urlscan.io logo urlscan.io
SecurityTrails logo

research.checkpoint.com Open in urlscan Pro
141.193.213.20  Public Scan

Go To Rescan Add Verdict Report
URL: https://research.checkpoint.com/2023/the-obvious-the-normal-and-the-advanced-a-comprehensive%02analysis-of-outlook-attack-vectors/
Submission: On January 10 via manual from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 44 HTTP transactions. The main IP is 141.193.213.20, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is research.checkpoint.com. The Cisco Umbrella rank of the primary domain is 868778.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 15th 2023. Valid for: a year.
This is the only time research.checkpoint.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
27 141.193.213.20 209242 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
13 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
44 6
27    141.193.213.20 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
research.checkpoint.com
1    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
13    2606:4700::6812:82ec (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
1    2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
Apex Domain
Subdomains		 Transfer
27 checkpoint.com
research.checkpoint.com — Cisco Umbrella Rank: 868778
584 KB
13 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 625
159 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 950
304 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
117 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 438
3 KB
44 5
Domain Requested by
27 research.checkpoint.com research.checkpoint.com
13 cdn.cookielaw.org www.googletagmanager.com
cdn.cookielaw.org
1 geolocation.onetrust.com cdn.cookielaw.org
1 www.googletagmanager.com research.checkpoint.com
1 cdn.jsdelivr.net research.checkpoint.com
44 5
Subject Issuer Validity Valid
research.checkpoint.com
Cloudflare Inc ECC CA-3		 2023-06-15 -
2024-06-13		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2023-04-01 -
2024-03-31		 a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2023-11-13 -
2024-11-12		 a year crt.sh

This page contains 1 frames:

Primary Page: https://research.checkpoint.com/2023/the-obvious-the-normal-and-the-advanced-a-comprehensive%02analysis-of-outlook-attack-vectors/
Frame ID: 0A497C50F740528BA668BD5FC4444726
Requests: 44 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Page not found - Check Point ResearchBack ButtonSearch IconFilter Icon

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

44
Requests

98 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

6
IPs

2
Countries

864 kB
Transfer

2172 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

44 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
research.checkpoint.com/2023/the-obvious-the-normal-and-the-advanced-a-comprehensive%02analysis-of-outlook-attack-vectors/ 		139 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://research.checkpoint.com/2023/the-obvious-the-normal-and-the-advanced-a-comprehensive%02analysis-of-outlook-attack-vectors/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / WP Engine
Resource Hash
f2743d499a88de04456158c043a0615a6e7c13caba9f23dbd5bbd09c5523b9c7
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=600, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8435399dbdc763fc-LHR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 10 Jan 2024 13:21:48 GMT
expires
Wed, 11 Jan 1984 05:00:00 GMT
link
<https://research.checkpoint.com/wp-json/>; rel="https://api.w.org/"
server
cloudflare
vary
Accept-Encoding Accept-Encoding Accept-Encoding
x-cache
MISS
x-cache-group
normal
x-cacheable
non200
x-frame-options
SAMEORIGIN
x-powered-by
WP Engine
style.css
research.checkpoint.com/wp-content/plugins/gutenberg/build/block-library/ 		110 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://research.checkpoint.com/wp-content/plugins/gutenberg/build/block-library/style.css?ver=17.4.1
Requested by
Host: research.checkpoint.com
URL: https://research.checkpoint.com/2023/the-obvious-the-normal-and-the-advanced-a-comprehensive%02analysis-of-outlook-attack-vectors/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9888540dccd636c2edffbc0986fcec9a2efc37d43c2f949bfebae77c8a141c8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://research.checkpoint.com/2023/the-obvious-the-normal-and-the-advanced-a-comprehensive%02analysis-of-outlook-attack-vectors/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:21:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 05 Jan 2024 01:38:38 GMT
server
cloudflare
age
467824
etag
W/"65975d9e-1b978"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
843539a3ba0b63fc-LHR
alt-svc
h3=":443"; ma=86400
styles.css
research.checkpoint.com/wp-content/plugins/contact-form-7/includes/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://research.checkpoint.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.5
Requested by
Host: research.checkpoint.com
URL: https://research.checkpoint.com/2023/the-obvious-the-normal-and-the-advanced-a-comprehensive%02analysis-of-outlook-attack-vectors/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://research.checkpoint.com/2023/the-obvious-the-normal-and-the-advanced-a-comprehensive%02analysis-of-outlook-attack-vectors/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:21:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 19 Dec 2023 13:38:17 GMT
server
cloudflare
age
1898781
etag
W/"65819cc9-b4e"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
843539a3ba0f63fc-LHR
alt-svc
h3=":443"; ma=86400
email-subscribers-public.css
research.checkpoint.com/wp-content/plugins/email-subscribers/lite/public/css/ 		2 KB
852 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://research.checkpoint.com/wp-content/plugins/email-subscribers/lite/public/css/email-subscribers-public.css?ver=5.7.6
Requested by
Host: research.checkpoint.com
URL: https://research.checkpoint.com/2023/the-obvious-the-normal-and-the-advanced-a-comprehensive%02analysis-of-outlook-attack-vectors/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
dadb4e80b981be80b2657b58ee143dbdd7aa933fe567f2cc9d57a2db3be3be95

