7c46071a071f170626c88

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Oct 2021 00:17:17 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"2a6e-5cefa0cee5fb2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bootstrap.modal.js Show response
threatresearch.ext.hp.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 4 KB
2 KB 377ms
364ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/bootstrap.modal.js?ver=3.1.1

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

9a2d11b76feb7a9e531a9d055fae88e495017645e5c823a010c818a7744b2c45

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Oct 2021 00:17:17 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"f86-5cefa0cee5fb2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.requestAnimationFrame.js Show response
threatresearch.ext.hp.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 695 B
729 B 377ms
364ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.requestAnimationFrame.js?ver=1

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

980aba21181e373e49d5e2602223454f0bb78ccb263eabcfb850abb14ad8c904

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Oct 2021 00:17:17 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"2b7-5cefa0cee5bca"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.easing.js Show response
threatresearch.ext.hp.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 2 KB
1 KB 377ms
364ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.easing.js?ver=1.3

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

c8c066c331d08eaf858338789a0499c5ad85cfc6325d7685ea8a9463750d8684

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Oct 2021 00:17:17 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"8eb-5cefa0cee639a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.fitvids.js Show response
threatresearch.ext.hp.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 2 KB
1 KB 377ms
364ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.fitvids.js?ver=1.1

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

233cb2b905dec5df68df039e52e26980f674880fee51a8f6b7f75486760f1f3e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Oct 2021 00:17:17 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"6e7-5cefa0cee5bca"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.flexslider.js Show response
threatresearch.ext.hp.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 22 KB
6 KB 378ms
365ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.flexslider.js?ver=2.7.2

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

f2d424362aca158ad49da19b48c212e687fbed93ece9fed06fcf8871f5f64c5f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Oct 2021 00:17:17 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"57ca-5cefa0cee639a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.ilightbox.js Show response
threatresearch.ext.hp.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 80 KB
24 KB 378ms
365ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.ilightbox.js?ver=2.2.3

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

a83f97dd7536fbcc1bafa5c1be111c22e399d9b42edd945d7b4af211b13c514d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Oct 2021 00:17:17 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"14190-5cefa0cee5fb2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.mousewheel.js Show response
threatresearch.ext.hp.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 3 KB
1 KB 378ms
365ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.mousewheel.js?ver=3.0.6

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

cce83fa2c5096e414c0e32c9fc07ba011e2f4d67a51f9c4155651122329ec0dc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Oct 2021 00:17:17 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"a41-5cefa0cee639a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.placeholder.js Show response
threatresearch.ext.hp.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 2 KB
1 KB 378ms
365ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.placeholder.js?ver=2.0.7

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

fa34de993dea91eb0120c3745378192fa1177ba8ec5772e08632318d1d5e1267

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Oct 2021 00:17:17 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"880-5cefa0cee5fb2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.fade.js Show response
threatresearch.ext.hp.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 1 KB
831 B 378ms
366ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.fade.js?ver=1

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

836e98f92408ccb7250927acef9b494fbacc18678ef18888f835101557bddd37

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Oct 2021 00:17:17 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"48a-5cefa0cee639a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fusion-equal-heights.js Show response
threatresearch.ext.hp.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/ 1 KB
962 B 378ms
366ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-equal-heights.js?ver=1

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

d3d1fc3b726f87e9440670838b6d33dc22ee1c854274724b27de90be75d1069c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Oct 2021 00:17:17 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"55b-5cefa0cee53fa"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fusion-parallax.js Show response
threatresearch.ext.hp.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 12 KB
3 KB 378ms
366ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/fusion-parallax.js?ver=1

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

a1e265af7b140bf70ba7a061b8ddee61e32ced0c50d985f0b05cdfe061112cb5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Oct 2021 00:17:17 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"2ef3-5cefa0cee5bca"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fusion-video-general.js Show response
threatresearch.ext.hp.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 3 KB
1 KB 379ms
367ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/fusion-video-general.js?ver=1

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

ea2dd31704608166bfd31e6c1b54027061ea568cd9aa1163656843a5907ac45d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Oct 2021 00:17:17 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"d31-5cefa0cee5bca"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fusion-video-bg.js Show response
threatresearch.ext.hp.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 4 KB
2 KB 379ms
367ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/fusion-video-bg.js?ver=1

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

46af13bd348d946968c6bd1c844dccbca02856ecdcaa8dcb35969e99d1399562

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Oct 2021 00:17:17 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"1192-5cefa0cee5fb2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fusion-lightbox.js Show response
threatresearch.ext.hp.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/ 7 KB
2 KB 379ms
367ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-lightbox.js?ver=1

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

b662bc3fe280e89adbb250cc5237e6a6012f9bb6aca4ed6052a459e6837a7aba

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Oct 2021 00:17:17 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"1c86-5cefa0cee57e2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fusion-tooltip.js Show response
threatresearch.ext.hp.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/ 849 B
712 B 379ms
368ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-tooltip.js?ver=1

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

4ea735c25bb36d6130e169c43dd545f9ab091b791672b1538046ebedef3308f6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Oct 2021 00:17:17 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"351-5cefa0cee57e2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fusion-sharing-box.js Show response
threatresearch.ext.hp.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/ 945 B
725 B 380ms
368ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-sharing-box.js?ver=1

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

45a6eea93903fe37410887ca5eb4605572ecfaf1968387365ec9ed9331a36487

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Oct 2021 00:17:17 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"3b1-5cefa0cee57e2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.sticky-kit.js Show response
threatresearch.ext.hp.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 6 KB
2 KB 380ms
368ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.sticky-kit.js?ver=1.1.2

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

87a5d2695ca566cd18fcecad1d456ea816f37a1d0be39d02fd3207fc6d814078

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Oct 2021 00:17:17 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"1706-5cefa0cee5fb2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fusion-youtube.js Show response
threatresearch.ext.hp.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 4 KB
2 KB 380ms
369ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/fusion-youtube.js?ver=2.2.1

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

828ef7357ef25a04a505c7f21b1418620b4c13faec1ac0d562e2127400c751fb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Oct 2021 00:17:17 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"10c3-5cefa0cee639a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vimeoPlayer.js Show response
threatresearch.ext.hp.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 16 KB
6 KB 380ms
369ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/vimeoPlayer.js?ver=2.2.1

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

501c8b7edd85aa5b93a52254d40cf04d754018292b113caf7f76441701d30a0a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Oct 2021 00:17:17 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"40bd-5cefa0cee5fb2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 avada-general-footer.js Show response
threatresearch.ext.hp.com/wp-content/themes/Avada/assets/min/js/general/ 413 B
596 B 380ms
369ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/themes/Avada/assets/min/js/general/avada-general-footer.js?ver=7.5

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

61e7bb6d0210c308eb1f6153f18b4063eb715fde885b7d20b4d209d3fcb5a217

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Oct 2021 00:17:17 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"19d-5cefa0cec6f91"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 avada-quantity.js Show response
threatresearch.ext.hp.com/wp-content/themes/Avada/assets/min/js/general/ 2 KB
1 KB 381ms
370ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/themes/Avada/assets/min/js/general/avada-quantity.js?ver=7.5

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

fb973b78d9c01f9cd135fa7a5b10e8e163739cc709902f20b4524f3262675ba5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Oct 2021 00:17:17 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"739-5cefa0cec7379"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 avada-crossfade-images.js Show response
threatresearch.ext.hp.com/wp-content/themes/Avada/assets/min/js/general/ 418 B
597 B 381ms
370ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/themes/Avada/assets/min/js/general/avada-crossfade-images.js?ver=7.5

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

80e9a74251b9a8f1f7e72a0ea7cbd8905e4777b931e92b09f545087161fa0b37

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Oct 2021 00:17:17 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"1a2-5cefa0cec7379"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 avada-select.js Show response
threatresearch.ext.hp.com/wp-content/themes/Avada/assets/min/js/general/ 886 B
724 B 381ms
370ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/themes/Avada/assets/min/js/general/avada-select.js?ver=7.5

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

bf3722b93fa395dc556c14f331f86a9d5e31fa813e46f0cfcb8afd19fae33034

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Oct 2021 00:17:17 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"376-5cefa0cec6f91"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 avada-tabs-widget.js Show response
threatresearch.ext.hp.com/wp-content/themes/Avada/assets/min/js/general/ 503 B
638 B 381ms
370ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/themes/Avada/assets/min/js/general/avada-tabs-widget.js?ver=7.5

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

6afaae08a9346fc9ca891d0d80f8483905c1421bca9f918506150566d3912e9a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Oct 2021 00:17:17 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"1f7-5cefa0cec7761"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 avada-rev-styles.js Show response
threatresearch.ext.hp.com/wp-content/themes/Avada/assets/min/js/general/ 3 KB
945 B 381ms
371ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/themes/Avada/assets/min/js/general/avada-rev-styles.js?ver=7.5

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

68bec0121363230f259b5abcfe8287100777c0e3b3d7bfb619d18273a6aa4728

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Oct 2021 00:17:17 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"ad6-5cefa0cec7379"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.elasticslider.js Show response
threatresearch.ext.hp.com/wp-content/themes/Avada/assets/min/js/library/ 4 KB
2 KB 381ms
371ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/themes/Avada/assets/min/js/library/jquery.elasticslider.js?ver=7.5

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

11f4df8462b2edc6add3928ab5f30dcab77f69c29c0e175b1888f4cb6275823c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Oct 2021 00:17:17 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"11c1-5cefa0cec7761"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 avada-live-search.js Show response
threatresearch.ext.hp.com/wp-content/themes/Avada/assets/min/js/general/ 3 KB
1 KB 382ms
371ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/themes/Avada/assets/min/js/general/avada-live-search.js?ver=7.5

