blog.morphisec.com Open in urlscan Pro
199.60.103.31 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://blog.morphisec.com/mispadu-infiltration-beyond-latam
Submission: On July 12 via api (July 12th 2024, 9:07:35 am UTC) from IT — Scanned from IT

Summary HTTP 164 Redirects Links 48 Behaviour Indicators

Summary

This website contacted 47 IPs in 6 countries across 36 domains to perform 164 HTTP transactions. The main IP is 199.60.103.31, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is blog.morphisec.com.
TLS certificate: Issued by GTS CA 1P5 on May 15th 2024. Valid for: 3 months.

This is the only time blog.morphisec.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
56	199.60.103.31 199.60.103.31	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
3	104.18.91.62 104.18.91.62	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2400:52e0:1e0... 2400:52e0:1e00::1080:1	60068 (CDN77 _) (CDN77 _)
1	2606:2800:233... 2606:2800:233:66b5:799a:7cd3:f74d:7071	15133 (EDGECAST) (EDGECAST)
15	2606:4700::68... 2606:4700::6810:7674	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.141.119 104.18.141.119	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:af5b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
1	18.66.102.11 18.66.102.11	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:81d::200a	15169 (GOOGLE) (GOOGLE)
8	199.60.103.225 199.60.103.225	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1	13.32.27.107 13.32.27.107	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:e30... 2a02:26f0:e300::5f64:9252	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:4769	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
2	2001:4860:480... 2001:4860:4802:32::178	15169 (GOOGLE) (GOOGLE)
3	18.184.15.116 18.184.15.116	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:267... 2600:9000:2670:f600:7:d7d6:3c40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6810:6bfe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:991b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:8d11	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6810:7574	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:df98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:a0a8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	54.144.102.7 54.144.102.7	14618 (AMAZON-AES) (AMAZON-AES)
1	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c04::9a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	93.184.221.165 93.184.221.165	15133 (EDGECAST) (EDGECAST)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
7	104.18.80.204 104.18.80.204	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:297c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	216.58.212.168 216.58.212.168	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:f26c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	3.127.196.46 3.127.196.46	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
1	18.153.4.44 18.153.4.44	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:275... 2600:9000:275b:a600:2:7dc7:8f00:93a1	16509 (AMAZON-02) (AMAZON-02)
4	52.55.22.184 52.55.22.184	14618 (AMAZON-AES) (AMAZON-AES)
164	47

56 199.60.103.31 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

blog.morphisec.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.91.62 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn2.hubspot.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2400:52e0:1e00::1080:1 (Germany)

ASN60068 (CDN77 _, GB)

consent.cookiefirst.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:66b5:799a:7cd3:f74d:7071 (United States)

ASN15133 (EDGECAST, US)

platform.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700::6810:7674 (United States)

ASN13335 (CLOUDFLARENET, US)

no-cache.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cta-service-cms2.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.141.119 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:af5b (United States)

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.102.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-11.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 199.60.103.225 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

www.morphisec.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-107.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:e300::5f64:9252 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4769 (United States)

ASN13335 (CLOUDFLARENET, US)

scout-cdn.salesloft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.184.15.116 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-15-116.eu-central-1.compute.amazonaws.com

snid.snitcher.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2670:f600:7:d7d6:3c40:93a1 (United States)

ASN16509 (AMAZON-02, US)

tag.clearbitscripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:6bfe (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:991b (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:8d11 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:7574 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cta-service-cms2.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:df98 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a0a8 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.144.102.7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-102-7.compute-1.amazonaws.com

scout.salesloft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c04::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.184.221.165 (London, United Kingdom)

ASN15133 (EDGECAST, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.80.204 (None, )

ASN13335 (CLOUDFLARENET, US)

forms-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
perf.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
perf-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:297c (United States)

ASN13335 (CLOUDFLARENET, US)

1534169.fs1.hubspotusercontent-na1.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.168 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:f26c (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.127.196.46 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-196-46.eu-central-1.compute.amazonaws.com

x.clearbitjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.200 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.153.4.44 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-153-4-44.eu-central-1.compute.amazonaws.com

app.clearbit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:275b:a600:2:7dc7:8f00:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.trendemon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.55.22.184 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-22-184.compute-1.amazonaws.com

trackingapi.trendemon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
64	morphisec.com blog.morphisec.com www.morphisec.com	996 KB
18	hubspot.com no-cache.hubspot.com — Cisco Umbrella Rank: 13773 js.hubspot.com — Cisco Umbrella Rank: 3865 app.hubspot.com — Cisco Umbrella Rank: 5364 cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 3922 track.hubspot.com — Cisco Umbrella Rank: 2271 forms.hubspot.com — Cisco Umbrella Rank: 5404	183 KB
7	hsforms.com forms-na1.hsforms.com — Cisco Umbrella Rank: 6802 perf.hsforms.com — Cisco Umbrella Rank: 14890 forms.hsforms.com — Cisco Umbrella Rank: 4521 perf-na1.hsforms.com — Cisco Umbrella Rank: 4164	5 KB
6	trendemon.com assets.trendemon.com — Cisco Umbrella Rank: 94047 trackingapi.trendemon.com — Cisco Umbrella Rank: 85169	68 KB
6	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1315 analytics.twitter.com — Cisco Umbrella Rank: 876 syndication.twitter.com — Cisco Umbrella Rank: 1611	31 KB
5	linkedin.com 1 redirects platform.linkedin.com — Cisco Umbrella Rank: 3135 px.ads.linkedin.com — Cisco Umbrella Rank: 333 px4.ads.linkedin.com — Cisco Umbrella Rank: 5939	163 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 191	162 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 72	417 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 116	3 KB
3	clearbitjs.com x.clearbitjs.com — Cisco Umbrella Rank: 16169	45 KB
3	google.it www.google.it — Cisco Umbrella Rank: 23570	622 B
3	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 133	355 B
3	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3541
3	snitcher.com snid.snitcher.com — Cisco Umbrella Rank: 78964	25 KB
3	salesloft.com scout-cdn.salesloft.com — Cisco Umbrella Rank: 10946 scout.salesloft.com — Cisco Umbrella Rank: 13915	4 KB
3	cookiefirst.com consent.cookiefirst.com — Cisco Umbrella Rank: 32942	39 KB
3	hubspot.net cdn2.hubspot.net — Cisco Umbrella Rank: 8318	6 KB
2	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 4638 forms.hscollectedforms.net — Cisco Umbrella Rank: 4696	25 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 67	21 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 779	14 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 829 script.hotjar.com — Cisco Umbrella Rank: 1135	60 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 240	32 KB
1	clearbit.com app.clearbit.com — Cisco Umbrella Rank: 16806	1 KB
1	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 3670	1 KB
1	hubspotusercontent-na1.net 1534169.fs1.hubspotusercontent-na1.net	43 KB
1	t.co t.co — Cisco Umbrella Rank: 767	375 B
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2118	26 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3299	4 KB
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 5164	92 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2093	26 KB
1	clearbitscripts.com tag.clearbitscripts.com — Cisco Umbrella Rank: 13640	5 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 839	15 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 74	3 KB
1	hsappstatic.net static.hsappstatic.net — Cisco Umbrella Rank: 5460	5 KB
1	hsforms.net js.hsforms.net — Cisco Umbrella Rank: 6694	156 KB
0	lltrck.com Failed lltrck.com Failed
164	36

	Domain	Requested by
56	blog.morphisec.com	blog.morphisec.com cdnjs.cloudflare.com
8	www.morphisec.com	blog.morphisec.com
7	track.hubspot.com
6	no-cache.hubspot.com	blog.morphisec.com
4	trackingapi.trendemon.com	assets.trendemon.com
4	platform.twitter.com	blog.morphisec.com platform.twitter.com
4	connect.facebook.net	blog.morphisec.com connect.facebook.net
4	www.googletagmanager.com	blog.morphisec.com www.googletagmanager.com www.google-analytics.com
3	www.facebook.com	blog.morphisec.com connect.facebook.net
3	x.clearbitjs.com	tag.clearbitscripts.com
3	perf.hsforms.com	blog.morphisec.com
3	px.ads.linkedin.com	1 redirects snap.licdn.com
3	www.google.it	blog.morphisec.com
3	stats.g.doubleclick.net	www.googletagmanager.com
3	region1.analytics.google.com	www.googletagmanager.com
3	snid.snitcher.com	blog.morphisec.com snid.snitcher.com
3	consent.cookiefirst.com	blog.morphisec.com consent.cookiefirst.com
3	cdn2.hubspot.net	blog.morphisec.com
2	assets.trendemon.com	blog.morphisec.com assets.trendemon.com
2	forms-na1.hsforms.com	blog.morphisec.com
2	scout.salesloft.com	scout-cdn.salesloft.com
2	cta-service-cms2.hubspot.com	blog.morphisec.com js.hubspot.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	snap.licdn.com	blog.morphisec.com js.hsadspixel.net
2	cdnjs.cloudflare.com	blog.morphisec.com
1	forms.hubspot.com	js.hsleadflows.net
1	app.clearbit.com	x.clearbitjs.com
1	syndication.twitter.com	blog.morphisec.com
1	perf-na1.hsforms.com	blog.morphisec.com
1	forms.hsforms.com	blog.morphisec.com
1	api.hubapi.com	js.hsadspixel.net
1	forms.hscollectedforms.net	js.hscollectedforms.net
1	1534169.fs1.hubspotusercontent-na1.net	blog.morphisec.com
1	px4.ads.linkedin.com	blog.morphisec.com
1	analytics.twitter.com	blog.morphisec.com
1	t.co	blog.morphisec.com
1	app.hubspot.com	blog.morphisec.com
1	js.hs-analytics.net	blog.morphisec.com
1	js.hsadspixel.net	blog.morphisec.com
1	js.hubspot.com	blog.morphisec.com
1	js.hsleadflows.net	blog.morphisec.com
1	js.hs-banner.com	blog.morphisec.com
1	js.hscollectedforms.net	blog.morphisec.com
1	tag.clearbitscripts.com	www.googletagmanager.com
1	scout-cdn.salesloft.com	blog.morphisec.com
1	static.ads-twitter.com	blog.morphisec.com
1	script.hotjar.com	static.hotjar.com
1	fonts.googleapis.com	blog.morphisec.com
1	static.hotjar.com	blog.morphisec.com
1	static.hsappstatic.net	blog.morphisec.com
1	js.hsforms.net	blog.morphisec.com
1	platform.linkedin.com	blog.morphisec.com
0	lltrck.com Failed	blog.morphisec.com
164	53

This site contains links to these domains. Also see Links.