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://research.checkpoint.com/2023/the-obvious-the-normal-and-the-advanced-a-comprehensive%02analysis-of-outlook-attack-vectors/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:21:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 03 Jan 2024 13:38:24 GMT
server
cloudflare
age
601647
etag
W/"65956350-85d"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
843539a3ba1563fc-LHR
alt-svc
h3=":443"; ma=86400
style.css
research.checkpoint.com/wp-content/themes/research-th/css/ 		23 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://research.checkpoint.com/wp-content/themes/research-th/css/style.css?ver=1.05
Requested by
Host: research.checkpoint.com
URL: https://research.checkpoint.com/2023/the-obvious-the-normal-and-the-advanced-a-comprehensive%02analysis-of-outlook-attack-vectors/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
47b95b185ec036242735e48885162a9ddf52c30e7fe8b19511fa07ed59c9d980

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://research.checkpoint.com/2023/the-obvious-the-normal-and-the-advanced-a-comprehensive%02analysis-of-outlook-attack-vectors/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:21:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 20 Dec 2022 13:42:13 GMT
server
cloudflare
age
5111727
etag
W/"63a1bbb5-5d0c"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
843539a3ba1763fc-LHR
alt-svc
h3=":443"; ma=86400
style-nav.css
research.checkpoint.com/wp-content/themes/research-th/css/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://research.checkpoint.com/wp-content/themes/research-th/css/style-nav.css?ver=1.05
Requested by
Host: research.checkpoint.com
URL: https://research.checkpoint.com/2023/the-obvious-the-normal-and-the-advanced-a-comprehensive%02analysis-of-outlook-attack-vectors/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a1aa786eeb8a006e822020287f1434c65983f1931e69b6bff866b0fb5f02c8e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://research.checkpoint.com/2023/the-obvious-the-normal-and-the-advanced-a-comprehensive%02analysis-of-outlook-attack-vectors/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:21:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 20 Dec 2022 13:42:27 GMT
server
cloudflare
age
5379588
etag
W/"63a1bbc3-28e2"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
843539a3ba1963fc-LHR
alt-svc
h3=":443"; ma=86400
style-header.css
research.checkpoint.com/wp-content/themes/research-th/css/ 		1 KB
628 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://research.checkpoint.com/wp-content/themes/research-th/css/style-header.css?ver=1.05
Requested by
Host: research.checkpoint.com
URL: https://research.checkpoint.com/2023/the-obvious-the-normal-and-the-advanced-a-comprehensive%02analysis-of-outlook-attack-vectors/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9032a8b5e61cec2c69de298042627f781cc06c6cb120aab1fc5b1528aba3f86b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://research.checkpoint.com/2023/the-obvious-the-normal-and-the-advanced-a-comprehensive%02analysis-of-outlook-attack-vectors/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:21:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 27 Oct 2022 05:30:45 GMT
server
cloudflare
age
3564481
etag
W/"635a1785-5df"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
843539a3ba1b63fc-LHR
alt-svc
h3=":443"; ma=86400
style-footer.css
research.checkpoint.com/wp-content/themes/research-th/css/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://research.checkpoint.com/wp-content/themes/research-th/css/style-footer.css?ver=1.05
Requested by
Host: research.checkpoint.com
URL: https://research.checkpoint.com/2023/the-obvious-the-normal-and-the-advanced-a-comprehensive%02analysis-of-outlook-attack-vectors/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
09fc347f15221a4c34bfde0fcfb780f5b189093ce04ab198a923a9b14e37a957

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://research.checkpoint.com/2023/the-obvious-the-normal-and-the-advanced-a-comprehensive%02analysis-of-outlook-attack-vectors/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:21:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 26 Oct 2022 08:59:21 GMT
server
cloudflare
age
6164843
etag
W/"6358f6e9-1334"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
843539a3ba1c63fc-LHR
alt-svc
h3=":443"; ma=86400
style-blog.css
research.checkpoint.com/wp-content/themes/research-th/css/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://research.checkpoint.com/wp-content/themes/research-th/css/style-blog.css?ver=1.05
Requested by
Host: research.checkpoint.com
URL: https://research.checkpoint.com/2023/the-obvious-the-normal-and-the-advanced-a-comprehensive%02analysis-of-outlook-attack-vectors/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ec0cfddb361d862ac8d3e993de62ba5f5c2050067d38d40ce179204e5bd84cd