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

c9bf057820b3b0223c468e08beb0d41a12b451e224308149bc05f0d4a607fcab

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Oct 2021 00:17:17 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"bfd-5cefa0cec7379"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 avada-comments.js Show response
threatresearch.ext.hp.com/wp-content/themes/Avada/assets/min/js/general/ 1 KB
852 B 382ms
372ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/themes/Avada/assets/min/js/general/avada-comments.js?ver=7.5

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

533e8584fd371930ebddd9c847766750939d7f11e3bed6c1ce6b5bc126ba5eca

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Oct 2021 00:17:17 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"502-5cefa0cec7761"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fusion-alert.js Show response
threatresearch.ext.hp.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/ 260 B
588 B 382ms
372ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-alert.js?ver=5.8.2

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

eb6481e44617b3e40d345b2df5e20965503b4ab87c9346a43894f93a601ccde7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Oct 2021 00:17:17 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"104-5cefa0cee53fa"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fusion-flexslider.js Show response
threatresearch.ext.hp.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/ 6 KB
2 KB 382ms
372ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-flexslider.js?ver=5.8.2

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

cb56816d72e7289b2aab8ba19bd1bdb4708cbbc7e70d7f38f9138a4dd10215a5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Oct 2021 00:17:17 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"195e-5cefa0cee57e2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fusion-column-legacy.js Show response
threatresearch.ext.hp.com/wp-content/plugins/fusion-builder/assets/js/min/general/ 2 KB
807 B 382ms
372ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-column-legacy.js?ver=5.8.2

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

bc7b145a0eb35703d5ce10b9204920b9d09e4454bc2288addc9ed5142862f9cd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Oct 2021 00:20:20 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"619-5cefa17d4ef4e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.textillate.js Show response
threatresearch.ext.hp.com/wp-content/plugins/fusion-builder/assets/js/min/library/ 6 KB
2 KB 382ms
372ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/plugins/fusion-builder/assets/js/min/library/jquery.textillate.js?ver=2.0

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

e8b416c2f2a14bb138209a5ce434802a742d3de53ce668445485e5423efa1fb2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Oct 2021 00:20:20 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"1717-5cefa17d4f71e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fusion-title.js Show response
threatresearch.ext.hp.com/wp-content/plugins/fusion-builder/assets/js/min/general/ 3 KB
2 KB 382ms
372ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-title.js?ver=5.8.2

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

8edb9219b445a1c8563996fcce85a134a0792d984f355208c59ea2b9937d8842

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Oct 2021 00:20:20 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"db1-5cefa17d4ef4e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fusion-modal.js Show response
threatresearch.ext.hp.com/wp-content/plugins/fusion-builder/assets/js/min/general/ 2 KB
1 KB 382ms
373ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-modal.js?ver=1

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

38d473ccf1d052f10f6d310cb2250d360f2f94a338096c6d35dd6a89a52e9f1b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Oct 2021 00:20:20 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"9c7-5cefa17d4eb66"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fusion-container.js Show response
threatresearch.ext.hp.com/wp-content/plugins/fusion-builder/assets/js/min/general/ 15 KB
3 KB 382ms
373ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-container.js?ver=1

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

affb9932bff9e7dbe3083ea34d06d7f6e68c86ef53b0758d23ba9d10c16174b8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Oct 2021 00:20:20 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"3d39-5cefa17d4eb66"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 avada-elastic-slider.js Show response
threatresearch.ext.hp.com/wp-content/themes/Avada/assets/min/js/general/ 565 B
631 B 382ms
373ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/themes/Avada/assets/min/js/general/avada-elastic-slider.js?ver=7.5

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

3647d841b21197b1efa74e92c861a3bf4cebef0f9a33f5a4c0ea276d74c768b0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Oct 2021 00:17:17 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"235-5cefa0cec7379"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 avada-drop-down.js Show response
threatresearch.ext.hp.com/wp-content/themes/Avada/assets/min/js/general/ 6 KB
1 KB 382ms
373ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/themes/Avada/assets/min/js/general/avada-drop-down.js?ver=7.5

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

579683e317a76a9a6758e42680b394e80957cbdd2863c25abac9a875852abfc7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Oct 2021 00:17:17 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"17b6-5cefa0cec6f91"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 avada-to-top.js Show response
threatresearch.ext.hp.com/wp-content/themes/Avada/assets/min/js/general/ 1017 B
835 B 382ms
373ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/themes/Avada/assets/min/js/general/avada-to-top.js?ver=7.5

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

2b2c2f9810fbe4d8643c2f6b9359daa7dd67b78cffa63e6746202c76d068547e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Oct 2021 00:17:17 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"3f9-5cefa0cec6f91"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 avada-header.js Show response
threatresearch.ext.hp.com/wp-content/themes/Avada/assets/min/js/general/ 31 KB
4 KB 382ms
373ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/themes/Avada/assets/min/js/general/avada-header.js?ver=7.5

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

80669a9bb1655e529ea0f150945f879706df8fc3957bc1c02d07cdbb6862f60b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Oct 2021 00:17:17 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"7d2b-5cefa0cec7379"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 avada-menu.js Show response
threatresearch.ext.hp.com/wp-content/themes/Avada/assets/min/js/general/ 39 KB
7 KB 382ms
374ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/themes/Avada/assets/min/js/general/avada-menu.js?ver=7.5

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

09a2d5f4065c547c82893c26713886f89ae6ca574e7628a0568007cebe5fa62f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Oct 2021 00:17:17 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"9a58-5cefa0cec7379"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bootstrap.scrollspy.js Show response
threatresearch.ext.hp.com/wp-content/themes/Avada/assets/min/js/library/ 3 KB
1 KB 382ms
374ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/themes/Avada/assets/min/js/library/bootstrap.scrollspy.js?ver=3.3.2

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

5c569522330e4e6b040229701ae98650839c5baa9912e15f821ffef8341187f5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Oct 2021 00:17:17 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"a9a-5cefa0cec7761"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 avada-scrollspy.js Show response
threatresearch.ext.hp.com/wp-content/themes/Avada/assets/min/js/general/ 729 B
711 B 382ms
374ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/themes/Avada/assets/min/js/general/avada-scrollspy.js?ver=7.5

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

b3189d819e9c55418f99bf36614b7f942e7f8205d410f16a7038b90d4e9b0ae6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Oct 2021 00:17:17 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"2d9-5cefa0cec6f91"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fusion-responsive-typography.js Show response
threatresearch.ext.hp.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/ 3 KB
1 KB 382ms
374ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-responsive-typography.js?ver=1

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

4cb4122592bfa905b2f19c491d0beb0f47a6e609694998e2f002e5e5d403b521

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Oct 2021 00:17:17 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"dd8-5cefa0cee57e2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fusion-scroll-to-anchor.js Show response
threatresearch.ext.hp.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/ 5 KB
2 KB 382ms
374ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-scroll-to-anchor.js?ver=1

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

4fa7ec697bf8621323b54ea9564039c9522a9d18e14c7e760df8c6bf03a961a3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Oct 2021 00:17:17 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"1548-5cefa0cee53fa"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fusion-general-global.js Show response
threatresearch.ext.hp.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/ 496 B
633 B 382ms
374ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-general-global.js?ver=1

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

709432d669fa084fba23a097defbdecc8097a07717c30ac6f915314bf2a05933

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Oct 2021 00:17:17 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"1f0-5cefa0cee53fa"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fusion-video.js Show response
threatresearch.ext.hp.com/wp-content/plugins/fusion-builder/assets/js/min/general/ 2 KB
1 KB 382ms
374ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-video.js?ver=1

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

9a0a34bc67f5d3623591214473ac2d449be18a8ce1cb5e531b185ef22a09b31f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Oct 2021 00:20:20 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"815-5cefa17d4ef4e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fusion-column.js Show response
threatresearch.ext.hp.com/wp-content/plugins/fusion-builder/assets/js/min/general/ 666 B
674 B 383ms
375ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-column.js?ver=1

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

2dfc6869335d78decb5a3d0fe0220dd780f6d14312a294341c8e42db6d0d21b8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Oct 2021 00:20:20 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"29a-5cefa17d4ef4e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 core.min.js Show response
threatresearch.ext.hp.com/wp-includes/js/jquery/ui/ 20 KB
7 KB 383ms
375ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-includes/js/jquery/ui/core.min.js?ver=1.12.1

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Fri, 30 Apr 2021 03:10:53 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5133-5c127f5aa8d41"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 datepicker.min.js Show response
threatresearch.ext.hp.com/wp-includes/js/jquery/ui/ 35 KB
11 KB 383ms
375ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.12.1

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

9fd95260ee110232e2e143adfb5c5f0df7ffee9d2513288ff4102d9e401c663c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Fri, 27 Aug 2021 03:00:41 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"8d34-5ca81b05bf3d2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mouse.min.js Show response
threatresearch.ext.hp.com/wp-includes/js/jquery/ui/ 3 KB
1 KB 383ms
375ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-includes/js/jquery/ui/mouse.min.js?ver=1.12.1

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

93ffe8a780b4034c7b14ac0d57d752368b53eafc734d906c8cdf3d3642a9eb36

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Fri, 30 Apr 2021 03:10:53 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"d34-5c127f5aa8189"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 slider.min.js Show response
threatresearch.ext.hp.com/wp-includes/js/jquery/ui/ 10 KB
3 KB 383ms
375ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-includes/js/jquery/ui/slider.min.js?ver=1.12.1