Domain
support.morphisec.com
www.morphisec.com
engage.morphisec.com
www.linkedin.com
www.twitter.com
www.datawrapper.de
insprl.com
www.nirsoft.net
azuremarketplace.microsoft.com
twitter.com
www.youtube.com

Subject Issuer	Validity	Valid
blog.morphisec.com GTS CA 1P5	`2024-05-15` - `2024-08-13`	3 months	crt.sh
hubspot.net Cloudflare Inc ECC CA-3	`2024-03-06` - `2024-12-31`	10 months	crt.sh
cdnjs.cloudflare.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
*.cookiefirst.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-05` - `2024-12-16`	a year	crt.sh
platform.linkedin.com DigiCert SHA2 Secure Server CA	`2024-06-13` - `2025-06-13`	a year	crt.sh
hubspot.com E1	`2024-05-23` - `2024-08-21`	3 months	crt.sh
hsforms.net WE1	`2024-06-13` - `2024-09-11`	3 months	crt.sh
hsappstatic.net E5	`2024-07-06` - `2024-10-04`	3 months	crt.sh
*.google-analytics.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
upload.video.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
www.morphisec.com GTS CA 1P5	`2024-05-15` - `2024-08-13`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-25` - `2025-06-24`	a year	crt.sh
salesloft.com Sectigo RSA Domain Validation Secure Server CA	`2024-03-20` - `2025-04-19`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-04-20` - `2024-07-19`	3 months	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-08` - `2025-07-07`	a year	crt.sh
snid.snitcher.com Amazon RSA 2048 M01	`2023-08-18` - `2024-09-14`	a year	crt.sh
clearbitscripts.com Amazon RSA 2048 M03	`2024-05-11` - `2025-06-08`	a year	crt.sh
hscollectedforms.net E1	`2024-05-27` - `2024-08-25`	3 months	crt.sh
hs-banner.com E1	`2024-05-30` - `2024-08-28`	3 months	crt.sh
hsleadflows.net E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
hsadspixel.net E6	`2024-06-14` - `2024-09-12`	3 months	crt.sh
hs-analytics.net WE1	`2024-06-11` - `2024-09-09`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.google.it WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-08` - `2025-05-07`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-31` - `2024-10-29`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-07-01` - `2025-01-01`	6 months	crt.sh
hsforms.com WE1	`2024-06-14` - `2024-09-12`	3 months	crt.sh
hubspotusercontent-na1.net Cloudflare Inc ECC CA-3	`2023-12-26` - `2024-12-25`	a year	crt.sh
hubapi.com E6	`2024-07-02` - `2024-09-30`	3 months	crt.sh
clearbitjs.com Amazon RSA 2048 M02	`2024-02-15` - `2025-03-16`	a year	crt.sh
syndication.twitter.com R11	`2024-07-05` - `2024-10-03`	3 months	crt.sh
clearbit.com Amazon RSA 2048 M03	`2024-02-15` - `2025-03-16`	a year	crt.sh
*.trendemon.com SSL.com RSA SSL subCA	`2024-06-18` - `2025-06-18`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
Frame ID: ACA2C2C50A0A37A53BB7CE35C36DD207
Requests: 160 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fblog.morphisec.com
Frame ID: 87BDA3AE1F60C19137C4C4B9A4B6B32E
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
Frame ID: A12B6E43ABCD11B27623B37C98C9E86D
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v3.0/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7ae9c0dbf327b1e5%26domain%3Dblog.morphisec.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fblog.morphisec.com%252Ff50e4a87b11b09096%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fblog.morphisec.com%2Fmispadu-infiltration-beyond-latam&layout=button_count&locale=en_US&sdk=joey
Frame ID: 9DE8E44AD66B3370A04A56ED12F27025
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Breaking Boundaries: Mispadu's Infiltration Beyond LATAM

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.linkedin\.com/in\.js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

164
Requests

99 %
HTTPS

57 %
IPv6

36
Domains

53
Subdomains

47
IPs

6
Countries

2677 kB
Transfer

7206 kB
Size

42
Cookies

48 Outgoing links

These are links going to different origins than the main page.

URL: https://support.morphisec.com/
Title: Support

Search URL Search Domain Scan URL

URL: https://www.morphisec.com/partners
Title: Partners

Search URL Search Domain Scan URL

URL: https://engage.morphisec.com/experiencing-a-breach
Title: Under Attack?

Search URL Search Domain Scan URL

URL: https://www.morphisec.com/

Search URL Search Domain Scan URL

URL: https://www.morphisec.com/products/
Title: Product Overview

Search URL Search Domain Scan URL

URL: https://www.morphisec.com/products/adaptive-exposure-management
Title: Adaptive Exposure Management

Search URL Search Domain Scan URL

URL: https://www.morphisec.com/products/morphisec-windows-endpoint-protection
Title: Morphisec for Windows Endpoints

Search URL Search Domain Scan URL

URL: https://www.morphisec.com/products/morphisec-windows-server-protection
Title: Morphisec for Windows Servers & Workloads

Search URL Search Domain Scan URL

URL: https://www.morphisec.com/products/morphisec-linux-server-protection
Title: Morphisec for Linux Server Protection

Search URL Search Domain Scan URL

URL: https://www.morphisec.com/incident-response-services
Title: Incident Response Services

Search URL Search Domain Scan URL

URL: https://www.morphisec.com/moving-target-defense
Title: About Moving Target Defense

Search URL Search Domain Scan URL

URL: https://www.morphisec.com/solutions/finance-industry
Title: Finance

Search URL Search Domain Scan URL

URL: https://www.morphisec.com/solutions/hedge-funds-industry
Title: Hedge Funds

Search URL Search Domain Scan URL

URL: https://www.morphisec.com/solutions/healthcare-industry
Title: Healthcare

Search URL Search Domain Scan URL

URL: https://www.morphisec.com/solutions/tech-industry
Title: Technology

Search URL Search Domain Scan URL

URL: https://www.morphisec.com/solutions/manufacturing-industry
Title: Manufacturing

Search URL Search Domain Scan URL

URL: https://www.morphisec.com/solutions/legal-industry
Title: Legal

Search URL Search Domain Scan URL

URL: https://www.morphisec.com/solutions/k-12-school-cybersecurity
Title: K-12 Education

Search URL Search Domain Scan URL

URL: https://www.morphisec.com/solutions/small-business
Title: SMB

Search URL Search Domain Scan URL

URL: https://www.morphisec.com/morphisec-microsoft-defender-av
Title: Microsoft Defender AV

Search URL Search Domain Scan URL

URL: https://www.morphisec.com/morphisec-microsoft-defender-for-endpoint
Title: Microsoft Defender for Endpoint

Search URL Search Domain Scan URL

URL: https://www.morphisec.com/products/virtual-desktop-infrastructure
Title: Virtual Desktop Protection

Search URL Search Domain Scan URL

URL: https://www.morphisec.com/cloud-workload-protection
Title: Cloud Workload Protection

Search URL Search Domain Scan URL

URL: https://www.morphisec.com/remote-employee-security
Title: Remote Employee Security

Search URL Search Domain Scan URL

URL: https://www.morphisec.com/ransomware-prevention
Title: Ransomware Prevention

Search URL Search Domain Scan URL

URL: https://www.morphisec.com/virtual-patch
Title: Virtual Patching and Compliance

Search URL Search Domain Scan URL

URL: https://www.morphisec.com/supply-chain-attack-prevention
Title: Supply Chain Attack Protection

Search URL Search Domain Scan URL

URL: https://www.morphisec.com/browser-attack-protection
Title: Browser Attack Protection

Search URL Search Domain Scan URL

URL: https://www.morphisec.com/about-us
Title: About Us

Search URL Search Domain Scan URL

URL: https://www.morphisec.com/news-and-events
Title: News & Events

Search URL Search Domain Scan URL

URL: https://www.morphisec.com/careers
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.morphisec.com/contact-us
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.morphisec.com/resources
Title: Learning Center

Search URL Search Domain Scan URL

URL: https://www.morphisec.com/morphisec-customer-corner
Title: Customer Stories

Search URL Search Domain Scan URL

URL: https://support.morphisec.com/hc/en-us
Title: Support

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/arnoldosipov/
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.twitter.com/osipov_ar
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.datawrapper.de/
Title: Datawrapper.de

Search URL Search Domain Scan URL

URL: https://insprl.com/
Title: insprl.com

Search URL Search Domain Scan URL

URL: https://www.nirsoft.net/utils/web_browser_password.html
Title: WebBrowserPassView

Search URL Search Domain Scan URL

URL: https://www.nirsoft.net/utils/mailpv.html
Title: Mail PassView

Search URL Search Domain Scan URL

URL: https://www.morphisec.com/schedule
Title: Schedule a demo

Search URL Search Domain Scan URL

URL: https://www.morphisec.com/products/morphisec-vulnerability-management
Title: Morphisec Vulnerability Visibility & Prioritization

Search URL Search Domain Scan URL

URL: https://www.morphisec.com/legal-compliance
Title: Privacy & Legal

Search URL Search Domain Scan URL

URL: https://azuremarketplace.microsoft.com/en-us/marketplace/apps/morphisec.morphisec_threat_prevention?tab=Overview
Title: Inquire via Azure

Search URL Search Domain Scan URL

URL: https://twitter.com/morphisec

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/morphisec

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCe48cR5xTxPJSYMjG-So7Rw

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 108

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=32136%2C3607898&time=1720775249576&url=https%3A%2F%2Fblog.morphisec.com%2Fmispadu-infiltration-beyond-latam HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=32136%2C3607898&time=1720775249576&url=https%3A%2F%2Fblog.morphisec.com%2Fmispadu-infiltration-beyond-latam&e_ipv6=AQLvPjPk07KpGAAAAZCmMo9Qy7rSKQao3Ui2JTWv_RQF_kmAGtnCzx_IUa6FwExkomj10g

164 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request mispadu-infiltration-beyond-latam Show response
blog.morphisec.com/ 143 KB
26 KB 177ms
145ms Document
text/html 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.morphisec.com/mispadu-infiltration-beyond-latam