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://research.checkpoint.com/2023/the-obvious-the-normal-and-the-advanced-a-comprehensive%02analysis-of-outlook-attack-vectors/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:21:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 21 Feb 2023 08:29:43 GMT
server
cloudflare
age
2139598
etag
W/"63f480f7-3710"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
843539a3ba1f63fc-LHR
alt-svc
h3=":443"; ma=86400
enlighterjs.min.css
research.checkpoint.com/wp-content/plugins/enlighter/cache/ 		78 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://research.checkpoint.com/wp-content/plugins/enlighter/cache/enlighterjs.min.css?ver=lB++6JpXuZRbV9F
Requested by
Host: research.checkpoint.com
URL: https://research.checkpoint.com/2023/the-obvious-the-normal-and-the-advanced-a-comprehensive%02analysis-of-outlook-attack-vectors/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2db9f73aadc19fc7a482d18f2ad3626268a76237e4d64f07d46214ca3fed20d6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://research.checkpoint.com/2023/the-obvious-the-normal-and-the-advanced-a-comprehensive%02analysis-of-outlook-attack-vectors/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:21:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 21 Jan 2023 01:38:41 GMT
server
cloudflare
age
2139598
etag
W/"63cb4221-1388a"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
843539a3ba2063fc-LHR
alt-svc
h3=":443"; ma=86400
jquery.min.js
research.checkpoint.com/wp-includes/js/jquery/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://research.checkpoint.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: research.checkpoint.com
URL: https://research.checkpoint.com/2023/the-obvious-the-normal-and-the-advanced-a-comprehensive%02analysis-of-outlook-attack-vectors/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://research.checkpoint.com/2023/the-obvious-the-normal-and-the-advanced-a-comprehensive%02analysis-of-outlook-attack-vectors/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:21:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 14 Nov 2023 15:31:10 GMT
server
cloudflare
age
4915471
etag
W/"655392be-15601"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
843539a3ba2263fc-LHR
alt-svc
h3=":443"; ma=86400
jquery-migrate.min.js
research.checkpoint.com/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://research.checkpoint.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: research.checkpoint.com
URL: https://research.checkpoint.com/2023/the-obvious-the-normal-and-the-advanced-a-comprehensive%02analysis-of-outlook-attack-vectors/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://research.checkpoint.com/2023/the-obvious-the-normal-and-the-advanced-a-comprehensive%02analysis-of-outlook-attack-vectors/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:21:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 09 Jun 2023 05:49:24 GMT
server
cloudflare
age
5111725
etag
W/"6482bd64-3509"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
843539a3fa6f63fc-LHR
alt-svc
h3=":443"; ma=86400
logo.svg
research.checkpoint.com/wp-content/uploads/2022/11/ 		13 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://research.checkpoint.com/wp-content/uploads/2022/11/logo.svg
Requested by
Host: research.checkpoint.com
URL: https://research.checkpoint.com/2023/the-obvious-the-normal-and-the-advanced-a-comprehensive%02analysis-of-outlook-attack-vectors/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f9b15133f0faf5f07e29893254f03fbd9e9821b81aa81cb047db37454e2afd4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://research.checkpoint.com/2023/the-obvious-the-normal-and-the-advanced-a-comprehensive%02analysis-of-outlook-attack-vectors/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:21:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 21 Nov 2022 07:23:09 GMT
server
cloudflare
age
2882362
etag
W/"637b275d-330f"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
843539a3fa7163fc-LHR
alt-svc
h3=":443"; ma=86400
CheckPointResearchLogo_white-1-e1671590634727.png
research.checkpoint.com/wp-content/uploads/2022/12/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://research.checkpoint.com/wp-content/uploads/2022/12/CheckPointResearchLogo_white-1-e1671590634727.png
Requested by
Host: research.checkpoint.com
URL: https://research.checkpoint.com/2023/the-obvious-the-normal-and-the-advanced-a-comprehensive%02analysis-of-outlook-attack-vectors/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
04cd72d7844c372bdcc8325ed231d9ddfeb3174c544146109f87acea263e32a5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://research.checkpoint.com/2023/the-obvious-the-normal-and-the-advanced-a-comprehensive%02analysis-of-outlook-attack-vectors/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:21:48 GMT
cf-cache-status
HIT
age
2406191
cf-polished
origFmt=png, origSize=2798
content-disposition
inline; filename="CheckPointResearchLogo_white-1-e1671590634727.webp"
alt-svc
h3=":443"; ma=86400
content-length
1668
cf-bgj
imgq:100,h2pri
last-modified
Wed, 21 Dec 2022 02:43:54 GMT
server
cloudflare
etag
"63a272ea-aee"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
843539a3fa7363fc-LHR
popup-side-image.jpg
research.checkpoint.com/wp-content/uploads/2022/10/ 		292 KB
292 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://research.checkpoint.com/wp-content/uploads/2022/10/popup-side-image.jpg
Requested by
Host: research.checkpoint.com
URL: https://research.checkpoint.com/2023/the-obvious-the-normal-and-the-advanced-a-comprehensive%02analysis-of-outlook-attack-vectors/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
553f897565041527748c1adf31d5b2edd1e92c03e1abf46319fcaf3c4d7504c3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://research.checkpoint.com/2023/the-obvious-the-normal-and-the-advanced-a-comprehensive%02analysis-of-outlook-attack-vectors/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:21:48 GMT
cf-cache-status
HIT
age
3557954
cf-polished
origSize=320521
alt-svc
h3=":443"; ma=86400
content-length
298884
cf-bgj
imgq:100,h2pri
last-modified
Tue, 11 Oct 2022 13:40:52 GMT
server
cloudflare
etag
"63457264-4e409"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
843539a46e4e8891-LHR
sharer.min.js
cdn.jsdelivr.net/npm/sharer.js@latest/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/sharer.js@latest/sharer.min.js
Requested by
Host: research.checkpoint.com
URL: https://research.checkpoint.com/2023/the-obvious-the-normal-and-the-advanced-a-comprehensive%02analysis-of-outlook-attack-vectors/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba5171a78670b031914e623431a33a3d73c1ea9897e552ba73bc2c2da7c777b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://research.checkpoint.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:21:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
8942
x-jsd-version
0.5.1
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230024-FRA, cache-lcy-eglc8600034-LCY
x-jsd-version-type
version
server
cloudflare
etag
W/"1cf4-rU4XDuIRpC8036n5raFlH/qnNeg"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F7KMFOWToxsY4W5u1PBwgJlt55TTXsqSBZaA5ww%2Fj7B74hPialn1lqdzfoZTGRZndVQu8j4nJwLai9fGfG3w5Ol73KOPOTcCAKjLPpIp7NwZiJNXOYPrOFRiQj8%2BP8ESP57iZqmRJrk7Eh3zAb8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
843539a4fdd4496c-LHR