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

97c8f279229e1db1fc340de3c4fbf154ee841b0d7015ed146f4bc9ea100906bd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Fri, 27 Aug 2021 03:00:41 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"29d8-5ca81b05bf3d2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.ui.touch-punch.js Show response
threatresearch.ext.hp.com/wp-includes/js/jquery/ 1 KB
946 B 383ms
375ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-includes/js/jquery/jquery.ui.touch-punch.js?ver=0.2.2

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

196bed4faf0fe38b89a496b1f41319b2a8077263f85819f8ad42933e0a2e2e52

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Mon, 17 Dec 2018 17:45:39 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"49b-57d3b595776c0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mediaelement-and-player.min.js Show response
threatresearch.ext.hp.com/wp-includes/js/mediaelement/ 154 KB
35 KB 383ms
376ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

443ba0af7a7ed827223c7fb3c008c02b9ff1d651b6492e9c270378b07d9f6008

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Fri, 30 Apr 2021 03:10:53 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"267aa-5c127f5aab83a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mediaelement-migrate.min.js Show response
threatresearch.ext.hp.com/wp-includes/js/mediaelement/ 1 KB
917 B 383ms
376ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=5.8.2

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

7f34b768792b90cf0b04fced2470e43d8fab7644f6565d5178fbfb49c4859cee

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Fri, 30 Apr 2021 03:10:53 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"4a9-5c127f5aab83a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-mediaelement.min.js Show response
threatresearch.ext.hp.com/wp-includes/js/mediaelement/ 906 B
829 B 383ms
376ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=5.8.2

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

3e6131330963c472b950b8aaf544ba3829735b8ccb103d614ba7793e3a786550

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Fri, 30 Apr 2021 03:10:53 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"38a-5c127f5aab452"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 underscore.min.js Show response
threatresearch.ext.hp.com/wp-includes/js/ 19 KB
7 KB 383ms
376ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-includes/js/underscore.min.js?ver=1.13.1

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Fri, 27 Aug 2021 03:00:41 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"4a84-5ca81b05be432"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-util.min.js Show response
threatresearch.ext.hp.com/wp-includes/js/ 1 KB
1 KB 383ms
376ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-includes/js/wp-util.min.js?ver=5.8.2

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

b8e78b48acc08ce31457aff168d6fb2c814d51a8739a97693cdba585d60f5b35

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Fri, 27 Aug 2021 03:00:41 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"53c-5ca81b05c16fb"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 backbone.min.js Show response
threatresearch.ext.hp.com/wp-includes/js/ 23 KB
8 KB 383ms
376ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-includes/js/backbone.min.js?ver=1.4.0

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

bfa9441fac08fbebcfc65e202a788744aab8e4b1f634eaaf800256dce5012813

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Fri, 30 Apr 2021 03:10:53 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5d0a-5c127f5aa9129"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-playlist.min.js Show response
threatresearch.ext.hp.com/wp-includes/js/mediaelement/ 3 KB
1 KB 383ms
377ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-includes/js/mediaelement/wp-playlist.min.js?ver=5.8.2

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

da360ca7e83587e1bd7c15be023c50be227e22ac5322d0b405585ddd4d542952

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Tue, 17 Dec 2019 03:59:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"d67-599de5bea5467"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 views-frontend.js Show response
threatresearch.ext.hp.com/wp-content/plugins/wp-views/public/js/ 76 KB
13 KB 383ms
377ms Script
application/javascript 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/plugins/wp-views/public/js/views-frontend.js?ver=3.6.1

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

14d05a8eaa240594562514e267d5dc4578cbb84a27b020345334c2a335fa2242

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Fri, 24 Sep 2021 00:15:28 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"1316a-5ccb2a502382c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-httpd: 1
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 786ms
106ms Script
application/x-javascript 104.121.173.167
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.121.173.167 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-121-173-167.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4bf3aca933aa233702f890083af601fb16149ec8a17f8c1b90d30450562bde08

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 21:22:47 GMT
Content-Encoding: gzip
Last-Modified: Fri, 29 Oct 2021 01:24:07 GMT
Server: AkamaiNetStorage
ETag: "461ce1cffaadfebf2e7659745618ba8e:1635470647.434977"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 753

GET
H2 200 awb-icons.woff
threatresearch.ext.hp.com/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/ 19 KB
19 KB 380ms
377ms Font
font/woff 192.124.249.59
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://threatresearch.ext.hp.com/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/awb-icons.woff

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.59 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10059.sucuri.net

Software

nginx /

Resource Hash

5efd842e976610278c76b11ffcfecc869e13763685cbda1febb8437e49f868c9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://threatresearch.ext.hp.com/detecting-ta551-domains/
Origin: https://threatresearch.ext.hp.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 19096
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Oct 2021 00:17:17 GMT
server: nginx
etag: "4a98-5cefa0cee4842"
x-frame-options: SAMEORIGIN
content-type: font/woff
access-control-allow-origin: *
x-httpd: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: HIT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ 13 KB
13 KB 160ms
48ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v18/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatresearch.ext.hp.com/
Origin: https://threatresearch.ext.hp.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 14:56:27 GMT
x-content-type-options: nosniff
age: 23179
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13080
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:10:26 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 15 Dec 2022 14:56:27 GMT

GET
H2 200 Qw3aZQNVED7rKGKxtqIqX5EUDXx4.woff2
fonts.gstatic.com/s/josefinsans/v20/ 26 KB
26 KB 176ms
63ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/josefinsans/v20/Qw3aZQNVED7rKGKxtqIqX5EUDXx4.woff2

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa1c72e44c5aa91d24fc6ef2966a7d68363dd342bc325989e9f4dfaae39f54f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatresearch.ext.hp.com/
Origin: https://threatresearch.ext.hp.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:36:29 GMT
x-content-type-options: nosniff
age: 459977
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26696
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 17:20:40 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 10 Dec 2022 13:36:29 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
35 KB 64ms
63ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-31745238-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-197588716-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

368d51a97790b090cb0597daa63b23f2a867d7c2cf8f14a33bc899263b5237aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:47 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36216
x-xss-protection: 0
last-modified: Wed, 15 Dec 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 15 Dec 2021 21:22:47 GMT

GET
H2 200 ipv
cdn.bizible.com/m/ 43 B
328 B 49ms
49ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizible.com/m/ipv?_biz_r=&_biz_h=-1906410348&_biz_u=58b70cc47e9849cacf7bbdd37626399f&_biz_s=a86f0&_biz_l=https%3A%2F%2Fthreatresearch.ext.hp.com%2Fdetecting-ta551-domains%2F&_biz_t=1639603366989&_biz_i=Detecting%20TA551%20domains%20%7C%20HP%20Wolf%20Security&_biz_n=0&rnd=894055&cdn_o=a&_biz_z=1639603366990
Requested by: Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6739) /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 21:22:47 GMT
last-modified: Thu, 09 Dec 2021 01:06:59 GMT
server: ECS (frb/6739)
age: 591348
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-store
accept-ranges: bytes
content-type: Image/GIF
content-length: 43
expires: -1

GET
H2 200 u
cdn.bizibly.com/ 43 B
203 B 55ms
54ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizibly.com/u?_biz_u=58b70cc47e9849cacf7bbdd37626399f&_biz_s=a86f0&_biz_l=https%3A%2F%2Fthreatresearch.ext.hp.com%2Fdetecting-ta551-domains%2F&_biz_t=1639603366992&_biz_i=Detecting%20TA551%20domains%20%7C%20HP%20Wolf%20Security&rnd=54329&cdn_o=a&_biz_z=1639603366992
Requested by: Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67C2) /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 21:22:47 GMT
last-modified: Thu, 09 Dec 2021 23:57:22 GMT
server: ECS (frb/67C2)
age: 509125
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-store
accept-ranges: bytes
content-type: Image/GIF
content-length: 43
expires: -1

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 236ms
106ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-31745238-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1301
date: Wed, 15 Dec 2021 21:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 15 Dec 2021 23:01:06 GMT

GET
H2 200 xdc.js Show response
cdn.bizible.com/ 84 B
388 B 214ms
213ms Script
text/javascript 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bizible.com/xdc.js?_biz_u=58b70cc47e9849cacf7bbdd37626399f&_biz_h=-1906410348&cdn_o=a&jsVer=4.21.11.30
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6711) /
Resource Hash: 6d22e660ead72f14b0aa8e3dfc8de1da35f17e3559b489e00692f15f50faa1a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:46 GMT
cache-control: private, must-revalidate, max-age=21600
server: ECS (frb/6711)
content-type: text/javascript; charset=utf-8
etag: EFEDFBC3
content-length: 84
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 clientlib-hf-fontface.2aff14648e5d3d664458b822534e3551.css
www8.hp.com/etc.clientlibs/HPIT-AEM-GLOBALNAV/clientlibs-globalnav/clientlibs-fonts/us/en/ 2 KB
675 B 135ms
134ms Stylesheet
text/css 104.121.152.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www8.hp.com/etc.clientlibs/HPIT-AEM-GLOBALNAV/clientlibs-globalnav/clientlibs-fonts/us/en/clientlib-hf-fontface.2aff14648e5d3d664458b822534e3551.css

Requested by

Host: www8.hp.com
URL: https://www8.hp.com/us/en/scripts/framework/jquery/v-1-8/jquery.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.121.152.52 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-121-152-52.deploy.static.akamaitechnologies.com

Software

Apache/2.4.6 (Red Hat Enterprise Linux) Communique/4.3.2 /

Resource Hash

245fbb6026df1dc8b342dae21ed2feff0ba0a23a6343ff378d7b99215d47e19f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-dispatcher: dispatcher2westus2
date: Wed, 15 Dec 2021 21:22:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-vhost: globalnav
content-length: 354
last-modified: Mon, 13 Dec 2021 20:49:12 GMT
server: Apache/2.4.6 (Red Hat Enterprise Linux) Communique/4.3.2
x-frame-options: SAMEORIGIN
etag: "9b3-5d30d347a0200-gzip"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=433263
accept-ranges: bytes
expires: Mon, 20 Dec 2021 21:43:50 GMT