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

743dab2897708c0bb6d3d28804aaa59eb506de813152a8983515f96840d4bd76

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Xss-Protection	1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-ray: 8a1fe2181fe65268-MXP
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Fri, 12 Jul 2024 09:07:28 GMT
edge-cache-tag: CT-162037724749,CG-3742504875,P-1534169,L-111241817773,W-110459115301,W-110461035085,W-110617941043,W-17242827075,CW-109590708858,CW-111929326924,CW-148583664153,CW-6224157750,CW-96190736016,E-109591972187,E-109621200285,E-109629951254,E-109788822098,E-110333050473,E-110410292559,E-110414479364,E-110809165900,E-36272650673,E-6213834399,E-6224156614,E-6224925249,E-91587260036,MENU-110459115301,MENU-110461035085,MENU-110617941043,MENU-17242827075,PGS-ALL,SW-1,GC-109628533403,GC-111932574522
etag: W/"6965b0970294bf816642db6112cb2b79"
last-modified: Thu, 11 Jul 2024 13:13:36 GMT
link: </hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/project.js>; rel=preload; as=script,</hs/hsstatic/cos-i18n/static-1.53/bundles/project.js>; rel=preload; as=script,</hs/hsstatic/AsyncSupport/static-1.122/js/post_listing_asset.js>; rel=preload; as=script,</_hcms/forms/v2.js>; rel=preload; as=script
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aa5zJ0tVtSRq4PS7iYkfCvmLu7GYg9lLAKGHrosN9%2BDn0mb6NjyOfIxewVaEhzpwOLpqfqRux9D3h9hCb7uWZ8cYMS3GrE%2Bms6Teqhx1mbOBfIPKDuUQ86O8LFmAR5Ozanm2kQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-hs-cache-config: BrowserCache-5s-EdgeCache-180s
x-hs-cache-control: s-maxage=10800, max-age=0
x-hs-cf-cache-status: HIT
x-hs-content-id: 162037724749
x-hs-hub-id: 1534169
x-hs-prerendered: Thu, 11 Jul 2024 13:13:36 GMT
x-xss-protection: 1

GET
H3 200 project.js Show response
blog.morphisec.com/hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/ 2 KB
1 KB 117ms
110ms Script
application/javascript 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.morphisec.com/hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/project.js

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb56af9f7623a55839dfb9cf019b05664a62e1b41671d925f3ed587c506443b5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 09:07:28 GMT
content-encoding: gzip
via: 1.1 b17e3799e485082f3a270f6c4550e322.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 7909775
x-amz-cf-pop: MXP63-P3
x-amz-server-side-encryption: AES256
content-security-policy: upgrade-insecure-requests
x-cache: Hit from cloudfront
x-amz-version-id: gEenO44eZUewxnIWfgj9q6LB.g9OszNv
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 19 Aug 2020 22:24:11 GMT
server: cloudflare
etag: W/"ef84f26c310485299d6b75777414eddb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1BMOw2BuI00PJLGT5UfktQhIazB89FZQlOXRhZp7UCj1MP%2BDmGzrpEAWzzAy2zPFjcSyHu2Dz3YX2a7yWQT4oBIdDKXzYKG6hi7nXyi4RifnurOq34oktsSklnvGYALVMl%2F0ZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8a1fe2191a4a5268-MXP
x-amz-cf-id: 3bbSj8Kdp4WhSKnjzyDU9c5dQfphOkmiUWiLAQzv_Ngnt6Q1U3_wPg==
expires: Sat, 12 Jul 2025 09:07:28 GMT

GET
H3 200 project.js Show response
blog.morphisec.com/hs/hsstatic/cos-i18n/static-1.53/bundles/ 1 KB
1 KB 136ms
126ms Script
application/javascript 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.morphisec.com/hs/hsstatic/cos-i18n/static-1.53/bundles/project.js

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 09:07:28 GMT
content-encoding: gzip
via: 1.1 032d5acf8b9877b36c8078e2a86a3836.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 9806979
x-amz-cf-pop: MXP63-P3
x-amz-server-side-encryption: AES256
content-security-policy: upgrade-insecure-requests
x-cache: Hit from cloudfront
x-amz-version-id: P9ES7sOpFzrLl1QoRwjEAy5outPo5_GO
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 09 Nov 2021 16:12:42 GMT
server: cloudflare
etag: W/"61ca66de658cab9587e4636894680d5d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5g1MZP1rtam%2FFxvSE8j2%2FrYKjd1EpRxNgoI%2Fq3j0beLX%2F5cvpNB2%2BSqCnzd5bmX5%2FHUSCTduMgIPxlFhtd3hX%2BAdQBnPEV6osdQoWoQ8MHTysWh1g314tgYzrVMQ6m2rLMAdbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8a1fe2192a545268-MXP
x-amz-cf-id: g7aV13gIRreP17-H83ceFqxmrwJ42vExRh50bjxJmIYmj5Xmf3fj6Q==
expires: Sat, 12 Jul 2025 09:07:28 GMT

GET
H3 200 post_listing_asset.js Show response
blog.morphisec.com/hs/hsstatic/AsyncSupport/static-1.122/js/ 3 KB
2 KB 120ms
109ms Script
application/javascript 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.morphisec.com/hs/hsstatic/AsyncSupport/static-1.122/js/post_listing_asset.js

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e7902d12bed414b23fd30c7019fc0fe08d03b14984beb21e486aaa59135f803

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 09:07:28 GMT
content-encoding: gzip
via: 1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 11187834
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
content-security-policy: upgrade-insecure-requests
x-cache: RefreshHit from cloudfront
x-amz-version-id: nC1hzr07YsutChb9rCwKsMoiyxip8lR7
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 17 Dec 2021 15:26:10 GMT
server: cloudflare
etag: W/"d95d7dafd49a1edc76a47120c287b579"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=46LAm%2BBD15K2T8B8fN6wdLd9CJKHblgEdGFo6YSgf%2BMqAhtefZhbseBhbYVoZAVPqJwSu1puyLNslWpfv6mGxZWgzglIovilIWJT5Qc5EZ01VLSZm8ZSx6zqlN8AIyBhEYZ4pQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8a1fe2192a585268-MXP
x-amz-cf-id: mhe-XZqlu0UYIouskl3OSMY2m4X2j8did-p1-Mtvgj_trvaRM8b1YA==
expires: Sat, 12 Jul 2025 09:07:28 GMT

GET
H3 200 v2.js Show response
blog.morphisec.com/_hcms/forms/ 482 KB
161 KB 134ms
122ms Script
application/javascript 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.morphisec.com/_hcms/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee3184f88b136b6ad521ec8d57fcf138b0c78172ee82e5d8773998bebac6486d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
age: 241
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.5387/bundles/project-v2.js&cfRay=8a1fdc32b47a83ae-MXP
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"56164b8f5dbcf6e65e555e48d5d6176a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: forms-embed/static-1.5387/bundles/project-v2.js
date: Fri, 12 Jul 2024 09:07:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 f01dafb3bec9893b47152910d47900a4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-amz-version-id: mnlqbpb.vUvH_hPLxl7NeOxIrfIBia92
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 7dbd24e4-12ab-4d89-92dd-7d24284eb3dd
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: 7dbd24e4-12ab-4d89-92dd-7d24284eb3dd
last-modified: Thu, 06 Jun 2024 13:36:59 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2z68m6hhhLDuyYJuX0dobnJMbvKTw6dfvfaydROaBRWudE5cuC2YtmIzIqcdhzjHEkqC0cg11UjAjvYWTzkGk9qmnDjZGE6alW8XjGTMJY4X7eSp0gv3vYOb6rI7Y7jh5RkHTw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-65f7f7c749-zrgzf
cf-ray: 8a1fe2192a5b5268-MXP
x-amz-cf-id: 2irfEqYcB5xr_sjJfq9PwBQwRBg4HoqkskN8QM-TYSnQLnUIE0KujA==

GET
H3 200 reset.min.css
blog.morphisec.com/hs-fs/hub/1534169/hub_generated/template_assets/109591972187/1697111371858/2023/CSS/ 1 KB
2 KB 131ms
119ms Stylesheet
text/css 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.morphisec.com/hs-fs/hub/1534169/hub_generated/template_assets/109591972187/1697111371858/2023/CSS/reset.min.css

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

abd611420c0557b18c6fbd0dd66eb643fc3298fbaccd15e0a2ba9fdf78f2ca72

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
age: 2603
x-amz-request-id: WS9GJ3E0Y1W663TF
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"fdc18c7998eab7f0173b18cbfee4df06"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1697111372573
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 12 Jul 2024 09:07:28 GMT
via: 1.1 a251e31740a6e166e8fdccf296c41644.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-amz-version-id: LIGvZMYA2GuHTR7O2Z5oVj7c2QZI5kJK
x-cache: Miss from cloudfront
x-hubspot-correlation-id: 442a620d-81d4-46d3-a1ff-c2d3cf88d226
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 203
alt-svc: h3=":443"; ma=86400
x-amz-id-2: ADMQP+vULYexcmO3qlq3/ntA7pMAD1BEXTcYMSBOxfM1UdUYn0Cwnp+iReLj5LXTVl6kqAvwLHc=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 442a620d-81d4-46d3-a1ff-c2d3cf88d226
last-modified: Thu, 12 Oct 2023 11:49:33 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V4Jly5jklB6V44oT2sw9mGNclJXOmRBS2TxZC%2BvwQH7u%2FxbHDMuKqjaGqMSDsIDnA8LKA4hIPUVIKsCyqsxOFqzUDeTkl13CnnPYybAboamwUwic4AA%2FsHGYfn26dGfnhegaxA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-656644bdb-tjdnr
access-control-allow-credentials: false
cf-ray: 8a1fe2192a5c5268-MXP
timing-allow-origin: blog.morphisec.com
x-amz-cf-id: lasT-RQqNGcn6RNPBpCqJzS1xfyMcvvoGEot4fmATwm5gDO16BPUZQ==

GET
H3 200 fonts.min.css
blog.morphisec.com/hs-fs/hub/1534169/hub_generated/template_assets/109621200285/1680693252014/2023/Fonts/ 6 KB
2 KB 184ms
172ms Stylesheet
text/css 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.morphisec.com/hs-fs/hub/1534169/hub_generated/template_assets/109621200285/1680693252014/2023/Fonts/fonts.min.css

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

44bc30322b395963cf09e8fb1bee4d07e58d60599a82c4e821cf89ed36d0b786

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
age: 2056
x-amz-request-id: WXVSP36RNJVJ2KZ0
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"129a23607bce2eee640430d3bbfef277"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1680693252902
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 12 Jul 2024 09:07:28 GMT
via: 1.1 a251e31740a6e166e8fdccf296c41644.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-amz-version-id: dVLtzAKZg__B3uxHbu3a_2GX4VNB5e_S
x-cache: Miss from cloudfront
x-hubspot-correlation-id: ec172105-c0bd-4e78-a90c-8c86d087c142
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 188
alt-svc: h3=":443"; ma=86400
x-amz-id-2: L7uh6xeJ8fOvvVD6OCbqlyMaVeIEz6wz879wdXRBE6hCmV0jlM6vUaibFc6Vqb6MW3vN2NQWtVk=
x-evy-trace-route-configuration: listener_https/all
x-request-id: ec172105-c0bd-4e78-a90c-8c86d087c142
last-modified: Wed, 05 Apr 2023 11:14:13 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2O3Q5k1DqLKhHuU3%2FLR0uTHi8xtLWPxZjukGAXRPrPs3S0S6TKkfhls0wKiIv62dxMv0Vxx96q3GPZPb1d74KHmp5oxYQiDHQpo84Vnlmn1FAqXCNgbThyECXyjlMUL72FHdlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-656644bdb-tjdnr
access-control-allow-credentials: false
cf-ray: 8a1fe2192a5f5268-MXP
timing-allow-origin: blog.morphisec.com
x-amz-cf-id: neWYEE1oE5kcIaAnHoWIIqlQCLzu7M9YUAv1shlU9_6iCgwn6uliLA==