index.js
research.checkpoint.com/wp-content/plugins/contact-form-7/includes/swv/js/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://research.checkpoint.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.5
Requested by
Host: research.checkpoint.com
URL: https://research.checkpoint.com/2023/the-obvious-the-normal-and-the-advanced-a-comprehensive%02analysis-of-outlook-attack-vectors/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://research.checkpoint.com/2023/the-obvious-the-normal-and-the-advanced-a-comprehensive%02analysis-of-outlook-attack-vectors/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:21:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 19 Dec 2023 13:38:17 GMT
server
cloudflare
age
1898781
etag
W/"65819cc9-2b6d"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
843539a46e578891-LHR
alt-svc
h3=":443"; ma=86400
index.js
research.checkpoint.com/wp-content/plugins/contact-form-7/includes/js/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://research.checkpoint.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.5
Requested by
Host: research.checkpoint.com
URL: https://research.checkpoint.com/2023/the-obvious-the-normal-and-the-advanced-a-comprehensive%02analysis-of-outlook-attack-vectors/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ee08c60d39f5712a56938fda3e2ab10fe3ef23ec98aeb3c9a29e54f6f31ffe1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://research.checkpoint.com/2023/the-obvious-the-normal-and-the-advanced-a-comprehensive%02analysis-of-outlook-attack-vectors/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:21:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 19 Dec 2023 13:38:17 GMT
server
cloudflare
age
1898781
etag
W/"65819cc9-337e"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
843539a46e5a8891-LHR
alt-svc
h3=":443"; ma=86400
email-subscribers-public.js
research.checkpoint.com/wp-content/plugins/email-subscribers/lite/public/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://research.checkpoint.com/wp-content/plugins/email-subscribers/lite/public/js/email-subscribers-public.js?ver=5.7.6
Requested by
Host: research.checkpoint.com
URL: https://research.checkpoint.com/2023/the-obvious-the-normal-and-the-advanced-a-comprehensive%02analysis-of-outlook-attack-vectors/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fc951cd05171c077bec2cdacc53a0acbf7fd40945ae524a5a755b4da567d12f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://research.checkpoint.com/2023/the-obvious-the-normal-and-the-advanced-a-comprehensive%02analysis-of-outlook-attack-vectors/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:21:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 03 Jan 2024 13:38:24 GMT
server
cloudflare
age
597807
etag
W/"65956350-1406"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
843539a46e5b8891-LHR
alt-svc
h3=":443"; ma=86400
main.js
research.checkpoint.com/wp-content/themes/research-th/js/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://research.checkpoint.com/wp-content/themes/research-th/js/main.js?ver=1.05
Requested by
Host: research.checkpoint.com
URL: https://research.checkpoint.com/2023/the-obvious-the-normal-and-the-advanced-a-comprehensive%02analysis-of-outlook-attack-vectors/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0f67615b13bf8ecc66f48c43e4dc6226aabb7a1e3d715dc75cfe0d7c1d8d9e9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://research.checkpoint.com/2023/the-obvious-the-normal-and-the-advanced-a-comprehensive%02analysis-of-outlook-attack-vectors/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:21:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 23 Feb 2023 21:16:04 GMT
server
cloudflare
age
6149474
etag
W/"63f7d794-3d8e"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
843539a46e5d8891-LHR
alt-svc
h3=":443"; ma=86400
enlighterjs.min.js
research.checkpoint.com/wp-content/plugins/enlighter/cache/ 		62 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://research.checkpoint.com/wp-content/plugins/enlighter/cache/enlighterjs.min.js?ver=lB++6JpXuZRbV9F
Requested by
Host: research.checkpoint.com
URL: https://research.checkpoint.com/2023/the-obvious-the-normal-and-the-advanced-a-comprehensive%02analysis-of-outlook-attack-vectors/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2d31599822dae1353d655633c6dbd9454ef2138d172798f4a91119eedd6d89d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://research.checkpoint.com/2023/the-obvious-the-normal-and-the-advanced-a-comprehensive%02analysis-of-outlook-attack-vectors/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:21:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 21 Jan 2023 01:38:41 GMT
server
cloudflare
age
5293309
etag
W/"63cb4221-f756"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
843539a46e5e8891-LHR
alt-svc
h3=":443"; ma=86400
6c7c9490-8238-421f-9e1d-09aa80004f3a
https://research.checkpoint.com/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://research.checkpoint.com/6c7c9490-8238-421f-9e1d-09aa80004f3a
Requested by
Host: research.checkpoint.com
URL: https://research.checkpoint.com/2023/the-obvious-the-normal-and-the-advanced-a-comprehensive%02analysis-of-outlook-attack-vectors/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
gtm.js
www.googletagmanager.com/ 		426 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5JCRGP
Requested by
Host: research.checkpoint.com
URL: https://research.checkpoint.com/2023/the-obvious-the-normal-and-the-advanced-a-comprehensive%02analysis-of-outlook-attack-vectors/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0e11fc40937e1f604d2042e8db6ac35bbf343c344e379be306e936808fd6aee9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://research.checkpoint.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:21:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119781
x-xss-protection
0
last-modified
Wed, 10 Jan 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 10 Jan 2024 13:21:48 GMT
bg.jpg
research.checkpoint.com/wp-content/themes/research-th/img/ 		99 KB
99 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://research.checkpoint.com/wp-content/themes/research-th/img/bg.jpg
Requested by
Host: research.checkpoint.com
URL: https://research.checkpoint.com/wp-content/themes/research-th/css/style.css?ver=1.05
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecfde1ab3205a97f8d6488f8fe07edb38196624c274041c007e0a36c6f806df1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://research.checkpoint.com/wp-content/themes/research-th/css/style.css?ver=1.05
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:21:48 GMT
cf-cache-status
HIT
age
3647801
cf-polished
origSize=112945
alt-svc
h3=":443"; ma=86400
content-length
101603
cf-bgj
imgq:100,h2pri
last-modified
Sun, 23 Oct 2022 06:59:04 GMT
server
cloudflare
etag
"6354e638-1b931"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
843539a47e628891-LHR
dinot-regular.woff2
research.checkpoint.com/wp-content/themes/research-th/fonts/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://research.checkpoint.com/wp-content/themes/research-th/fonts/dinot-regular.woff2
Requested by
Host: research.checkpoint.com
URL: https://research.checkpoint.com/wp-content/themes/research-th/css/style.css?ver=1.05
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9a31917442bfa37758ad0fc7f79dc0f7fc685e6f1efafff08e63a829da32f1b