GET
H2 200 clientlib-hpi-hf-r-css.2aff14648e5d3d664458b822534e3551.css
www8.hp.com/etc.clientlibs/HPIT-AEM-GLOBALNAV/clientlibs-globalnav/ 125 KB
13 KB 144ms
143ms Stylesheet
text/css 104.121.152.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www8.hp.com/etc.clientlibs/HPIT-AEM-GLOBALNAV/clientlibs-globalnav/clientlib-hpi-hf-r-css.2aff14648e5d3d664458b822534e3551.css

Requested by

Host: www8.hp.com
URL: https://www8.hp.com/us/en/scripts/framework/jquery/v-1-8/jquery.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.121.152.52 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-121-152-52.deploy.static.akamaitechnologies.com

Software

Apache/2.4.6 (Red Hat Enterprise Linux) Communique/4.3.2 /

Resource Hash

42c56e1b734c9a5ff17dbdd645670d8f3aa0f94ee5ab0209c87562a8f4a357bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-dispatcher: dispatcher2eastus2
date: Wed, 15 Dec 2021 21:22:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-vhost: globalnav
content-length: 13070
last-modified: Mon, 13 Dec 2021 20:49:13 GMT
server: Apache/2.4.6 (Red Hat Enterprise Linux) Communique/4.3.2
x-frame-options: SAMEORIGIN
etag: "1f4f8-5d30d34894440-gzip"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=433242
accept-ranges: bytes
expires: Mon, 20 Dec 2021 21:43:29 GMT

GET
H2 200 clientlib-hf-js.fe627df23691ae799489d82b8095a5f7.js Show response
www8.hp.com/etc.clientlibs/HPIT-AEM-GLOBALNAV/clientlibs-globalnav/ 227 KB
58 KB 249ms
249ms Script
application/javascript 104.121.152.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www8.hp.com/etc.clientlibs/HPIT-AEM-GLOBALNAV/clientlibs-globalnav/clientlib-hf-js.fe627df23691ae799489d82b8095a5f7.js

Requested by

Host: www8.hp.com
URL: https://www8.hp.com/us/en/scripts/framework/jquery/v-1-8/jquery.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.121.152.52 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-121-152-52.deploy.static.akamaitechnologies.com

Software

Apache/2.4.6 (Red Hat Enterprise Linux) Communique/4.3.2 /

Resource Hash

66de583396c82e9e1956721424d9f1a422870faba9d46986b5f45bef4b36b276

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-dispatcher: dispatcher2westus2
date: Wed, 15 Dec 2021 21:22:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-vhost: globalnav
content-length: 59231
last-modified: Mon, 13 Dec 2021 20:49:12 GMT
server: Apache/2.4.6 (Red Hat Enterprise Linux) Communique/4.3.2
x-frame-options: SAMEORIGIN
etag: "38d1d-5d30d347a0200-gzip"
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=433249
accept-ranges: bytes
expires: Mon, 20 Dec 2021 21:43:36 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 401 KB
93 KB 112ms
112ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PDHM2PK

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2443427f167766f8f510501f9ad97ecbe950a773f82b69623fac883cf69b7000

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:47 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95075
x-xss-protection: 0
expires: Wed, 15 Dec 2021 21:22:47 GMT

GET
H2 200 igu7ksp.css
use.typekit.net/ 3 KB
910 B 444ms
53ms Stylesheet
text/css 2a02:26f0:ef::5c7b:c25c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/igu7ksp.css

Requested by

Host: www8.hp.com
URL: https://www8.hp.com/etc.clientlibs/HPIT-AEM-GLOBALNAV/clientlibs-globalnav/clientlibs-fonts/us/en/clientlib-hf-fontface.2aff14648e5d3d664458b822534e3551.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ef::5c7b:c25c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

ac61caa96282b030749550bf4f33e240812d42ebaa3172f3b3fc565520349e1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www8.hp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Wed, 15 Dec 2021 21:22:47 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 678

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 201ms
110ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=660201548&t=pageview&_s=1&dl=https%3A%2F%2Fthreatresearch.ext.hp.com%2Fdetecting-ta551-domains%2F&ul=en-us&de=UTF-8&dt=Detecting%20TA551%20domains%20%7C%20HP%20Wolf%20Security&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=2085491374&gjid=1540745985&cid=7518477.1639603367&tid=UA-31745238-1&_gid=46436343.1639603367&_r=1&gtm=2ouc10&z=956723028

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://threatresearch.ext.hp.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 21:22:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://threatresearch.ext.hp.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 197ms
110ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=660201548&t=pageview&_s=1&dl=https%3A%2F%2Fthreatresearch.ext.hp.com%2Fdetecting-ta551-domains%2F&ul=en-us&de=UTF-8&dt=Detecting%20TA551%20domains%20%7C%20HP%20Wolf%20Security&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAAC~&jid=154822529&gjid=2073027063&cid=7518477.1639603367&tid=UA-197588716-1&_gid=46436343.1639603367&_r=1&gtm=2ouc10&did=dZGIzZG&gdid=dZGIzZG&z=65741298

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://threatresearch.ext.hp.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 21:22:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://threatresearch.ext.hp.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 189ms
103ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=660201548&t=pageview&_s=2&dl=https%3A%2F%2Fthreatresearch.ext.hp.com%2Fdetecting-ta551-domains%2F&ul=en-us&de=UTF-8&dt=Detecting%20TA551%20domains%20%7C%20HP%20Wolf%20Security&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAAC~&jid=&gjid=&cid=7518477.1639603367&tid=UA-31745238-1&_gid=46436343.1639603367&gtm=2ouc10&did=dZGIzZG&gdid=dZGIzZG&z=755294211

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 01:56:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 69981
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/161/ 11 KB
5 KB 118ms
118ms Script
application/x-javascript 104.121.173.167
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/161/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.121.173.167 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-121-173-167.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c2aee78040b4ed46c2377e6825db12a9691a2eb584adf338e77312c8978d8537

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 21:22:47 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Sep 2021 00:38:21 GMT
Server: AkamaiNetStorage
ETag: "0e0eefac8daf874e8b1aa34aeb160c52:1631061501.737429"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 4681
Expires: Fri, 25 Mar 2022 21:22:47 GMT

GET
H2 200 privacy-banner.js Show response
www.hp.com/cma/ng/lib/exceptions/ 36 KB
19 KB 113ms
112ms Script
text/javascript 2a02:26f0:fb::5f64:9952
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hp.com/cma/ng/lib/exceptions/privacy-banner.js

Requested by

Host: www8.hp.com
URL: https://www8.hp.com/etc.clientlibs/HPIT-AEM-GLOBALNAV/clientlibs-globalnav/clientlib-hf-js.fe627df23691ae799489d82b8095a5f7.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb::5f64:9952 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

d13387653d66a2b69f03b18aa15c681d81b9b2fc25bf66bf0525802ba706da05

Security Headers

Name	Value
Strict-Transport-Security	max-age=600
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
akamai-grn: , , , , 0.4e99645f.1639603367.1d1d83ef
etag: "5d2ccc633d400"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=7200
strict-transport-security: max-age=600
accept-ranges: bytes
content-length: 18798
expires: Wed, 15 Dec 2021 23:22:47 GMT

GET
H2 200 united_states.gif
www8.hp.com/content/dam/hpit-aem-globalnav/flags/ 296 B
488 B 107ms
107ms Image
image/webp 104.121.152.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www8.hp.com/content/dam/hpit-aem-globalnav/flags/united_states.gif
Requested by: Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.121.152.52 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-121-152-52.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 848f5ae901a6db38f9cdb30ad9d2908962b6bad10c6ca2239cc9e5c73040fb2b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:47 GMT
last-modified: Tue, 06 Oct 2020 21:30:45 GMT
server: Akamai Image Manager
etag: "253-5ad18c2b4c340"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=43200
content-length: 296
expires: Thu, 16 Dec 2021 09:22:47 GMT

GET
H2 200 worldmap_old.jpg
www8.hp.com/content/dam/hpit-aem-globalnav/ 19 KB
19 KB 109ms
108ms Image
image/jpeg 104.121.152.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www8.hp.com/content/dam/hpit-aem-globalnav/worldmap_old.jpg
Requested by: Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.121.152.52 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-121-152-52.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 35aaba0db8356ff16ea47d9ed2e8bb77b9cd3e72c83082c50c9a807cbbd3f003

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:47 GMT
x-check-cacheable: YES
x-serial: 1646
etag: "4a8a-5b1239eb22500"
content-type: image/jpeg
cache-control: private, no-transform, max-age=43200
last-modified: Fri, 09 Oct 2020 03:23:42 GMT
content-length: 19082
server: Akamai Image Manager
expires: Thu, 16 Dec 2021 09:22:47 GMT

GET
H2 200 footericons.woff
www8.hp.com/etc.clientlibs/HPIT-AEM-GLOBALNAV/clientlibs-globalnav/clientlib-hpi-hf-css/resources/fonts/ 8 KB
4 KB 245ms
73ms Font
application/x-font-woff 104.121.152.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www8.hp.com/etc.clientlibs/HPIT-AEM-GLOBALNAV/clientlibs-globalnav/clientlib-hpi-hf-css/resources/fonts/footericons.woff