GET
H3 200 custom.min.css
blog.morphisec.com/hs-fs/hub/1534169/hub_generated/template_assets/109788822098/1682414589849/2023/CSS/ 280 B
2 KB 115ms
105ms Stylesheet
text/css 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.morphisec.com/hs-fs/hub/1534169/hub_generated/template_assets/109788822098/1682414589849/2023/CSS/custom.min.css

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7c2ddb591f4a579e867624a9ac11234ee3b7ef13f41c743088d4b4d723b8461

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
age: 2603
x-amz-request-id: 0TEWBS9ZW4AA4TQN
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"5c5cddb5467e6fe854b7d0a6f51135e8"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1682414590689
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 12 Jul 2024 09:07:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 936f33bed45438343f0ef2adff442814.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: Tnt1z7gJRW9yvpi1rPu2tP7PpekG4_IL
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: b5f661b8-e85a-4ebd-ab12-834fd651d025
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 173
alt-svc: h3=":443"; ma=86400
x-amz-id-2: xoGN3IQVBFPDK/EcdXHlMiU637ho47awTsh9UkXGGaWzMcFXkYo5NN/fiTY/Li0Dzbc+cqjY9f4=
x-evy-trace-route-configuration: listener_https/all
x-request-id: b5f661b8-e85a-4ebd-ab12-834fd651d025
last-modified: Tue, 25 Apr 2023 09:23:11 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p0VS8zJmT6%2Be0A8tMWQkp41Qx2m%2BhEPrKD2kDu%2B0VC5a%2BIeXZLE%2BIAMDEFhc9YFxNUTpIz90wMZw6JTwkGgmCk4l4rKUtEY4EN3jOGl4c3ZMODlkdmGBVa307PEe7LSKFIUwlw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-656644bdb-x5qbk
access-control-allow-credentials: false
cf-ray: 8a1fe2192a605268-MXP
timing-allow-origin: blog.morphisec.com
x-amz-cf-id: 08RGV2vtv5sRx6rRaNSpBjNIecMWIKnCHjfT8hcLUBp-ApQDHNzA3A==

GET
H3 200 slick.min.css
blog.morphisec.com/hs-fs/hub/1534169/hub_generated/template_assets/110414479364/1681177548465/2023/CSS/ 1 KB
2 KB 132ms
123ms Stylesheet
text/css 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.morphisec.com/hs-fs/hub/1534169/hub_generated/template_assets/110414479364/1681177548465/2023/CSS/slick.min.css

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

71815070cf1baa5e8fe6694ab489c18374703c8fb1e11700f2530ccb8fb32d33

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
age: 2056
x-amz-request-id: WS9YX6NKECEEMAP4
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"50424795a4c8f41eaba805785dcd11a3"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1681177549173
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 12 Jul 2024 09:07:28 GMT
via: 1.1 9b097dfab92228268a37145aac5629c0.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-amz-version-id: CSM7qjm5tr1tplGgJgxA9LlFMJy2.Rrt
x-cache: Miss from cloudfront
x-hubspot-correlation-id: c0ba61b1-7ff8-407c-b677-7c40d7b45a89
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 166
alt-svc: h3=":443"; ma=86400
x-amz-id-2: fGEz8nLtg8tREw2Lxtf8BOTyXroKQ6zNbgAzooBuPF0wTWQqT6LstY73wyPPHB7rOai7KMSh0gQ=
x-evy-trace-route-configuration: listener_https/all
x-request-id: c0ba61b1-7ff8-407c-b677-7c40d7b45a89
last-modified: Tue, 11 Apr 2023 01:45:50 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Va3bKKrbQSHMoa1YLPdEAKwpSCFR1irI14NQ%2FhjUrumS0e3jUCH6RToOBXgNpNWF1Q6dywfnamN5IvO7ypLj6U1vVaBV4E6kUzrNIrFjpB7Dd3pTDGiqF9LGXf%2FzZ4Wnj5DUOg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-656644bdb-ts7f8
access-control-allow-credentials: false
cf-ray: 8a1fe2192a625268-MXP
timing-allow-origin: blog.morphisec.com
x-amz-cf-id: TH6HrsanyjF4Y9lZPSREjp88nwLOdC0io4YyMzH3742Sm7abazCaYg==

GET
H3 200 module_109590708858_Header_-_Global.min.css
blog.morphisec.com/hs-fs/hub/1534169/hub_generated/module_assets/109590708858/1718666705155/ 19 KB
5 KB 106ms
97ms Stylesheet
text/css 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.morphisec.com/hs-fs/hub/1534169/hub_generated/module_assets/109590708858/1718666705155/module_109590708858_Header_-_Global.min.css

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ec3c84e8019f979befe03094b124908c617d66036668dade9e8edf77b239924

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
age: 2603
x-amz-request-id: FDBNXZ6E52JE4CRR
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"6e88b79d3c88ae7b7cdc87de63b2df5d"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1718666705155
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 12 Jul 2024 09:07:28 GMT
via: 1.1 ed8e6c4476f2632eef2c7ce856161af0.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-amz-version-id: EmcCbP35dT6z.TbaRVMftxuobV7Ho9gP
x-cache: RefreshHit from cloudfront
x-hubspot-correlation-id: a01825c4-527a-487a-8c2f-b6a1ee52a950
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 147
alt-svc: h3=":443"; ma=86400
x-amz-id-2: PtIb3Redxg6JGp6LH0ZQJvSr8Apxx2rcl0rolibJt4lNeZ+rBRh3yUSV/1SvU1xQ626cxJgvkkasM7uG+qFmivPkVwIyOY4KFV1UPyeVgbc=
x-evy-trace-route-configuration: listener_https/all
x-request-id: a01825c4-527a-487a-8c2f-b6a1ee52a950
last-modified: Mon, 17 Jun 2024 23:25:06 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VWr8PuralN1HYZ%2BaPftdTNP1zTFM%2FEhD%2FIyI3sEGVQ4UTYamBb7B%2B8DLbHUYiWot8qbyOVEJ9BTz%2FMAqw5MB1NekhOmKg0ApL8%2FfOJHxq6bqkXqQ6I3HUwMOFGkFfvtOEiVSRw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-656644bdb-x5qbk
access-control-allow-credentials: false
cf-ray: 8a1fe2192a655268-MXP
timing-allow-origin: blog.morphisec.com
x-amz-cf-id: 2rnQmmp_hFWsO4mU_8ztK_11VzEumF19KuSSowvqiJattcBZnJd5dQ==

GET
H3 200 project.css
blog.morphisec.com/hs/hsstatic/BlogSocialSharingSupport/static-1.258/bundles/ 720 B
1 KB 182ms
174ms Stylesheet
text/css 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.morphisec.com/hs/hsstatic/BlogSocialSharingSupport/static-1.258/bundles/project.css

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf3e0ecae28a70c5e010c24c160321243efe54f497d49a6a8f31ca12ee7eb972

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 09:07:28 GMT
content-encoding: br
via: 1.1 9827944595fed79ba2fcda289cb8c8c2.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 9814829
x-amz-cf-pop: FCO50-P4
x-amz-server-side-encryption: AES256
content-security-policy: upgrade-insecure-requests
x-cache: Miss from cloudfront
x-amz-version-id: 8ccI4weZqJTdCHtwNm3UqetXb_uUGb6Y
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 19 Mar 2024 20:21:22 GMT
server: cloudflare
etag: W/"a81c70764750950eb72d4537c41e781f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o8XpqGrvs9B8VONuUmlpvEgU3bg%2Bg4rh6VWqiJNk9FUa9KDDSXwsUtbvXp3qqupwSBtXtC3zBNnR%2FEgZtf3dU3OYf6Y%2Bz5h1IbZwXDfBGfWAlETsx1yeLmzYmjpRxkuGz7vXKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 8a1fe2192a685268-MXP
x-amz-cf-id: 7FxAI7qo3DRuSKMYhpnJ0x6BY0EKZdsXTHmNsMYtu3SzbvNeULqszg==
expires: Sat, 12 Jul 2025 09:07:28 GMT

GET
H3 200 module_148583664153_Blog_Quiz.min.css
blog.morphisec.com/hs-fs/hub/1534169/hub_generated/module_assets/148583664153/1703224192160/ 1 KB
2 KB 98ms
91ms Stylesheet
text/css 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.morphisec.com/hs-fs/hub/1534169/hub_generated/module_assets/148583664153/1703224192160/module_148583664153_Blog_Quiz.min.css

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0a2edf9cc6b61a6576a95fe791ac7b4470577d68e0cc738a2f90d2d6416589

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
age: 2603
x-amz-request-id: WS9Z24REX5F9TT58
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"5292316ee34f942adabf9639035cb5f1"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1703224192160
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 12 Jul 2024 09:07:28 GMT
via: 1.1 b5e757a7da6f6fe6261f56a8a9646880.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-amz-version-id: YbKx_knHjcoCWj.kdAsSCG6ojGVZltfV
x-cache: Miss from cloudfront
x-hubspot-correlation-id: e97b6a12-21b0-417a-8103-4c17964614e8
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 214
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 0jH7YwRrHTK1YBpCv7zJMknAhXVnGjCWow6/1113mTTbYVeoUY3KxPF+r/+61HhZi2/RalWHniM=
x-evy-trace-route-configuration: listener_https/all
x-request-id: e97b6a12-21b0-417a-8103-4c17964614e8
last-modified: Fri, 22 Dec 2023 05:49:53 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EhXDawOrkhayG%2BLG4aUSm2w57Ve0i9S1Dz6cew0zXgQfrpgvOASIWzULSJdIq11OjiptYMunlHWSuqFXZ40xA26UgFulMHiUKIqx4oyKAL1y68tKFH4oA7outOFD7sgeId4BiA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-656644bdb-tjdnr
access-control-allow-credentials: false
cf-ray: 8a1fe2192a6a5268-MXP
timing-allow-origin: blog.morphisec.com
x-amz-cf-id: uRvA7RRSMaqVKk-8HPE_l4koR7N-8hQ-exHhErvJQhrgbYtOPIUEPQ==