Request headers

Referer
https://research.checkpoint.com/wp-content/themes/research-th/css/style.css?ver=1.05
Origin
https://research.checkpoint.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:21:48 GMT
cf-cache-status
HIT
last-modified
Mon, 10 Oct 2022 06:39:55 GMT
server
cloudflare
age
266661
etag
"6343be3b-38e0"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
843539a47e638891-LHR
alt-svc
h3=":443"; ma=86400
content-length
14560
dinot-bold.woff2
research.checkpoint.com/wp-content/themes/research-th/fonts/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://research.checkpoint.com/wp-content/themes/research-th/fonts/dinot-bold.woff2
Requested by
Host: research.checkpoint.com
URL: https://research.checkpoint.com/wp-content/themes/research-th/css/style.css?ver=1.05
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f466e5f27a4a9b551b0f43f67dbacf89707f06e70456eabf5908262c65b227c

Request headers

Referer
https://research.checkpoint.com/wp-content/themes/research-th/css/style.css?ver=1.05
Origin
https://research.checkpoint.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:21:48 GMT
cf-cache-status
HIT
last-modified
Mon, 10 Oct 2022 06:39:20 GMT
server
cloudflare
age
260726
etag
"6343be18-397c"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
843539a47e668891-LHR
alt-svc
h3=":443"; ma=86400
content-length
14716
dinot-light.woff2
research.checkpoint.com/wp-content/themes/research-th/fonts/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://research.checkpoint.com/wp-content/themes/research-th/fonts/dinot-light.woff2
Requested by
Host: research.checkpoint.com
URL: https://research.checkpoint.com/wp-content/themes/research-th/css/style.css?ver=1.05
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
487c3648e4cc8b906914cfebe8ea5e78c9aaa4fd9cafcd73e887d08bc8a4a207