Requested by

Host: www8.hp.com
URL: https://www8.hp.com/etc.clientlibs/HPIT-AEM-GLOBALNAV/clientlibs-globalnav/clientlib-hpi-hf-r-css.2aff14648e5d3d664458b822534e3551.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.121.152.52 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-121-152-52.deploy.static.akamaitechnologies.com

Software

Apache/2.4.6 (Red Hat Enterprise Linux) Communique/4.3.2 /

Resource Hash

140b71e7ee1bc50ac88eacc4d1baf755e3799a112cfc8e1dae02ae0f14f26ead

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www8.hp.com/etc.clientlibs/HPIT-AEM-GLOBALNAV/clientlibs-globalnav/clientlib-hpi-hf-r-css.2aff14648e5d3d664458b822534e3551.css
Origin: https://threatresearch.ext.hp.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-dispatcher: dispatcher1eastus2
date: Wed, 15 Dec 2021 21:22:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-vhost: globalnav
content-length: 3860
last-modified: Mon, 17 Aug 2020 19:53:28 GMT
server: Apache/2.4.6 (Red Hat Enterprise Linux) Communique/4.3.2
x-frame-options: SAMEORIGIN
etag: "2088-5ad181fce7e00-gzip"
vary: Accept-Encoding
content-type: application/x-font-woff
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 16 Dec 2021 21:22:47 GMT

GET
H2 200 newhplogo.ttf
www8.hp.com/etc.clientlibs/HPIT-AEM-GLOBALNAV/clientlibs-globalnav/clientlib-hpi-hf-css/resources/fonts/ 1 KB
1 KB 252ms
81ms Font
application/x-font-ttf 104.121.152.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www8.hp.com/etc.clientlibs/HPIT-AEM-GLOBALNAV/clientlibs-globalnav/clientlib-hpi-hf-css/resources/fonts/newhplogo.ttf

Requested by

Host: www8.hp.com
URL: https://www8.hp.com/etc.clientlibs/HPIT-AEM-GLOBALNAV/clientlibs-globalnav/clientlib-hpi-hf-r-css.2aff14648e5d3d664458b822534e3551.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.121.152.52 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-121-152-52.deploy.static.akamaitechnologies.com

Software

Apache/2.4.6 (Red Hat Enterprise Linux) Communique/4.3.2 /

Resource Hash

d075070aee6fff82f826766497e5141a38f5ae89ec2d91600c7ba9da58191e35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www8.hp.com/etc.clientlibs/HPIT-AEM-GLOBALNAV/clientlibs-globalnav/clientlib-hpi-hf-r-css.2aff14648e5d3d664458b822534e3551.css
Origin: https://threatresearch.ext.hp.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-dispatcher: dispatcher1eastus2
date: Wed, 15 Dec 2021 21:22:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-vhost: globalnav
content-length: 737
last-modified: Thu, 01 Oct 2020 18:02:05 GMT
server: Apache/2.4.6 (Red Hat Enterprise Linux) Communique/4.3.2
x-frame-options: SAMEORIGIN
etag: "4c0-5b09fd053e140-gzip"
vary: Accept-Encoding
content-type: application/x-font-ttf
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 16 Dec 2021 21:22:47 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
446 B 184ms
57ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-31745238-1&cid=7518477.1639603367&jid=2085491374&gjid=1540745985&_gid=46436343.1639603367&_u=YEBAAUAAAAAAAC~&z=1193673665

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://threatresearch.ext.hp.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 15 Dec 2021 21:22:47 GMT
content-type: text/plain
access-control-allow-origin: https://threatresearch.ext.hp.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK visitWebPage
497-itq-712.mktoresp.com/webevents/ 2 B
311 B 715ms
136ms Ping
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://497-itq-712.mktoresp.com/webevents/visitWebPage?_mchNc=1639603367663&_mchCn=&_mchId=497-ITQ-712&_mchTk=_mch-hp.com-1639603367663-78558&_mchHo=threatresearch.ext.hp.com&_mchPo=&_mchRu=%2Fdetecting-ta551-domains%2F&_mchPc=https%3A&_mchVr=161&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/161/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://threatresearch.ext.hp.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 15 Dec 2021 21:22:48 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 20fa5cbf-2642-4727-81a0-b73065fc8948

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 19 KB
7 KB 179ms
72ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.hp.com
URL: https://www.hp.com/cma/ng/lib/exceptions/privacy-banner.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d2a74d8b25e1ccd4b1294b0b937804bc24aeea7f46edad3f3c1f91604d2708c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 15 Dec 2021 21:22:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: BXRr8anumVFsMvgN5QlueA==
age: 602
vary: Accept-Encoding
content-length: 6508
x-ms-lease-status: unlocked
last-modified: Mon, 13 Dec 2021 20:19:26 GMT
server: cloudflare
etag: 0x8D9BE75DC2F7AD9
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 63169a6a-f01e-006a-1a66-f0844d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6be2bab93abb68fe-FRA

GET
H2 200 p.css
p.typekit.net/ 5 B
181 B 190ms
60ms Stylesheet
text/css 2a02:26f0:df:69f::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=igu7ksp&ht=tk&f=30360.30361.30364&a=50490805&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/igu7ksp.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:df:69f::19fd Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:47 GMT
last-modified: Wed, 02 Sep 2020 00:59:10 GMT
server: nginx
etag: "5f4eee5e-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 latest_icons.woff
www8.hp.com/etc.clientlibs/HPIT-AEM-GLOBALNAV/clientlibs-globalnav/clientlib-hpi-hf-css/resources/fonts/ 1 KB
1 KB 59ms
58ms Font
application/x-font-woff 104.121.152.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www8.hp.com/etc.clientlibs/HPIT-AEM-GLOBALNAV/clientlibs-globalnav/clientlib-hpi-hf-css/resources/fonts/latest_icons.woff

Requested by

Host: www8.hp.com
URL: https://www8.hp.com/etc.clientlibs/HPIT-AEM-GLOBALNAV/clientlibs-globalnav/clientlib-hpi-hf-r-css.2aff14648e5d3d664458b822534e3551.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.121.152.52 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-121-152-52.deploy.static.akamaitechnologies.com

Software

Apache/2.4.6 (Red Hat Enterprise Linux) Communique/4.3.2 /

Resource Hash

7a156f2f864432042b65e6a619f067bca03c7eaf855a7dcce14166f2f77a3487

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www8.hp.com/etc.clientlibs/HPIT-AEM-GLOBALNAV/clientlibs-globalnav/clientlib-hpi-hf-r-css.2aff14648e5d3d664458b822534e3551.css
Origin: https://threatresearch.ext.hp.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-dispatcher: dispatcher1eastus2
date: Wed, 15 Dec 2021 21:22:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-vhost: globalnav
content-length: 839
last-modified: Mon, 17 Aug 2020 19:53:28 GMT
server: Apache/2.4.6 (Red Hat Enterprise Linux) Communique/4.3.2
x-frame-options: SAMEORIGIN
etag: "5a4-5ad181fce7e00-gzip"
vary: Accept-Encoding
content-type: application/x-font-woff
access-control-allow-origin: *
cache-control: public, max-age=76076
accept-ranges: bytes
expires: Thu, 16 Dec 2021 18:30:43 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 182ms
72ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-31745238-1&cid=7518477.1639603367&jid=2085491374&_u=YEBAAUAAAAAAAC~&z=243732773

Requested by

Host: threatresearch.ext.hp.com
URL: https://threatresearch.ext.hp.com/detecting-ta551-domains/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 21:22:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 exparrow.ttf
www8.hp.com/etc.clientlibs/HPIT-AEM-GLOBALNAV/clientlibs-globalnav/clientlib-hpi-hf-css/resources/fonts/ 1 KB
919 B 124ms
123ms Font
application/x-font-ttf 104.121.152.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www8.hp.com/etc.clientlibs/HPIT-AEM-GLOBALNAV/clientlibs-globalnav/clientlib-hpi-hf-css/resources/fonts/exparrow.ttf

Requested by

Host: www8.hp.com
URL: https://www8.hp.com/etc.clientlibs/HPIT-AEM-GLOBALNAV/clientlibs-globalnav/clientlib-hpi-hf-r-css.2aff14648e5d3d664458b822534e3551.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.121.152.52 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-121-152-52.deploy.static.akamaitechnologies.com

Software

Apache/2.4.6 (Red Hat Enterprise Linux) Communique/4.3.2 /

Resource Hash

d94db9ce60ff8e6a0e1dcdab83ff6d1f60dd5c28b50d8f027f5fe268f87fa5ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www8.hp.com/etc.clientlibs/HPIT-AEM-GLOBALNAV/clientlibs-globalnav/clientlib-hpi-hf-r-css.2aff14648e5d3d664458b822534e3551.css
Origin: https://threatresearch.ext.hp.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-dispatcher: dispatcher1eastus2
date: Wed, 15 Dec 2021 21:22:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-vhost: globalnav
content-length: 585
last-modified: Mon, 17 Aug 2020 19:53:28 GMT
server: Apache/2.4.6 (Red Hat Enterprise Linux) Communique/4.3.2
x-frame-options: SAMEORIGIN
etag: "420-5ad181fce7e00-gzip"
vary: Accept-Encoding
content-type: application/x-font-ttf
access-control-allow-origin: *
cache-control: public, max-age=76425
accept-ranges: bytes
expires: Thu, 16 Dec 2021 18:36:32 GMT

GET
H2 200 d8197f25-dce3-4110-addb-f3ffbe70bcbd.json Show response
cdn.cookielaw.org/consent/d8197f25-dce3-4110-addb-f3ffbe70bcbd/ 7 KB
3 KB 276ms
174ms XHR
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/d8197f25-dce3-4110-addb-f3ffbe70bcbd/d8197f25-dce3-4110-addb-f3ffbe70bcbd.json