GET
H3 200 module_-2712622_Site_Search_Input.min.css
cdn2.hubspot.net/hub/-1/hub_generated/module_assets/-2712622/1720647965466/ 612 B
1 KB 90ms
61ms Stylesheet
text/css 104.18.91.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/-1/hub_generated/module_assets/-2712622/1720647965466/module_-2712622_Site_Search_Input.min.css
Requested by: Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.91.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 401925a1114f7003121630392768d35516be54a4028f01024528aeae99a45a56

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding: br
age: 127157
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"c708989561e0cdbfcf996d1b7f47482c"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1720647965466
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-evy-trace-virtual-host: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 12 Jul 2024 09:07:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 37c3504d-bb58-4e6b-aef0-2bbdeefc8d4e
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 187
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: 37c3504d-bb58-4e6b-aef0-2bbdeefc8d4e
last-modified: Wed, 10 Jul 2024 21:46:06 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tJcib%2Fg41GV%2F9b1Jpa1qUvQI6%2FawBfLtYiaO0sDoqRGvw4wpHc0imiyi3JH6KRL%2BUiWeRacvR7%2B4Wi5BlC8sSmE4QXC1%2FIOwIKg8vrPPldtDs9xHBESu1gWZ%2B2No3UWeiM4%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-cdn2-td/envoy-proxy-7bc58b7fb6-9fg76
cf-ray: 8a1fe2194b735250-MXP

GET
H3 200 rss_post_listing.css
blog.morphisec.com/hs/hsstatic/AsyncSupport/static-1.122/sass/ 910 B
1020 B 179ms
174ms Stylesheet
text/css 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.morphisec.com/hs/hsstatic/AsyncSupport/static-1.122/sass/rss_post_listing.css

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

723fbf8d73cd4e75f64f7d21558585aa1658b11332e87bd288f6987e398ecfb4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 09:07:28 GMT
content-encoding: br
via: 1.1 a659f7836f37684fda1f390ef3140e5a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 11182048
x-amz-cf-pop: MXP63-P2
x-amz-server-side-encryption: AES256
content-security-policy: upgrade-insecure-requests
x-cache: Hit from cloudfront
x-amz-version-id: YluxiXaQWSQWC28IUPv3NXYXDi68ylxl
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 17 Dec 2021 15:26:10 GMT
server: cloudflare
etag: W/"e1b521ec14a912d6d385c21388ec7d79"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WhzbxDLYnQfe8BrBDOE9lEaJ7Lf35Byby1oxqSLVPZiDtITts9KpNz9SQV%2BCfxE3xVCr4kHUqNVquEVQE5rp9JoOT6KmMf8B%2B%2BX85sAb30iXwm2RxJW8Ft4aj5ipk1XsdInhVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 8a1fe2192a6c5268-MXP
x-amz-cf-id: aHQxa0g1D17GeAwsN1G4NHmk_7qgRgVjPIzrsfnCgbNnoYqkWbdXcQ==
expires: Sat, 12 Jul 2025 09:07:28 GMT

GET
H3 200 module_111929326924_Footer_Global_2023.min.css
blog.morphisec.com/hs-fs/hub/1534169/hub_generated/module_assets/111929326924/1718631910284/ 4 KB
2 KB 123ms
118ms Stylesheet
text/css 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.morphisec.com/hs-fs/hub/1534169/hub_generated/module_assets/111929326924/1718631910284/module_111929326924_Footer_Global_2023.min.css

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c1113b143de12d58d3771cbddb3a4e7c76580a89ea241479cc9bd5288fd2fd0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
age: 2603
x-amz-request-id: T3FFN00B3FS9HZSR
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"a5ec360241c57fd3faa2fbc7878eba90"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1718631910284
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 12 Jul 2024 09:07:28 GMT
via: 1.1 3fad6888361bd8bcd9c5b458635f78d0.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD61-P1
x-hs-alternate-content-type: text/plain
x-amz-version-id: jCxWLjuzpDes5PguwdA4b48KQVfcw1n0
x-cache: Miss from cloudfront
x-hubspot-correlation-id: c592cd72-f005-4484-afcb-dc369fde5df8
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 173
alt-svc: h3=":443"; ma=86400
x-amz-id-2: X9M1o/WJXO50ZdZKsLbeHWsce3FKiK6wRxZQvkBWQRDypgo19JdAUTjXc7bIIRcTWSa/t+AdjN0=
x-evy-trace-route-configuration: listener_https/all
x-request-id: c592cd72-f005-4484-afcb-dc369fde5df8
last-modified: Mon, 17 Jun 2024 13:45:11 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iyE5mZAjjjVXspSlSYxnm1edA70sdDUo%2FKIHLozWYJBQ8ggeKFkSn26oFjzSariOgvc6QPi08eoQEezgaCARsZHcNk0YDLgABVfEBknBpgglZo3vcBu1ga968MM28ZjdzbDNhA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-656644bdb-jn7vt
access-control-allow-credentials: false
cf-ray: 8a1fe2192a6f5268-MXP
timing-allow-origin: blog.morphisec.com
x-amz-cf-id: daHEwwA39yeWNbldHi5V5XBw0C8JPznXUkroxbdMYmtVlMmeTr1BMA==

GET
H3 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/ 87 KB
28 KB 68ms
41ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 09:07:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 135677
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27958
last-modified: Mon, 04 May 2020 23:01:39 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb09ed3-15d84"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BySQnp3shVFdSMMVC6fwGvDo%2F%2FrBYcLSA7v3aLNo41590SXFRW6Rc6JU1X5%2FWgfnu1%2Bkc6tQyXx0D16EroENEB9kcp2sQ2H1j0zVPhlV9pt2q8JqCdlnP8EIuPPzAfONt3eCBu4%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8a1fe2194d680e1b-MXP
expires: Wed, 02 Jul 2025 09:07:28 GMT

GET
H3 200 jquery-migrate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.3.1/ 11 KB
4 KB 58ms
31ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.3.1/jquery-migrate.min.js

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89bf8cdea73ce776d6b81d03837bc7f04af5e3946b839a3c0bfbf3094ad3f7be

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 09:07:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1517235
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3592
last-modified: Thu, 25 Jun 2020 01:22:57 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5ef3fc71-2b0b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jWmXO7OC8spNwmS%2BoUUpim72wzcjCN%2FN15ngfSs%2F1KKoog8IqHL75uiJPa5bArGxN%2Fp6Of4N4NyOUW3uMvp9byVAG88Mxx7R66CbF7Wu642oOv8eeiUNXQYwiOrJXXsKMLx4rOc%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8a1fe2194d6c0e1b-MXP
expires: Wed, 02 Jul 2025 09:07:28 GMT

GET
H2 200 consent.js Show response
consent.cookiefirst.com/sites/morphisec.com-e09f147d-1c6f-4132-9a2b-2a82974b5289/ 3 KB
2 KB 133ms
39ms Script
application/javascript 2400:52e0:1e00::1080:1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiefirst.com/sites/morphisec.com-e09f147d-1c6f-4132-9a2b-2a82974b5289/consent.js
Requested by: Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: Cookie First CDN-DE1-1080 /
Resource Hash: aa15f8f68b6a4531f528660eb6b161331e4126ce16f9cce6afd8a0dfd451cd6a

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 09:07:28 GMT
content-encoding: br
cdn-edgestorageid: 1082
cdn-storageserver: DE-680
cdn-cachedat: 07/12/2024 02:21:18
cdn-pullzone: 236985
visitor-location: IT
last-modified: Fri, 12 Jul 2024 00:45:42 GMT
server: Cookie First CDN-DE1-1080
cdn-fileserver: 588
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"66907cb6-af5"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: d602dab6-3f92-4809-a378-608fd2b89403
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control: public, max-age=30
cdn-requestid: 95206213f702c00c2dd5231fcee99540
cdn-requestcountrycode: IT
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, traceparent
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 custom.min.js Show response
blog.morphisec.com/hs-fs/hub/1534169/hub_generated/template_assets/91587260036/1680774296271/2020_-_UIS_-_Template_Folders/Vendor_JS/ 723 B
2 KB 89ms
85ms Script
application/javascript 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.morphisec.com/hs-fs/hub/1534169/hub_generated/template_assets/91587260036/1680774296271/2020_-_UIS_-_Template_Folders/Vendor_JS/custom.min.js

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d00e54d87cce777c78c59c446e01bc3bcaabca266daa6463181dd527c98738e9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
age: 2603
x-amz-request-id: 698VKKQMH7KR53S8
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"aa1f7340688642df1a14a1ed11c7650d"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1680774296492
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 12 Jul 2024 09:07:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 041a4887d523cabe8177e269cc358162.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: E6pXkgaUwSKGBww5g6OhIUrjEzq.3zLC
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 145e1e95-6686-4af3-beba-c4a736a45451
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 158
alt-svc: h3=":443"; ma=86400
x-amz-id-2: QqPYDofCkJ5DgYqX0tyKBH/xgb2A0vq0aZ5+6WQnOlqYlafSNx4kG/CBsa7Dg82XOlmJ7kVLuow=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 145e1e95-6686-4af3-beba-c4a736a45451
last-modified: Thu, 06 Apr 2023 09:44:57 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CrtGlqAN8hOYcHPhKcsDDScI1BKpOn1hMvDlsiIjpqCAOWlqd0I%2BYsHVLrhpUe0m2yUYpQiVM4H6HESX9zUiGExdp4J5wEGIv6OpGt9Cds3JzlRVNTayeld8U3rdxuHlUgqanw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-656644bdb-ts7f8
access-control-allow-credentials: false
cf-ray: 8a1fe2192a715268-MXP
timing-allow-origin: blog.morphisec.com
x-amz-cf-id: yd6VZ2so3rXUZk8LMCQ_p0HneavL37Z8e6p6ALzFwW3VWDncDy4brg==

GET
H3 200 font-awesome.min.css
blog.morphisec.com/hubfs/dynamic_esg/css/ 20 KB
6 KB 118ms
115ms Stylesheet
text/css 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.morphisec.com/hubfs/dynamic_esg/css/font-awesome.min.css