Request headers

Referer
https://research.checkpoint.com/wp-content/themes/research-th/css/style.css?ver=1.05
Origin
https://research.checkpoint.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:21:48 GMT
cf-cache-status
HIT
last-modified
Mon, 10 Oct 2022 06:39:28 GMT
server
cloudflare
age
260726
etag
"6343be20-37c4"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
843539a47e678891-LHR
alt-svc
h3=":443"; ma=86400
content-length
14276
wp-emoji-release.min.js
research.checkpoint.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://research.checkpoint.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by
Host: research.checkpoint.com
URL: https://research.checkpoint.com/2023/the-obvious-the-normal-and-the-advanced-a-comprehensive%02analysis-of-outlook-attack-vectors/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://research.checkpoint.com/2023/the-obvious-the-normal-and-the-advanced-a-comprehensive%02analysis-of-outlook-attack-vectors/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:21:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 02 Feb 2023 00:53:25 GMT
server
cloudflare
age
388330
etag
W/"63db0985-4904"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
843539a628e78891-LHR
alt-svc
h3=":443"; ma=86400
schema
research.checkpoint.com/wp-json/contact-form-7/v1/contact-forms/26727/feedback/ 		399 B
631 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://research.checkpoint.com/wp-json/contact-form-7/v1/contact-forms/26727/feedback/schema
Requested by
Host: research.checkpoint.com
URL: https://research.checkpoint.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / WP Engine
Resource Hash
ce51456ae815a1005d24c90fcbb46bcbf11094570a259061e5d3d52188d9f052
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, */*;q=0.1
Referer
https://research.checkpoint.com/2023/the-obvious-the-normal-and-the-advanced-a-comprehensive%02analysis-of-outlook-attack-vectors/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:21:48 GMT
x-cache-group
normal
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-cacheable
SHORT
content-encoding
br
x-powered-by
WP Engine
x-cache
HIT: 24
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
allow
GET
content-type
application/json; charset=UTF-8
x-frame-options
SAMEORIGIN
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
cache-control
max-age=600, must-revalidate
x-robots-tag
noindex
link
<https://research.checkpoint.com/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
cf-ray
843539a628e98891-LHR
refill
research.checkpoint.com/wp-json/contact-form-7/v1/contact-forms/26727/ 		2 B
424 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://research.checkpoint.com/wp-json/contact-form-7/v1/contact-forms/26727/refill
Requested by
Host: research.checkpoint.com
URL: https://research.checkpoint.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / WP Engine
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, */*;q=0.1
Referer
https://research.checkpoint.com/2023/the-obvious-the-normal-and-the-advanced-a-comprehensive%02analysis-of-outlook-attack-vectors/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:21:48 GMT
x-cache-group
normal
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-cacheable
SHORT
x-powered-by
WP Engine
x-cache
HIT: 16
alt-svc
h3=":443"; ma=86400
content-length
2
x-xss-protection
1; mode=block
server
cloudflare
allow
GET
vary
Accept-Encoding,Cookie
content-type
application/json; charset=UTF-8
x-frame-options
SAMEORIGIN
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
cache-control
max-age=600, must-revalidate
accept-ranges
bytes
x-robots-tag
noindex
link
<https://research.checkpoint.com/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
cf-ray
843539a6b9ce8891-LHR
OtAutoBlock.js
cdn.cookielaw.org/consent/6be79097-5aaa-4b3b-8be4-f464d92cf186/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/6be79097-5aaa-4b3b-8be4-f464d92cf186/OtAutoBlock.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JCRGP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49e6085a83d493692a699bea227a31e109363c06854e28e1da65a04ef3d70fe2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://research.checkpoint.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 10 Jan 2024 13:21:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
80988
content-md5
WwUkV5wh2t7Z7UjEoYbLXg==
content-length
4498
x-ms-lease-status
unlocked
last-modified
Wed, 25 Jan 2023 19:56:22 GMT
server
cloudflare
etag
0x8DAFF0E3C195A14
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
710b50aa-c01e-001f-0bb5-0c8a87000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
843539a7cbc98865-LHR
expires
Thu, 11 Jan 2024 13:21:48 GMT
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JCRGP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98bc0753b3f7392176a4af252bfae9bcd1f2804b73dee374119899d8f52ae3d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://research.checkpoint.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 10 Jan 2024 13:21:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
FWT01iLvZ++xUAz3aesSug==
age
30131
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6841
x-ms-lease-status
unlocked
last-modified
Wed, 10 Jan 2024 02:58:27 GMT
server
cloudflare
etag
0x8DC118804F54428
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
59c2a423-901e-0002-7072-43873b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
843539a83c948865-LHR
6be79097-5aaa-4b3b-8be4-f464d92cf186.json
cdn.cookielaw.org/consent/6be79097-5aaa-4b3b-8be4-f464d92cf186/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/6be79097-5aaa-4b3b-8be4-f464d92cf186/6be79097-5aaa-4b3b-8be4-f464d92cf186.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cde084bc5ee04ea9bc5d4f5cd4c5c98443beed4311deecc87cb7eefc1533bcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://research.checkpoint.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 10 Jan 2024 13:21:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
17404
content-md5
CqflGnWicKogdVwRp1k/JQ==
content-length
1762
x-ms-lease-status
unlocked
last-modified
Wed, 25 Jan 2023 19:56:24 GMT
server
cloudflare
etag
0x8DAFF0E3CE1BE4A
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
c2bc0330-301e-0056-6e9f-0bc86c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
843539a92b7f63c7-LHR
expires
Thu, 11 Jan 2024 13:21:49 GMT
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		59 B
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://research.checkpoint.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:21:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
843539aa2b0b4969-LHR
access-control-allow-headers
Content-Type
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202301.1.0/ 		395 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202301.1.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cda584e7c5036ad66d7d528d2209bc596a14179fa1792a559e2ae9eaa91e851
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://research.checkpoint.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 10 Jan 2024 13:21:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
TPatHKMti4L8TVrK0PWkxg==
age
23632