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37a1e8cc557d9a9e8d65b4ab06d50e0583e51b265b08d70401071f1f9101d6db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 15 Dec 2021 21:22:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-md5: IASyAu3fVy5ZNxibtkqTpw==
vary: Accept-Encoding
content-length: 2390
x-ms-lease-status: unlocked
last-modified: Wed, 24 Nov 2021 15:51:07 GMT
server: cloudflare
etag: 0x8D9AF623A92320D
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: bed2f293-301e-00bb-1967-e13912000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6be2baba6a5c1f41-FRA
expires: Thu, 16 Dec 2021 01:22:48 GMT

GET
H2 200 HPSimplifiedRegular.woff
www8.hp.com/etc.clientlibs/HPIT-AEM-GLOBALNAV/clientlibs-globalnav/clientlibs-fonts/clientlib-hf-fontface-core/resources/fonts/ 44 KB
43 KB 82ms
81ms Font
application/x-font-woff 104.121.152.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www8.hp.com/etc.clientlibs/HPIT-AEM-GLOBALNAV/clientlibs-globalnav/clientlibs-fonts/clientlib-hf-fontface-core/resources/fonts/HPSimplifiedRegular.woff

Requested by

Host: www8.hp.com
URL: https://www8.hp.com/etc.clientlibs/HPIT-AEM-GLOBALNAV/clientlibs-globalnav/clientlibs-fonts/us/en/clientlib-hf-fontface.2aff14648e5d3d664458b822534e3551.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.121.152.52 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-121-152-52.deploy.static.akamaitechnologies.com

Software

Apache/2.4.6 (Red Hat Enterprise Linux) Communique/4.3.2 /

Resource Hash

24719977091e8bcc0071cf9d6515c874e8c2f1b96695367c1141aeba7710e1c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www8.hp.com/etc.clientlibs/HPIT-AEM-GLOBALNAV/clientlibs-globalnav/clientlibs-fonts/us/en/clientlib-hf-fontface.2aff14648e5d3d664458b822534e3551.css
Origin: https://threatresearch.ext.hp.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-dispatcher: dispatcher1eastus2
date: Wed, 15 Dec 2021 21:22:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-vhost: globalnav
content-length: 43688
last-modified: Mon, 17 Aug 2020 19:53:29 GMT
server: Apache/2.4.6 (Red Hat Enterprise Linux) Communique/4.3.2
x-frame-options: SAMEORIGIN
etag: "af90-5ad181fddc040-gzip"
vary: Accept-Encoding
content-type: application/x-font-woff
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 16 Dec 2021 21:22:48 GMT

GET
H2 200 close.ttf
www8.hp.com/etc.clientlibs/HPIT-AEM-GLOBALNAV/clientlibs-globalnav/clientlib-hpi-hf-css/resources/fonts/ 1 KB
923 B 144ms
144ms Font
application/x-font-ttf 104.121.152.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www8.hp.com/etc.clientlibs/HPIT-AEM-GLOBALNAV/clientlibs-globalnav/clientlib-hpi-hf-css/resources/fonts/close.ttf

Requested by

Host: www8.hp.com
URL: https://www8.hp.com/etc.clientlibs/HPIT-AEM-GLOBALNAV/clientlibs-globalnav/clientlib-hpi-hf-r-css.2aff14648e5d3d664458b822534e3551.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.121.152.52 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-121-152-52.deploy.static.akamaitechnologies.com

Software

Apache/2.4.6 (Red Hat Enterprise Linux) Communique/4.3.2 /

Resource Hash

7d2949d827d3f71a1a610d17034a34844cc3f2169cb8ce1c4b28665316bc0c0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www8.hp.com/etc.clientlibs/HPIT-AEM-GLOBALNAV/clientlibs-globalnav/clientlib-hpi-hf-r-css.2aff14648e5d3d664458b822534e3551.css
Origin: https://threatresearch.ext.hp.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-dispatcher: dispatcher1eastus2
date: Wed, 15 Dec 2021 21:22:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-vhost: globalnav
content-length: 589
last-modified: Mon, 17 Aug 2020 19:53:28 GMT
server: Apache/2.4.6 (Red Hat Enterprise Linux) Communique/4.3.2
x-frame-options: SAMEORIGIN
etag: "414-5ad181fce7e00-gzip"
vary: Accept-Encoding
content-type: application/x-font-ttf
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 16 Dec 2021 21:22:48 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 165 B
374 B 169ms
63ms Script
text/javascript 2606:4700:10::6814:b944
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77ae4fb56d2da594993ef6f0203c0cef103af28f7e4c5e0ac045909137422cf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:22:48 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6be2babc6cc44a6e-FRA

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.26.0/ 319 KB
76 KB 57ms
56ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.26.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

972688e6f6c24d2b23019a796b19f90515ba5f4ff744747c072b79fa44de3432

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 15 Dec 2021 21:22:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: fFt4+LicLBj64XIOlrs8+w==
age: 4109857
vary: Accept-Encoding
content-length: 77724
x-ms-lease-status: unlocked
last-modified: Thu, 28 Oct 2021 19:49:54 GMT
server: cloudflare
etag: 0x8D99A4C1D48EF51
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 02585626-e01e-0135-7898-cc30e6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6be2babccce068fe-FRA

GET
H2 200 en-us.json Show response
cdn.cookielaw.org/consent/d8197f25-dce3-4110-addb-f3ffbe70bcbd/659a58e5-03ba-43d7-8585-0e9f8ac51af7/ 194 KB
34 KB 170ms
170ms Fetch
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/d8197f25-dce3-4110-addb-f3ffbe70bcbd/659a58e5-03ba-43d7-8585-0e9f8ac51af7/en-us.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.26.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51b9e496dabd91fd220e3ef93ad76af73679a99f9f1435d84b9afbca9fbc90d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 15 Dec 2021 21:22:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-md5: KwQk9qolshXoRHj5zjKcoQ==
vary: Accept-Encoding
content-length: 34684
x-ms-lease-status: unlocked
last-modified: Wed, 24 Nov 2021 15:55:12 GMT
server: cloudflare
etag: 0x8D9AF62CCAC74F5
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: c01926aa-a01e-00fa-2054-e11101000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6be2babdde6e1f41-FRA
expires: Thu, 16 Dec 2021 01:22:48 GMT

GET
H2 200 otCenterRounded.json Show response
cdn.cookielaw.org/scripttemplates/6.26.0/assets/ 9 KB
3 KB 165ms
165ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.26.0/assets/otCenterRounded.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.26.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b26a37736a1c5a3e268b492a0b89a278c88208bdf6ea88543c0720c0317854c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 15 Dec 2021 21:22:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-md5: Ies7VXL5Lz4YnYLz8UJcDQ==
vary: Accept-Encoding
content-length: 2584
x-ms-lease-status: unlocked
last-modified: Thu, 11 Nov 2021 03:45:33 GMT
server: cloudflare
etag: 0x8D9A4C5B7032DF2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 943c29a0-a01e-009c-3e67-e1a35b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6be2babf68591f41-FRA

GET
H2 200 otPcTab.json Show response
cdn.cookielaw.org/scripttemplates/6.26.0/assets/v2/ 47 KB
12 KB 171ms
170ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.26.0/assets/v2/otPcTab.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.26.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4efca4768dedb757f956b51f3620d1521be4e8f065080515489defc83c2de704

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 15 Dec 2021 21:22:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-md5: Uofn8XbO/APXBwliqwOTIQ==
vary: Accept-Encoding
content-length: 11929
x-ms-lease-status: unlocked
last-modified: Thu, 11 Nov 2021 03:45:34 GMT
server: cloudflare
etag: 0x8D9A4C5B786F03D
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: f5110c72-901e-017e-2467-e1017c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6be2babf68601f41-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/6.26.0/assets/ 20 KB
4 KB 159ms
158ms Fetch
text/css 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.26.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.26.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatresearch.ext.hp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 15 Dec 2021 21:22:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-md5: Ye6OeZcNyuFoWog7CYs00A==
vary: Accept-Encoding
x-ms-lease-status: unlocked
last-modified: Thu, 11 Nov 2021 03:45:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 720a745c-601e-016b-7067-e1c3e5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 6be2babf68681f41-FRA