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2d09c4a39acf0339c9697b5837fec5bb2bfb9f92677ac2133640b900f91925c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 09:07:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 86e0eb6c8f3eea90e0cc2d99e58af96e.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-5753530423,FD-5753372182,P6R6f,FLS
content-security-policy: upgrade-insecure-requests
age: 417170
x-amz-cf-pop: MXP64-C2
x-amz-request-id: 9YC78B5XZEPTQB6X
content-encoding: br
edge-cache-tag: F-5753530423,FD-5753372182,P6R6f,FLS
cache-tag: F-5753530423,FD-5753372182,P6R6f,FLS
x-amz-version-id: t80ZTUuyC2UKWRLSZGKnunSDBqf49hOf
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 57t3YghZWuV7e/taRCEULRD4gmkwDRSxcD8kXvez3boZSriY+LlVeWL5Uds3tCMfneWXO8R7abg=
last-modified: Wed, 02 May 2018 21:34:26 GMT
server: cloudflare
etag: W/"aede50e4be8da8450a046f9d293e57a5"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oHuBirxUuv2yf%2FNv2nBWzYnTYI7JKmCOPHm%2FWhZf%2FqcAdlTNEinFdTEeVXIHWGJFHryok%2FFf0H4BB1sxsp0%2BactPZ7bJiduiF33bx4eFzMEvfCtOEA5OJG%2FYAIXAdTHvUMkACQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
cf-ray: 8a1fe2192a735268-MXP
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: AGig7H6ZTITo2Pqjbkxz1ftTGfR1O9w9tMGh5cieasmclKQJXjgRcQ==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H2 200 in.js Show response
platform.linkedin.com/ 510 KB
160 KB 78ms
19ms Script
text/javascript 2606:2800:233:66b5:799a:7cd3:f74d:7071
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.linkedin.com/in.js

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:66b5:799a:7cd3:f74d:7071 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (mil/6C7A) /

Resource Hash

5b4134fc9963276fb840bb8178d62e95d0efa733909f6eeef3f364d4d60f0777

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 09:07:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn-client-ip-version: IPV6
x-cdn: ECST
age: 1214
x-cache: HIT
x-cdn-proto: HTTP2
content-length: 163630
x-li-uuid: AAYdCO0KoIJBL89X8gxkIA==
last-modified: Fri, 12 Jul 2024 08:47:14 GMT
server: ECAcc (mil/6C7A)
x-li-pop: prod-lva1-x
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
x-li-fabric: prod-lva1
cache-control: public, max-age=3600
x-li-proto: http/1.1
accept-ranges: bytes
expires: Fri, 12 Jul 2024 09:47:14 GMT

GET
H3 200 layout.min.css
cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1720647898251/hubspot/hubspot_default/shared/responsive/ 4 KB
2 KB 92ms
67ms Stylesheet
text/css 104.18.91.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1720647898251/hubspot/hubspot_default/shared/responsive/layout.min.css
Requested by: Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.91.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 356bb4bf2245a68ee5de5732b5574260dd2016a2c3987e17ad97fb2586a883d1

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
age: 127266
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"fda5882b24ca5a84d04d090722dc713b"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1720647898889
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-evy-trace-virtual-host: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 12 Jul 2024 09:07:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 573cb85e-c755-4925-9d9b-31458be44e6c
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 231
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: 573cb85e-c755-4925-9d9b-31458be44e6c
last-modified: Wed, 10 Jul 2024 21:44:59 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l8MSicHfAZg1Lh%2BJWM4aIhJi0JxT8MRN7c5dBRr10IdPw%2FVM63QAYrqbQwkHxSCi6tONcarkt3nhSvUSS1sQfNS7G83AvpVSPK78de1yDiV%2BehejwkkUrOvxd60ZJ%2FLCOT0%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-cdn2-td/envoy-proxy-7bc58b7fb6-9fg76
cf-ray: 8a1fe2194b705250-MXP
timing-allow-origin: cdn2.hubspot.net

GET
H3 200 old-style.min.css
blog.morphisec.com/hs-fs/hub/1534169/hub_generated/template_assets/110809165900/1719863796001/2023/CSS/ 119 KB
31 KB 176ms
174ms Stylesheet
text/css 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.morphisec.com/hs-fs/hub/1534169/hub_generated/template_assets/110809165900/1719863796001/2023/CSS/old-style.min.css

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8efd720233d2e85f1df1c0836f3c9b7113b0a18c8c4ef434cc9f1d56bf0f134a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
age: 2603
x-amz-request-id: 1ZJWKYB0VKRH0WX1
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"a320552ff25922922b3d28a328704d1e"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1719863797469
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 12 Jul 2024 09:07:28 GMT
via: 1.1 041a4887d523cabe8177e269cc358162.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-amz-version-id: ml3oOzLWv41EPxpn48OVKxoth0B3Fv2G
x-cache: RefreshHit from cloudfront
x-hubspot-correlation-id: 31ea8763-a511-4240-b6fa-b3f485ee6579
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 148
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 2phD4nVgcSjfILF5tVrBR6KOMdnVVTv9+b9/0qIS8Um5abzCmDHUpUcNr6metNwvqsd4PgeW4ds=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 31ea8763-a511-4240-b6fa-b3f485ee6579
last-modified: Mon, 01 Jul 2024 19:56:38 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3g3bR%2Fk8C8HGqhiRFZ%2B7ZlzPBQ%2BqQz1c8JUqNVuPaIJ7Mi90TYoGxYOK6Mk%2Bi92kgRMGINUEPFRIiLpvMqyBfewQNGJtlf1XjTC0P8wSWn5qOShXEIpYGclLkY%2FR9MZX5%2FEeZA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-54bddf99d6-fq9rh
access-control-allow-credentials: false
cf-ray: 8a1fe2192a755268-MXP
timing-allow-origin: blog.morphisec.com
x-amz-cf-id: TgOGfdWTB6pxzbkOUAP98mO-jETbJbIitpNzJ0lweTx_mwr9yXWRiQ==

GET
H2 200 c9a3865e-2993-4f6e-b357-de969e5176a5.png
no-cache.hubspot.com/cta/default/1534169/ 2 KB
3 KB 416ms
365ms Image
image/png 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://no-cache.hubspot.com/cta/default/1534169/c9a3865e-2993-4f6e-b357-de969e5176a5.png

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

134e6c14db8e795110e5ec270e421c05bfb6b9499353d50003006ca05e7fe928

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 09:07:29 GMT
x-amz-version-id: _1L_9FsNCRNT38daSyHxEOv0ukn97SMw
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-request-id: HV4RQMQ97XZRA5K4
x-amz-server-side-encryption: AES256
content-length: 1861
x-amz-id-2: sZ4YLlqtfuhhGwswdh7x4MfNNiIWbZjwpJ6fZNeSE57Uu48+SU7S54/NapHlWeY8waWq+sfw6ld5nA9vChA1P04mczXAz80WqGQAdHMH+vo=
last-modified: Wed, 10 Jul 2024 13:43:37 GMT
server: cloudflare
etag: "76c0d044c039521340a9a2643ca355e9"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dxqL1hltTXOKcgEO6Z%2FeQPJwJCiJ4Q2snAlH5xqnZx4x2UZoDOzKilJHlUIPditPpaGpeCHxp29a7gUUXAqJR%2BQ%2BCsOjPVpWP8HfeYjrGn7x87hbmNNNBJ%2BNlmPLD5Lst%2B15CtHmYs%2BgkWBj%2BzgRru1k"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache, no-store
accept-ranges: bytes
cf-ray: 8a1fe21979074c66-MXP

GET
H3 200 current.js Show response
blog.morphisec.com/hs/cta/cta/ 18 KB
8 KB 93ms
91ms Script
application/javascript 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.morphisec.com/hs/cta/cta/current.js

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffa32165d364971ca407e3dd1d73d242172964887701ba8841516296449fbe4e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
age: 564
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=cta-embed-js/static-1.300/bundles/current.js&cfRay=8a1fd45152b4523d-MXP
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"d9f09e7a9c4f0105f0230221736bceee"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-hs-target-asset: cta-embed-js/static-1.300/bundles/current.js
date: Fri, 12 Jul 2024 09:07:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 a4f9ca051b97c1ac09e2af244690d376.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-amz-version-id: ePda8wyvGIAj3gXjHNFWv3B1EYGAKSgo
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 9bf54492-0405-47da-b164-3353b3da50c6
x-cache: Hit from cloudfront
cache-tag: staticjsapp-CtaEmbed-cloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: 9bf54492-0405-47da-b164-3353b3da50c6
last-modified: Wed, 10 Jul 2024 12:07:41 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zyaue0Cdr0Cuz%2F7GSsHzMgeyfH5ucJr%2BNF0LjnQUZuaz25EwHw1hQpdG3vdqwinPPza9y%2B7MxoyEhSmaQw6SF60WznDsjLZDDcITPVELQK5dDwRTKtJQyWlb8YoessaE%2Ba1w%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-65f7f7c749-5s6qd
cf-ray: 8a1fe2192a785268-MXP
x-amz-cf-id: xnyIa0heGf5KRSsV8pKWBZ-KQdbz3-Uc4ORmMUW_baizIV__BV2ymA==

GET
H3 200 Morphisec-Logo.svg
blog.morphisec.com/hubfs/ 5 KB
3 KB 110ms
106ms Image
image/svg+xml 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.morphisec.com/hubfs/Morphisec-Logo.svg

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7336afe3d92703a1b35e780301c688426c74d5a8c3d9cd1794d3370d763e58d3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-meta-cache-tag: F-163965048881,P-1534169,FLS-ALL
age: 219656
x-amz-request-id: 5QTW9D3X3W81BNSC
x-amz-server-side-encryption: AES256
edge-cache-tag: F-163965048881,P-1534169,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-meta-access-tag: public-indexable
etag: W/"765cc8beac4cc28676c6e847214549f8"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1712695150225
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 12 Jul 2024 09:07:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 ed45efeb163f9ffaca42564e88ebc17e.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: CLh4I1f8H1fjYE.XdVDUvmpXn1gHCWyp
x-amz-cf-pop: MXP64-C2
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-163965048881,P-1534169,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
x-amz-id-2: ZSLirgDDWmOBDd3mFJEXT+XguUrGxgAjfXKHmPZhPOt8wFQtB+mEv8E02XNrHGjA7TlFMuBNBWTPV8KUSEasYlFC8z7YeQDT8f+CBToDQng=
last-modified: Tue, 09 Apr 2024 20:39:11 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QbP8HSvnyT%2FjeoTVyOtTgaZA3x0uVFvkY69F52dgcOJcI1e9s5OdPXulqE5oDfY5YOe6bey0ip4gJCT4ZM0SJAm9J3BIeViU3zmduth%2FLz01Uw3bMoG6IhGNjKA5ZXU0Xha2hw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8a1fe21a7ca25268-MXP
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: IBSZxYACJGmqh82Ngca23lmAsKpKB1_JseyY7yVrEpsELPTAJlAG5g==

GET
H2 200 3c83d6d5-0c56-47b7-8aee-ae6edf73c360.png
no-cache.hubspot.com/cta/default/1534169/ 2 KB
3 KB 160ms
159ms Image
image/png 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://no-cache.hubspot.com/cta/default/1534169/3c83d6d5-0c56-47b7-8aee-ae6edf73c360.png