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
96303
x-ms-lease-status
unlocked
last-modified
Wed, 22 Feb 2023 03:39:35 GMT
server
cloudflare
etag
0x8DB14866ADAA84A
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
5e262276-701e-0068-1464-235f13000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
843539aa9fe08865-LHR
en.json
cdn.cookielaw.org/consent/6be79097-5aaa-4b3b-8be4-f464d92cf186/6c0f7219-922c-429c-8b72-e13962a62e3c/ 		140 KB
25 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/6be79097-5aaa-4b3b-8be4-f464d92cf186/6c0f7219-922c-429c-8b72-e13962a62e3c/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202301.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
605b729d5714cedbe1a4e4a2bf496da36ca9ce49a49e2b71d20a2befd9f251db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://research.checkpoint.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 10 Jan 2024 13:21:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-md5
c+MpxVJOA8ow2bb1kvQPPA==
content-length
24990
x-ms-lease-status
unlocked
last-modified
Wed, 25 Jan 2023 19:56:26 GMT
server
cloudflare
etag
0x8DAFF0E3DF1A8E0
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
2691ac97-801e-0053-11b8-211ab7000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
843539ab5e4f63c7-LHR
expires
Thu, 11 Jan 2024 13:21:49 GMT
otFlat.json
cdn.cookielaw.org/scripttemplates/202301.1.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202301.1.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202301.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://research.checkpoint.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 10 Jan 2024 13:21:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
JRquOrwnT+1fACynxEiZlA==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3020
x-ms-lease-status
unlocked
last-modified
Wed, 22 Feb 2023 03:39:28 GMT
server
cloudflare
etag
0x8DB148666B3B223
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
7b47ed43-f01e-0059-498f-0cbe00000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
843539abef3f63c7-LHR
otPcCenter.json
cdn.cookielaw.org/scripttemplates/202301.1.0/assets/v2/ 		61 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202301.1.0/assets/v2/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202301.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70fd7f6ced21739e10103744c72acdfc8e8422502d74d4fad2ddfab3aed0bbc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://research.checkpoint.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 10 Jan 2024 13:21:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
ykryv/G09FP6w4m7cogHHg==
age
17404
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
12548
x-ms-lease-status
unlocked
last-modified
Wed, 22 Feb 2023 03:39:30 GMT
server
cloudflare
etag
0x8DB1486680298ED
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
e1c3ec41-b01e-00ee-7370-7fd265000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
843539abef4063c7-LHR
otCookieSettingsButton.json
cdn.cookielaw.org/scripttemplates/202301.1.0/assets/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202301.1.0/assets/otCookieSettingsButton.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202301.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a09d0f89e99cf5a081315ff701187632005dabd23f3ca116a75790003faa7e8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://research.checkpoint.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 10 Jan 2024 13:21:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
wkJHHbnp3s43+NZzgCj5tg==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
1767
x-ms-lease-status
unlocked
last-modified
Wed, 22 Feb 2023 03:39:30 GMT
server
cloudflare
etag
0x8DB148667BDAA3D
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
cf8250d1-201e-0065-6233-2797c7000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
843539abef4163c7-LHR
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202301.1.0/assets/ 		21 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202301.1.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202301.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://research.checkpoint.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 10 Jan 2024 13:21:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
XcxlleAcPGO2n5kTZrHH2Q==
age
17404
x-ms-lease-status
unlocked
last-modified
Wed, 22 Feb 2023 03:39:39 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
13da7afd-d01e-002c-051b-15d52c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
843539abef4363c7-LHR
ot_close.svg
cdn.cookielaw.org/logos/static/ 		651 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/ot_close.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://research.checkpoint.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 10 Jan 2024 13:21:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
pcXWFGpuVeSg/jVnYCseRg==
age
33213
x-ms-lease-status
unlocked
last-modified
Tue, 09 Jan 2024 03:40:28 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
432c20f4-c01e-0052-0cb8-42456b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
843539ac5c328865-LHR
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/ 		497 B
489 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202301.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://research.checkpoint.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 10 Jan 2024 13:21:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
tXyZydHjxQshFMbbBT1/8A==
x-ms-lease-status
unlocked
last-modified
Tue, 09 Jan 2024 07:10:15 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
f4894e34-601e-0064-4e5f-43c81b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
843539ac6fed63c7-LHR
privacy-center.png
cdn.cookielaw.org/logos/47e3c59c-0525-4547-bb04-4b39430f40a8/9b630f80-0ad4-4be8-9223-a37ab5e74b02/5ea19ec2-7813-4a8e-b4ea-6f87c8959b4e/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/47e3c59c-0525-4547-bb04-4b39430f40a8/9b630f80-0ad4-4be8-9223-a37ab5e74b02/5ea19ec2-7813-4a8e-b4ea-6f87c8959b4e/privacy-center.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cfe2988dd0e1d6bcc63e394d2818003d0a121a5a8de88a6ba8caf91dbc48c96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://research.checkpoint.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 10 Jan 2024 13:21:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
HnzIqzk5bF7upvrzwNVyQA==
age
15616
content-length
1478
x-ms-lease-status
unlocked
last-modified
Fri, 28 Oct 2022 21:43:30 GMT
server
cloudflare
etag
0x8DAB92D747F1094
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
f4f42486-e01e-0027-18e7-1d2e47000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
843539ac8ca08865-LHR
powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://research.checkpoint.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 10 Jan 2024 13:21:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
Y+c301RBZNK39PvKQWrIBw==
age
24347
x-ms-lease-status
unlocked
last-modified
Wed, 10 Jan 2024 03:41:51 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
1bad51f1-201e-004a-7978-439a0c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
843539ac8ca48865-LHR