Verdicts & Comments Add Verdict or Comment

315 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
threatresearch.ext.hp.com/	1970-01-19 23:26:45	Name: ppwp_wp_session Value: 01cd2838af0b8d87e354283cae456b13%7C%7C1639605163%7C%7C1639604803
.hp.com/	1970-01-20 08:12:19	Name: _biz_uid Value: 58b70cc47e9849cacf7bbdd37626399f
.hp.com/	1970-01-19 23:26:45	Name: _biz_sid Value: a86f0
.hp.com/	1970-01-20 08:12:19	Name: _biz_nA Value: 1
.bizible.com/	1970-01-20 08:12:19	Name: _BUID Value: 58b70cc47e9849cacf7bbdd37626399f
.hp.com/	1970-01-20 08:12:19	Name: _biz_pendingA Value: %5B%5D
.bizibly.com/	1970-01-20 08:12:19	Name: _BUID Value: 1a425a3617bf12beb48c40fe156422d6
.hp.com/	1970-01-20 08:12:19	Name: _biz_flagsA Value: %7B%22Version%22%3A1%2C%22ViewThrough%22%3A%221%22%2C%22XDomain%22%3A%221%22%7D
.hp.com/	1970-01-20 16:57:55	Name: _ga Value: GA1.2.7518477.1639603367
.hp.com/	1970-01-19 23:28:09	Name: _gid Value: GA1.2.46436343.1639603367
.hp.com/	1970-01-19 23:26:43	Name: _gat_gtag_UA_31745238_1 Value: 1
.hp.com/	1970-01-19 23:26:43	Name: _gat_gtag_UA_197588716_1 Value: 1
.hp.com/	1970-01-20 16:57:55	Name: _mkto_trk Value: id:497-ITQ-712&token:_mch-hp.com-1639603367663-78558
.hp.com/	1969-12-31 23:59:59	Name: dcm_s Value: 1639603367682.845210020
threatresearch.ext.hp.com/	1969-12-31 23:59:59	Name: s_p_cnt Value: 1
threatresearch.ext.hp.com/	1969-12-31 23:59:59	Name: hp_pv1_prefs Value: null
.hp.com/	1970-01-20 08:12:19	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Wed+Dec+15+2021+21%3A22%3A49+GMT%2B0000+(GMT)&version=6.26.0&hosts=&consentId=13f8d18f-36c2-44d9-96c5-e91218c63a46&interactionCount=0&landingPath=https%3A%2F%2Fthreatresearch.ext.hp.com%2Fdetecting-ta551-domains%2F&groups=1%3A1%2C2%3A0%2C3%3A0%2C4%3A0
.hp.com/	1970-01-20 08:12:19	Name: hpeuck_prefs Value: 1000
.hp.com/	1970-01-20 08:12:19	Name: hpeuck_answ Value: 0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