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d0faa1510d3999ee6ce630052e0f8c562acc8b69380ceb4e7f812aaa4c5303f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 09:07:29 GMT
x-amz-version-id: ulKQMNoMzME6ZWTBPDeq_A_qJjzsu_Xz
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-request-id: TC0PX3DWA6S98RBK
x-amz-server-side-encryption: AES256
content-length: 1631
x-amz-id-2: H+NM+cQlmmxfeYT0opeFSjjzYZn98y24beqiO5u59Xlr4qNmms1kVxCehZTK2/wF1ztB1jHfqSRIit9SLP5MZf5NqMd7vW8k7LiBdZHJECk=
last-modified: Wed, 05 Apr 2023 16:30:06 GMT
server: cloudflare
etag: "3d5f63abc7db36507720723f2c0d0e15"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bCaHOaoLIIS%2FuIPdDRzvfloAmPq7TSlXBRcYQsFP3S5aaRSyxddpsXxFn8bi%2Bq%2FMYWuFMuHi0VkKr55i5dd0FbWiohGjr8QnU6H1dsBR0AJRSFgNPm%2FDJ8O5iFKnDu%2BxT%2B1wSxlzNS5XxXxwLz40KjWA"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache, no-store
accept-ranges: bytes
cf-ray: 8a1fe219b9694c66-MXP

GET
H2 200 d4f17ebf-d8a2-49c3-9bca-a8f8112b45f3.png
no-cache.hubspot.com/cta/default/1534169/ 1 KB
2 KB 162ms
155ms Image
image/png 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://no-cache.hubspot.com/cta/default/1534169/d4f17ebf-d8a2-49c3-9bca-a8f8112b45f3.png

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be96a16025bfbe78bed5a7475f5877696f919dcf9b37939866f8c2d47af7976c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 09:07:29 GMT
x-amz-version-id: null
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-request-id: HV4X16CGAK372VT8
x-amz-server-side-encryption: AES256
content-length: 1384
x-amz-id-2: t2hsYDC++bXzi2KXTuLVttj1Xb4aTSCzcV+aVvg08UCSic05U3Z+Z4dTL5HATyeUyv9auQuNp0GAXVxF2H709hSyF3NUSayz24K/Jmf9aCY=
last-modified: Fri, 18 Nov 2022 14:30:06 GMT
server: cloudflare
etag: "eacaba2cc1bbf4de2a43469ab485d45e"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u9InIsVprwgZDSbyFQsBWdGmPI6VK0B2Visfnalwpn5j2qwR0SBKhho8jUq2OknkiG9hSUj%2F%2F1o9ff6zWinOfW%2FKLJ39yfCRnuJIYd3mgBCGXoI4Q6%2Fwr6eihEi92wSdCboFi541vb6G7f0Yo92Hkqri"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache, no-store
accept-ranges: bytes
cf-ray: 8a1fe21a7a764c66-MXP

GET
H3 200 v2.js Show response
js.hsforms.net/forms/embed/ 482 KB
156 KB 67ms
41ms Script
application/javascript 104.18.141.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/embed/v2.js

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.141.119 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee3184f88b136b6ad521ec8d57fcf138b0c78172ee82e5d8773998bebac6486d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
age: 149
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.5387/bundles/project-v2.js&cfRay=8a1fde7c2caa5246-MXP
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"56164b8f5dbcf6e65e555e48d5d6176a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: forms-embed/static-1.5387/bundles/project-v2.js
date: Fri, 12 Jul 2024 09:07:29 GMT
x-amz-version-id: mnlqbpb.vUvH_hPLxl7NeOxIrfIBia92
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 d0d53eedec01ac540f737b5fafb16436.cloudfront.net (CloudFront)
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: b5eecb3b-d0b4-407a-a4f6-90cac537c3c7
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: b5eecb3b-d0b4-407a-a4f6-90cac537c3c7
last-modified: Thu, 06 Jun 2024 13:36:59 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SjtbGacVqUUHNpX%2BncGwtrAX5lsVA75sN83oGo7RN%2F0MuDLtFoGp8JLt6cy9%2F2dDc3cmeQqx3kmdc0m7HlTOUTToITzZ%2FJSLGUwbRehmZcSa3%2BXTVztSMe%2FvyKj1YIrV"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-65f7f7c749-kt4hg
cf-ray: 8a1fe21a98030e66-MXP
x-amz-cf-id: OGJG0FjCdkngWf5WwKKmpB6AHo_8h2vpEs6Y0uyNmn6nClH5AgSVqA==

GET
H2 200 c0c8d819-c7bc-43c9-a80b-7db9c88cd5ab.png
no-cache.hubspot.com/cta/default/1534169/ 42 KB
43 KB 387ms
382ms Image
image/png 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://no-cache.hubspot.com/cta/default/1534169/c0c8d819-c7bc-43c9-a80b-7db9c88cd5ab.png

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60bd6bad64c21fc8b1d3f6bf3fa261780974e6b0489a67a1d02db33fb4c9b7b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 09:07:29 GMT
x-amz-version-id: mQywM4EnlQtO1rXgIPZZ_ORcxGxdaqep
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-request-id: HV4T38TJW8RZAYS5
x-amz-server-side-encryption: AES256
content-length: 42909
x-amz-id-2: 5lIQGFdaUId6eszm25GZoEhM1IDQ+nlPLgaKY8SKv6CGmK4DVpunORfvWcMMQLgK+46xJ9zaokdurIVKzkfHKWq0T2ITjJeGH60gk0sIqzs=
last-modified: Fri, 05 Jan 2024 21:55:07 GMT
server: cloudflare
etag: "52f2133547882c1af4bd99b776191ea7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0TZRFYz12DdHMXdv5Qtu9KMyjF7xQN6%2FGruekWz9j9B60rCAJcSxbiCtEPKEZaGr5qgRECobKdWd3B%2FAd%2Bu9%2FQJjAeGnMVnLBTcjizMuJPqCPjmJkJsrm6X4rIn3LlRzcyhTMJ2zY2M8bOrwwYiYs12w"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache, no-store
accept-ranges: bytes
cf-ray: 8a1fe21a7a7c4c66-MXP

GET
H2 200 e098d357-1710-4cfe-8901-19c93de122f4.png
no-cache.hubspot.com/cta/default/1534169/ 95 KB
96 KB 181ms
177ms Image
image/png 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://no-cache.hubspot.com/cta/default/1534169/e098d357-1710-4cfe-8901-19c93de122f4.png

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5b1ceffda14543118fcc1d2d886fa5049d579ef1d139a7e94efbe9368fa9235

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 09:07:29 GMT
x-amz-version-id: a5wEPE_vNxVsuUiF6y0jYUWP_0fr7ZRz
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-request-id: HV4KYY63PPQDNPEC
x-amz-server-side-encryption: AES256
content-length: 97240
x-amz-id-2: x9ON+b/7xToHMzp9HS1o/UJ8+Fsy7qqSLQniNckU5Yjxmy8oiBeB8zo77KVm0x5TI0y5s6bze/bjxXkYvoUz0R4xg5n8bYy+dyKAOJNc/Wo=
last-modified: Fri, 28 Jun 2024 20:36:24 GMT
server: cloudflare
etag: "a015821c789fe4047a66a1cb79283ff8"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AWsySNM5CSRRT3fAD83XKl2NkVMq2czQP8KTTGKXqAp1eihuJG7biY5yYq20%2B3J8rfgxJllWuG0ZJtooMkOCRo8PCReJvh%2ByleXykUN3wqgDlsBgTO%2FIkzNoXYC6sjU1l5knyFEKoUp2vn%2B4Z8z2DfL6"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache, no-store
accept-ranges: bytes
cf-ray: 8a1fe21a7a804c66-MXP

GET
H3 200 x_twitter_icon.svg
blog.morphisec.com/hubfs/ 460 B
2 KB 121ms
118ms Image
image/svg+xml 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.morphisec.com/hubfs/x_twitter_icon.svg

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1d760682f66979c85193208c7d10daddd5d3e74c6c148bef442a203d330cb22

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-meta-cache-tag: F-141944464032,P-1534169,FLS-ALL
age: 219656
x-amz-request-id: XDQTCF86ZGT8S86D
x-amz-server-side-encryption: AES256
edge-cache-tag: F-141944464032,P-1534169,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: W/"c7279b34bfee002c148f828d14255c4f"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1698243363640
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 12 Jul 2024 09:07:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 ea6b6651a564f3c1a19b54389d1f51e8.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 8OVftkuv4j6Khff8Nb5oAG2Y32IjKCXk
x-amz-cf-pop: MXP64-C2
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-141944464032,P-1534169,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
x-amz-id-2: J605ZHNCNLv59r/7Y4fIJS7qeDZRR4OXnvlQvA9f2Ph9FqEd/eMoeBNuWImBpPHL8tNw1SAxYru01vxg9nPetVp8UKhrzxr9
last-modified: Wed, 25 Oct 2023 14:16:04 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kOiLJGCv8cY2o4E6uIveS8gT53XW2ICr6WFWZa3Q7omzBtMAg6vMPVT%2F8FLbvfg5z786LjQjhMe3DMJ5i8OHty53SKPldTK3LXXz7IJviArGLRXRKGW%2BE3kxJ1z8hF0oYKuiCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8a1fe21a7ca35268-MXP
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: 8kZR4Io38Ap41BuQCOFs5BQJckPg-f5NvcD9p32XnmvAaSIsP9lJ_g==

GET
H3 200 linkedin_icon.svg
blog.morphisec.com/hubfs/ 628 B
2 KB 112ms
109ms Image
image/svg+xml 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.morphisec.com/hubfs/linkedin_icon.svg

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9492eab132c2db0eaef81fea1bb719d8e3f5a11a32f7ebeeea5af202cd4e5c7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-meta-cache-tag: F-141945428832,P-1534169,FLS-ALL
age: 185031
x-amz-request-id: G9RR4EYD5HJBFYAJ
x-amz-server-side-encryption: AES256
edge-cache-tag: F-141945428832,P-1534169,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: W/"3ef5ac1f024120437e19fcc4abf556d8"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1698243363623
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 12 Jul 2024 09:07:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 d8832c768c2be4d7c6d530c47c782e0c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: Bq5Mo6REJV_bnwvIwff4zb93JWXV7_WO
x-amz-cf-pop: FCO50-P3
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-141945428832,P-1534169,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 50pJVwavi1bUWw2cJk6x9Eg3FSZ1tet5vQOjqy6oTkJd2EXksOhfHJPmPQmUUKreGB/ZI7vtfwg=
last-modified: Wed, 25 Oct 2023 14:16:04 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VZuR3EhZX1xemwFjwY3MWuk%2BRPvXF5W1DREJdZvzgmZm3DuIqOoErEPnDEvTFsX5TmDhtKUn6NnOhMwY2EMmG%2FyxA1vlGpk8T%2FNXfSVIDVuLFngw2DV7xCXZU4vFnol6QlWZQg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8a1fe21a7ca45268-MXP
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: 78FT2QAUmCcFHFIOJb_ALPmlu0_hgXdZvLndpe3JKh4DmSodd0d7qg==