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture object| _wpemojiSettings undefined| $ function| jQuery string| ajaxurl string| siteurl object| dataLayer function| closePopup function| openPopup function| addClass function| loadImg undefined| screenW boolean| first function| calcScreenW object| $elems number| winheight function| animate_elems object| lazySizesConfig object| lazySizes function| Sharer object| swv object| wpcf7 object| es_data boolean| active function| closepopup function| windowWidth767 function| openPopupMassage function| downloadLink function| videoclosepopup function| copyToClipboard number| body_width string| id_initial string| link_initial object| EnlighterJS function| EnlighterJSINIT string| user number| wintop object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data function| onYouTubeIframeAPIReady object| twemoji object| wp object| cpxUrls string| queryParams object| paramString undefined| j undefined| currentElement undefined| currentHref undefined| modifiedHref object| OneTrustStub function| OptanonWrapper string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData object| Optanon object| OneTrust

3 Cookies

Domain/Path Name / Value
.research.checkpoint.com/ Name: __cf_bm
Value: uRdqmxpyt4i6Gn0D44yBh9LT9EG7rwWuL_i3S6BhvW4-1704892908-1-AfmMOXGURHlD3rr45LU7qdrmiBAa6oYkfLIr0Ac+F/KBWqi089poZxGO9B8GYEv98Js9n5FapTDWz59kg8sPMTs=
.checkpoint.com/ Name: _gcl_au
Value: 1.1.1427960058.1704892909
.checkpoint.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Wed+Jan+10+2024+13%3A21%3A49+GMT%2B0000+(Greenwich+Mean+Time)&version=202301.1.0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Fresearch.checkpoint.com%2F2023%2Fthe-obvious-the-normal-and-the-advanced-a-comprehensive%2502analysis-of-outlook-attack-vectors%2F&groups=C0003%3A0%2CC0001%3A1%2CC0002%3A0%2CC0004%3A0

1 Console Messages

Source Level URL
Text
network error URL: https://research.checkpoint.com/2023/the-obvious-the-normal-and-the-advanced-a-comprehensive%02analysis-of-outlook-attack-vectors/
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.cookielaw.org
cdn.jsdelivr.net
geolocation.onetrust.com
research.checkpoint.com
www.googletagmanager.com
141.193.213.20
2606:4700:4400::ac40:9b77
2606:4700::6810:5514
2606:4700::6812:82ec
2a00:1450:4001:80f::2008
04cd72d7844c372bdcc8325ed231d9ddfeb3174c544146109f87acea263e32a5
09fc347f15221a4c34bfde0fcfb780f5b189093ce04ab198a923a9b14e37a957
0cda584e7c5036ad66d7d528d2209bc596a14179fa1792a559e2ae9eaa91e851
0e11fc40937e1f604d2042e8db6ac35bbf343c344e379be306e936808fd6aee9
1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc
1ec0cfddb361d862ac8d3e993de62ba5f5c2050067d38d40ce179204e5bd84cd
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
2db9f73aadc19fc7a482d18f2ad3626268a76237e4d64f07d46214ca3fed20d6
3f466e5f27a4a9b551b0f43f67dbacf89707f06e70456eabf5908262c65b227c
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
47b95b185ec036242735e48885162a9ddf52c30e7fe8b19511fa07ed59c9d980
487c3648e4cc8b906914cfebe8ea5e78c9aaa4fd9cafcd73e887d08bc8a4a207
49e6085a83d493692a699bea227a31e109363c06854e28e1da65a04ef3d70fe2
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4f9b15133f0faf5f07e29893254f03fbd9e9821b81aa81cb047db37454e2afd4
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
553f897565041527748c1adf31d5b2edd1e92c03e1abf46319fcaf3c4d7504c3
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
5fc951cd05171c077bec2cdacc53a0acbf7fd40945ae524a5a755b4da567d12f
605b729d5714cedbe1a4e4a2bf496da36ca9ce49a49e2b71d20a2befd9f251db
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
70fd7f6ced21739e10103744c72acdfc8e8422502d74d4fad2ddfab3aed0bbc5
7cfe2988dd0e1d6bcc63e394d2818003d0a121a5a8de88a6ba8caf91dbc48c96
7ee08c60d39f5712a56938fda3e2ab10fe3ef23ec98aeb3c9a29e54f6f31ffe1
8a1aa786eeb8a006e822020287f1434c65983f1931e69b6bff866b0fb5f02c8e
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
9032a8b5e61cec2c69de298042627f781cc06c6cb120aab1fc5b1528aba3f86b
930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1
98bc0753b3f7392176a4af252bfae9bcd1f2804b73dee374119899d8f52ae3d2
9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d
9cde084bc5ee04ea9bc5d4f5cd4c5c98443beed4311deecc87cb7eefc1533bcd
a09d0f89e99cf5a081315ff701187632005dabd23f3ca116a75790003faa7e8f
a9a31917442bfa37758ad0fc7f79dc0f7fc685e6f1efafff08e63a829da32f1b
b2d31599822dae1353d655633c6dbd9454ef2138d172798f4a91119eedd6d89d
ba5171a78670b031914e623431a33a3d73c1ea9897e552ba73bc2c2da7c777b9
c9888540dccd636c2edffbc0986fcec9a2efc37d43c2f949bfebae77c8a141c8
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b
ce51456ae815a1005d24c90fcbb46bcbf11094570a259061e5d3d52188d9f052
d0f67615b13bf8ecc66f48c43e4dc6226aabb7a1e3d715dc75cfe0d7c1d8d9e9
dadb4e80b981be80b2657b58ee143dbdd7aa933fe567f2cc9d57a2db3be3be95
ecfde1ab3205a97f8d6488f8fe07edb38196624c274041c007e0a36c6f806df1
f2743d499a88de04456158c043a0615a6e7c13caba9f23dbd5bbd09c5523b9c7