497-itq-712.mktoresp.com
cdn.bizible.com
cdn.bizibly.com
cdn.cookielaw.org
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
hp.com
munchkin.marketo.net
p.typekit.net
stats.g.doubleclick.net
threatresearch.ext.hp.com
use.typekit.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.hp.com
www8.hp.com
104.121.152.52
104.121.173.167
15.73.192.108
152.195.15.58
192.124.249.59
192.28.144.124
2606:4700:10::6814:b944
2606:4700::6810:9440
2a00:1450:4001:80e::2004
2a00:1450:4001:80e::2008
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::200a
2a00:1450:400c:c06::9c
2a02:26f0:df:69f::19fd
2a02:26f0:ef::5c7b:c25c
2a02:26f0:fb::5f64:9952
00501810e93307a8882a74d864e7547fd1458deea539361dc1124ac133799a4b
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
044efea78208376302aad3808aaabdf3c2f7bdd80ba9d55c9e0e4d3baa7a3908
0812e7587fc57a2cbb310774282b56d25147f34a92215839f5685911ad5466aa
08de3edfa1e71b1c4ddc7fde8cbdad1e98a05222d7fdf1f9321313d821d20cfa
09a2d5f4065c547c82893c26713886f89ae6ca574e7628a0568007cebe5fa62f
0a3364d1f00ceab070910d588e47e47a584e60e0dc2b235270195f8bbf5a36d1
0c54a2b60a83d5b02034550c173617b744d53f0ba29d5747425f80f359d107c7
0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e
100c3577372983a9ae444d3a1fcecec6525dae128e75a396bf38bd23eb972c5c
11f4df8462b2edc6add3928ab5f30dcab77f69c29c0e175b1888f4cb6275823c
140b71e7ee1bc50ac88eacc4d1baf755e3799a112cfc8e1dae02ae0f14f26ead
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
14d05a8eaa240594562514e267d5dc4578cbb84a27b020345334c2a335fa2242
196bed4faf0fe38b89a496b1f41319b2a8077263f85819f8ad42933e0a2e2e52
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1cbdf0ae9abb3ca541bac1e7b45aff35c712eaed7f066a55ed8b2f3934cc0ba3
1e8884b812a0a793a7f2ddba68172c2eb07561a283357cf1dcb6abb123216a0a
23263a19c0dc4b29036a56f858a2b6f915ea0e415ed7c46071a071f170626c88
233cb2b905dec5df68df039e52e26980f674880fee51a8f6b7f75486760f1f3e
2443427f167766f8f510501f9ad97ecbe950a773f82b69623fac883cf69b7000
245fbb6026df1dc8b342dae21ed2feff0ba0a23a6343ff378d7b99215d47e19f
24719977091e8bcc0071cf9d6515c874e8c2f1b96695367c1141aeba7710e1c8
2627a4b390439046af11a57125360d12a8d41911a60147c25722f2696f45d4c2
2b2c2f9810fbe4d8643c2f6b9359daa7dd67b78cffa63e6746202c76d068547e
2dfc6869335d78decb5a3d0fe0220dd780f6d14312a294341c8e42db6d0d21b8
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659
35aaba0db8356ff16ea47d9ed2e8bb77b9cd3e72c83082c50c9a807cbbd3f003
3647d841b21197b1efa74e92c861a3bf4cebef0f9a33f5a4c0ea276d74c768b0
3684b8902fe2f3f96b32be42dca7f2621827f8c8b92fde984b5b1787dd06a17b
368d51a97790b090cb0597daa63b23f2a867d7c2cf8f14a33bc899263b5237aa
37a1e8cc557d9a9e8d65b4ab06d50e0583e51b265b08d70401071f1f9101d6db
38d473ccf1d052f10f6d310cb2250d360f2f94a338096c6d35dd6a89a52e9f1b
3e6131330963c472b950b8aaf544ba3829735b8ccb103d614ba7793e3a786550
3e6acde1a483c1cfd05ef515b8a74523c2aa0c12e16d8ce04ae32275731d8782
41807a5e23946d0b786f2c78b61eacc9372e977e3db74e5d377b93298d5a85bf
428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19
42c56e1b734c9a5ff17dbdd645670d8f3aa0f94ee5ab0209c87562a8f4a357bd
43f76ddeb74fd27404931626f538479f9e8712998f771e163da794109c54eb5b
443ba0af7a7ed827223c7fb3c008c02b9ff1d651b6492e9c270378b07d9f6008
443fbb7859059f3f3646c43bc57d5fd0d0120327f3841c0ed37e921873ac5be7
4463996b808a043a2091ce400b56adcdb7407264272e6d2e389075e143e1c901
4504ebe0b37dc30638127168ce5791579dc963de69c2e16f4d242af4ef22ce8b
45489ffcf01ef61169bda340908095cfc2c0ddcfa78a6cad71a2d1b636feccdf
45a6eea93903fe37410887ca5eb4605572ecfaf1968387365ec9ed9331a36487
46af13bd348d946968c6bd1c844dccbca02856ecdcaa8dcb35969e99d1399562
47d11b41f78f9e37dcb3a72ee46bf1d485026a70062133b13c05ff38ec76a5ec
4834aa58000857ce42bdc4ae2322104fbbb5c0e96a7dbd4deab73900ae9d23a7
4b74b7b6a66111151aeb7bedd0efa51fb7583e823f4e688ed5fa55ce19ed0de6
4bf3aca933aa233702f890083af601fb16149ec8a17f8c1b90d30450562bde08
4cb4122592bfa905b2f19c491d0beb0f47a6e609694998e2f002e5e5d403b521
4d2a74d8b25e1ccd4b1294b0b937804bc24aeea7f46edad3f3c1f91604d2708c
4e339691cd1f12186b031362222f78b1e0acd8c11e5e914824353e7092ca7d5a
4ea735c25bb36d6130e169c43dd545f9ab091b791672b1538046ebedef3308f6
4efca4768dedb757f956b51f3620d1521be4e8f065080515489defc83c2de704
4fa7ec697bf8621323b54ea9564039c9522a9d18e14c7e760df8c6bf03a961a3
501c8b7edd85aa5b93a52254d40cf04d754018292b113caf7f76441701d30a0a
51b9e496dabd91fd220e3ef93ad76af73679a99f9f1435d84b9afbca9fbc90d7
5222d5b2ac9707fd616d1c3fe9e3e6feef28a8c4db471ed018debeaf87f55ccf
533e8584fd371930ebddd9c847766750939d7f11e3bed6c1ce6b5bc126ba5eca
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
568f1348a060326db6e1cf816b7beff8a5bf6ba2b57f3d11d58639ff969b6f3e
578332cd14c1c8f1c9ea7cc966ca50ae73945b7de3055e07f06dc099d4feeee0
579683e317a76a9a6758e42680b394e80957cbdd2863c25abac9a875852abfc7
587e022b442a0d7013a27f5fd2db035e28a74318d44dac1ac431f124c615bb37
59c8443986ab4a9ccddb2b552c26376cfa8e83891aeaf2f18fb841b648eb1841
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c569522330e4e6b040229701ae98650839c5baa9912e15f821ffef8341187f5
5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32
5efd842e976610278c76b11ffcfecc869e13763685cbda1febb8437e49f868c9
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
61e7bb6d0210c308eb1f6153f18b4063eb715fde885b7d20b4d209d3fcb5a217
62855a25508bf218a96a1179788320756ce0ae0346a586cca1fc5a6b5e7a4668
648edf9ae916dfcdee76440a254934829a87dc6d4e4cd7b8f23ded200cde2ebd
661e00570c65c29528d9ce6ee19e5e9939986716c293def67b07f8b6a191b018
66de583396c82e9e1956721424d9f1a422870faba9d46986b5f45bef4b36b276
68bec0121363230f259b5abcfe8287100777c0e3b3d7bfb619d18273a6aa4728
6afaae08a9346fc9ca891d0d80f8483905c1421bca9f918506150566d3912e9a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d22e660ead72f14b0aa8e3dfc8de1da35f17e3559b489e00692f15f50faa1a6
6e5e428db22023b1be6d12085c442e65337af4d50a755103d221377931f6b3fb
6eb52a97833a253a404e06ef580bfc474b9883681a2e7abf223b1a9434201bae
6f87c5c6c8e9b349b7fb0517ef8246042cc2a2d64406f9e4a9be1a6b776d7435
709432d669fa084fba23a097defbdecc8097a07717c30ac6f915314bf2a05933
74cc6a206326b8229276585c91ff2029af2061b89ffbadb4e5873353cf6e93ae
77ae4fb56d2da594993ef6f0203c0cef103af28f7e4c5e0ac045909137422cf9
7915441a8142774ad40d9d34446b14e61bd474e475e71569a4e9aa0249e6f052
7a109bbaf31b60ea0c1182758f73e7e2050aeabc9d37913ebc0c72030a48cf23
7a156f2f864432042b65e6a619f067bca03c7eaf855a7dcce14166f2f77a3487
7c356a9d56062296d80aaa7faa72446bedb5e783aa6a9c557e1efddaa6055258
7d2949d827d3f71a1a610d17034a34844cc3f2169cb8ce1c4b28665316bc0c0a
7f34b768792b90cf0b04fced2470e43d8fab7644f6565d5178fbfb49c4859cee
80669a9bb1655e529ea0f150945f879706df8fc3957bc1c02d07cdbb6862f60b
80e9a74251b9a8f1f7e72a0ea7cbd8905e4777b931e92b09f545087161fa0b37
824881cb24a4442381024afdf51da2932d717bb59cb549edc4cad3e00394bdce
828ef7357ef25a04a505c7f21b1418620b4c13faec1ac0d562e2127400c751fb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
836e98f92408ccb7250927acef9b494fbacc18678ef18888f835101557bddd37
848f5ae901a6db38f9cdb30ad9d2908962b6bad10c6ca2239cc9e5c73040fb2b
87a5d2695ca566cd18fcecad1d456ea816f37a1d0be39d02fd3207fc6d814078
8edb9219b445a1c8563996fcce85a134a0792d984f355208c59ea2b9937d8842
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
93ffe8a780b4034c7b14ac0d57d752368b53eafc734d906c8cdf3d3642a9eb36
972688e6f6c24d2b23019a796b19f90515ba5f4ff744747c072b79fa44de3432
97c8f279229e1db1fc340de3c4fbf154ee841b0d7015ed146f4bc9ea100906bd
980aba21181e373e49d5e2602223454f0bb78ccb263eabcfb850abb14ad8c904
9a0a34bc67f5d3623591214473ac2d449be18a8ce1cb5e531b185ef22a09b31f
9a19f69eb87e131998e91350c4eb6f55a44de97614261b1af11694576949ac39
9a2d11b76feb7a9e531a9d055fae88e495017645e5c823a010c818a7744b2c45
9f63a857b5ebb64b3da797bf94dfc4a55cf5093abf3827f2a3363a5607711996
9fd95260ee110232e2e143adfb5c5f0df7ffee9d2513288ff4102d9e401c663c
a1323bcfc774c0eca14adb6af88eac4bf5a2f4ab1779f49a427e04704395f086
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1e265af7b140bf70ba7a061b8ddee61e32ced0c50d985f0b05cdfe061112cb5
a4c1a28b558123a2b5d360e8c0fba3f7cb58ea5ccd964d922faf7de4ad71a2b0
a5f70e90e97e6ac1952a1a116dba485b468fa98dca2977853768a946227c7bc0
a83f97dd7536fbcc1bafa5c1be111c22e399d9b42edd945d7b4af211b13c514d
aa1c72e44c5aa91d24fc6ef2966a7d68363dd342bc325989e9f4dfaae39f54f0
ac61caa96282b030749550bf4f33e240812d42ebaa3172f3b3fc565520349e1c
af8154b4747aed3f4ad58f3b3d69168bf81a701b0e2eb4d91799195183ad76c6
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
affb9932bff9e7dbe3083ea34d06d7f6e68c86ef53b0758d23ba9d10c16174b8
b26a37736a1c5a3e268b492a0b89a278c88208bdf6ea88543c0720c0317854c8
b3189d819e9c55418f99bf36614b7f942e7f8205d410f16a7038b90d4e9b0ae6
b662bc3fe280e89adbb250cc5237e6a6012f9bb6aca4ed6052a459e6837a7aba
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b8e78b48acc08ce31457aff168d6fb2c814d51a8739a97693cdba585d60f5b35
bc7b145a0eb35703d5ce10b9204920b9d09e4454bc2288addc9ed5142862f9cd
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bd6def1ae1509946499390f95acaa1fd39a76452c8312f165d2bc0b791c9e0ef
bf3722b93fa395dc556c14f331f86a9d5e31fa813e46f0cfcb8afd19fae33034
bfa9441fac08fbebcfc65e202a788744aab8e4b1f634eaaf800256dce5012813
c13d9e4af00e319f622cc306225f1286dff17721033f52d7cf91c51e18d0f6eb
c2aee78040b4ed46c2377e6825db12a9691a2eb584adf338e77312c8978d8537
c30c5b740610275fd73ab469fea10cc11844d60befb266be86845c738b2ecec4
c3ef28a4f156c353239b74328046126175c702be2d89b9a24c8527a8b53ee0e4
c7784ca8f7f2210f1e951a9e3a3433278af55374c5fdbb4f33d730c1229b0888
c85d4f64101e48851e2a89069e50aefd6aeb901c535c7aa39986903d4baf1353
c8c066c331d08eaf858338789a0499c5ad85cfc6325d7685ea8a9463750d8684
c9bf057820b3b0223c468e08beb0d41a12b451e224308149bc05f0d4a607fcab
cb56816d72e7289b2aab8ba19bd1bdb4708cbbc7e70d7f38f9138a4dd10215a5
cce83fa2c5096e414c0e32c9fc07ba011e2f4d67a51f9c4155651122329ec0dc
ceed2b896bd2336f7492c8568f1d28ec27043c57e0fde01f383f242658d0496c
d068841edda9bc2bc6e85dee475dc732a4632e2dc48000b616536fb5aaa4625d
d075070aee6fff82f826766497e5141a38f5ae89ec2d91600c7ba9da58191e35
d13387653d66a2b69f03b18aa15c681d81b9b2fc25bf66bf0525802ba706da05
d3d1fc3b726f87e9440670838b6d33dc22ee1c854274724b27de90be75d1069c
d455ab882af3a742e6c9680578e6a590681bda99e34847f550f1f41a7d167969
d68605f97c0c27101ea06a1276a2e55c2bf65f0e07e8e0c11be145addde1344b
d94db9ce60ff8e6a0e1dcdab83ff6d1f60dd5c28b50d8f027f5fe268f87fa5ef
d9f03d2078c5342b17d3263a43bfd0a7821403c59e4900e5cc05eff04631960d
da360ca7e83587e1bd7c15be023c50be227e22ac5322d0b405585ddd4d542952
daf181ab9ead5372eefb6fe5d87704d7abdbfa6c09e4c79a2a2f688c6fac5ada
db0fe819895d07af230d0f21f183ae4c9ecdec27664f004c6ac8844deaf55adc
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de5ba330570616401d1840de0075059a65e62280b8d2524334be84290f43a4d7
e0adb7430cf5745bf1d05eec5a8f8fc6985e6561b3437fcb43f84f55219c02b7
e0f987f16687328f1504bff870acba9b30333eff550220a7307f9fe7e73fb5d2
e19a0e64789068d756a1b250084e54bb0ef77da66685e3dd9eafdc9a71ea1406
e231a94b4ca4df6170ef81b5fed34e3bf6fbb32d1a94d4c441029c63e373b81c
e69d17966c87ced93f60016674f0e6b10786838cfc6973e34e195649166b225e
e8b416c2f2a14bb138209a5ce434802a742d3de53ce668445485e5423efa1fb2
ea2dd31704608166bfd31e6c1b54027061ea568cd9aa1163656843a5907ac45d
eb6481e44617b3e40d345b2df5e20965503b4ab87c9346a43894f93a601ccde7
ee991e02add6bbe26b55d521d8f83e94031eb9f9f636b30756d4e3fc09a3cff4
ef138d7fbd35f65650c0cc7812600026e6ddd9daf470e3e3d7699ccdce1b1642
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2d424362aca158ad49da19b48c212e687fbed93ece9fed06fcf8871f5f64c5f
f67eb60570b3cafc392cb473d3f7f2dc3ea0f0299f34d6efbdb2506433745516
f975207e21041e251c165009f22311cc20b0acf1477d309fd62538beb50e0eb6
fa34de993dea91eb0120c3745378192fa1177ba8ec5772e08632318d1d5e1267
fa812cf93c26919828ff799b345e6955e91c68a3daa7f405dbcd5f7de80bada4
fb973b78d9c01f9cd135fa7a5b10e8e163739cc709902f20b4524f3262675ba5
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

threatresearch.ext.hp.com Open in urlscan Pro 192.124.249.59 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

178 Requests

99 %HTTPS

65 %IPv6

14 Domains

18 Subdomains

17 IPs

4 Countries

8805 kBTransfer

13863 kBSize

19 Cookies

207 Outgoing links

Redirected requests

178 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

threatresearch.ext.hp.com Open in urlscan Pro
192.124.249.59 Public Scan

Screenshot
Live screenshot

Full Image

178
Requests

99 %
HTTPS

65 %
IPv6

14
Domains

18
Subdomains

17
IPs

4
Countries

8805 kB
Transfer

13863 kB
Size

19
Cookies

178 HTTP transactions
0 data transactions