GET
H3 200 youtube_icon.svg
blog.morphisec.com/hubfs/ 642 B
2 KB 90ms
87ms Image
image/svg+xml 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.morphisec.com/hubfs/youtube_icon.svg

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

76dd9ffb1b604b0ad3f128d2fe014cc22f934ed40ae792ef9b4600a17866aeb2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-meta-cache-tag: F-141945248869,P-1534169,FLS-ALL
age: 219656
x-amz-request-id: G9RNH9Q32F5V39RP
x-amz-server-side-encryption: AES256
edge-cache-tag: F-141945248869,P-1534169,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: W/"ced4da2370fbc2016321a375dbbed68b"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1698243363649
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 12 Jul 2024 09:07:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 13234883000891123bda3fd8d846da9c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: sJlFqbLZ7aHbNE_.KGb6N9TqRjJsKyuv
x-amz-cf-pop: MXP64-C2
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-141945248869,P-1534169,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
x-amz-id-2: kVLWsLwi6TBMGcF5Uvj6VPRvxdQTnt5GF8Y7VCebiJAcA7imx4YHpVqH4L6ZZB0zZvODfIbfHKhIPMOSwdwDJ7RH7LwnrIbCP9jS9wQzsgs=
last-modified: Wed, 25 Oct 2023 14:16:04 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5TJoXYBgyZWToozfCYhI8M23ZioSMoL%2BI%2F7zfR1IU9bcEn8bZHHpneDsPUPybXSmrZyrd9tcTaPHxNZDRtphfaGnEuCJpsCncAX%2FxWRxDokg76XFgLO2hsvJbwE2sK8sk0EWVA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8a1fe21a7ca65268-MXP
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: ooGP_9w3CVaUgbPqw9TPCIu_4_p7WqNbizHigrGlz_C0Rt-90iVdqA==

GET
H2 200 embed.js Show response
static.hsappstatic.net/content-cwv-embed/static-1.971/ 13 KB
5 KB 89ms
41ms Script
application/javascript 2606:4700::6811:af5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/content-cwv-embed/static-1.971/embed.js

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:af5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98dfeb1d061e8788b320a130a84723813efed0b2518921f30b40cc8a09bf8ecf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 09:07:29 GMT
x-amz-version-id: 1gm1MaaLzWiIBc2FerIVtLdckhSMSaY7
content-encoding: gzip
cf-cache-status: HIT
via: 1.1 1457b830deed1c2472ac9d931556584a.cloudfront.net (CloudFront)
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: MXP63-P3
age: 747406
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 05 Jun 2024 15:05:39 GMT
server: cloudflare
etag: W/"26c40482b55a607cd44486a2958741d4"
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8KA4oUIVxMTFernXWndNNZsMsYsA4w5tvh2Osh2A3WeqOHpxTVFDd3ZEmuH7dXsCWrhrq0r2DcdbCTrEMwytsGUM41RMCDwZ99tpvmUMbFZ9YG%2FES2nTbkQVxYejI7chOEHXMr6JSkD%2BIT%2BZwYGUbqg%2Bc3o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8a1fe21abc430e41-MXP
x-amz-cf-id: O-mQFma6eGdgUw3cS13hgzUsykr6oN1m0jh-7oHO8XnFmaQp6HKMXQ==
expires: Sat, 12 Jul 2025 09:07:29 GMT

GET
H3 200 svgConvert.min.js Show response
blog.morphisec.com/hs-fs/hub/1534169/hub_generated/template_assets/109629951254/1680697800041/2023/js/ 668 B
2 KB 103ms
99ms Script
application/javascript 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.morphisec.com/hs-fs/hub/1534169/hub_generated/template_assets/109629951254/1680697800041/2023/js/svgConvert.min.js

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

46c7b6ee01c236fd8d98d0b7c8f00fba85340c3432932e624d44f7663aef8513

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
age: 2604
x-amz-request-id: 698XNMSNT54TC3V1
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"1cb72e618cce9cc73c57265e9b726362"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1680697800276
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 12 Jul 2024 09:07:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 50f5f6b4e0025748bb74dce1db44c750.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: SZXdPmhYHKeWP0u0ggYIHYhJ0L5KYvd5
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 01267464-31d4-43a6-a861-46b187dc5427
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 150
alt-svc: h3=":443"; ma=86400
x-amz-id-2: IAdAsb4P0gUlHIB8qDJ6vO9vidHdokx+OYvyCZk8IFSXmPvWOu+TRQRBS9FPOss1CsunM+ZFR2mXpP5eKsqOzoMu3Wk9xAXQ
x-evy-trace-route-configuration: listener_https/all
x-request-id: 01267464-31d4-43a6-a861-46b187dc5427
last-modified: Wed, 05 Apr 2023 12:30:01 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z5UDUxYNotdhFuqN4KG%2BfeBdQyAyMIQrH40VDvNgRp1yd3mafYRh9j1dTy3%2BjfeeECA135JrKj56peXd0TT2aKQU%2BEPNan3%2BgerTgmjH5pURPPyFr1kSdrLtvbDxlI%2FLXg85dQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-656644bdb-lrfms
access-control-allow-credentials: false
cf-ray: 8a1fe21a7c955268-MXP
timing-allow-origin: blog.morphisec.com
x-amz-cf-id: VhWS-ezXd8eEm7gMkUI885gqB3tN6cHoMIvkE8x2GBzhClX8iEGiZA==

GET
H3 200 lottie-player.min.js Show response
blog.morphisec.com/hs-fs/hub/1534169/hub_generated/template_assets/110333050473/1681491230914/2023/js/ 359 KB
95 KB 109ms
104ms Script
application/javascript 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.morphisec.com/hs-fs/hub/1534169/hub_generated/template_assets/110333050473/1681491230914/2023/js/lottie-player.min.js

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

40943198e5e26cbcf474c1ed0846442abc4398198117de5251a8840fb421cd13

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
age: 2604
x-amz-request-id: XG4SGBR4WCYYPB6R
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"9540cac57a5805fdde520bb1869134b2"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1681491232806
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 12 Jul 2024 09:07:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 50f5f6b4e0025748bb74dce1db44c750.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: CTo5DkzSjS7Z2UMEH7W3RDGvw45iU9vL
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 3bea0894-ec1f-4332-bd74-a1f475969202
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 153
alt-svc: h3=":443"; ma=86400
x-amz-id-2: oEtMFbclfHGidzjQpEZEWcUFX0jeTliOsGcowMDN2ZJFSVExxLOsjbmj6KaW8tWjkosIgBKK7Mw=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 3bea0894-ec1f-4332-bd74-a1f475969202
last-modified: Fri, 14 Apr 2023 16:53:53 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BM9qUrcWjY0cmImPxxLMri3qd%2B%2FWDBVKeXRiwB3Tl7SpK%2BfMkukVTUr7Yt2woPSiv6Ex6NRRK6RuGyHxGDSRLg3SB6c4sDILBB6RF6DZB3c1mcukGpB8J1%2FSVVFw2ybT28Mklg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-656644bdb-lrfms
access-control-allow-credentials: false
cf-ray: 8a1fe21a7c9c5268-MXP
timing-allow-origin: blog.morphisec.com
x-amz-cf-id: RfDEYOmqcEy2hJzRswpT6dlxiuiFv8gV3bx03VjaHfINplG1NfV3EA==

GET
H3 200 slick.min.js Show response
blog.morphisec.com/hs-fs/hub/1534169/hub_generated/template_assets/110410292559/1681177460359/2023/js/ 42 KB
12 KB 137ms
133ms Script
application/javascript 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.morphisec.com/hs-fs/hub/1534169/hub_generated/template_assets/110410292559/1681177460359/2023/js/slick.min.js

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b011f48059b6591b0d266a9abdf45d9263e702059d29a207e770ddb87b49c72

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
age: 2056
x-amz-request-id: D1Z76D2B4MXFQQR8
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"f6085c5be1a35b91955cf9abd5b2b0ea"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1681177460907
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 12 Jul 2024 09:07:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 c6b0d1d85b2590c57ac754bf9e61944e.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: uoS3eYGmK1dPCzG_bq7yGgNyq7YIozdd
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 449ed9a6-9e22-4b1d-bce9-f7a0bb05180b
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 214
alt-svc: h3=":443"; ma=86400
x-amz-id-2: RHsdXISb9Ka8uTpgm1raBYAXITzgR33tpgUGdJ9D3UlZX9QBPDq6eOt+vTuIx7bhVCKR/4+AJ5I=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 449ed9a6-9e22-4b1d-bce9-f7a0bb05180b
last-modified: Tue, 11 Apr 2023 01:44:21 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9L8yoZildzAyZm5RULn%2FUyRjpam%2BFEO4bRCKeSuiMeN5LnkE%2BW60ogQYCQwTZ1HKCyi0%2FYMyDjr3RppjXpu1ykufsN7w%2Fab1HpSwDgKKN9btIkdgkEbpMhGdq8mCXOKhizEk%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-656644bdb-tjdnr
access-control-allow-credentials: false
cf-ray: 8a1fe21a7c9f5268-MXP
timing-allow-origin: blog.morphisec.com
x-amz-cf-id: SFZxPxi131VX8ikwaIlJWqUs-ajIQlwWyFKWOopKKUtyHMhyuqRF1A==

GET
H3 200 module_109590708858_Header_-_Global.min.js Show response
blog.morphisec.com/hs-fs/hub/1534169/hub_generated/module_assets/109590708858/1718666704342/ 1 KB
2 KB 134ms
130ms Script
application/javascript 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.morphisec.com/hs-fs/hub/1534169/hub_generated/module_assets/109590708858/1718666704342/module_109590708858_Header_-_Global.min.js

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b28f2758dd0c48fa0e8e33ccfee02f1b581b93484aae2af63190df3d4bcc068f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
age: 2604
x-amz-request-id: FDBR0KY1X16R5WE3
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"48cafa9929e94f1a90da5d8bff870b98"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1718666704342
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 12 Jul 2024 09:07:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 824fe21e467658628899bdd8725649ee.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: Z8bW_Nc0jF3khU_5_zx9kQwF.kZyIvdN
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 3bbf2536-c00f-4eda-8720-702b9ec563ae
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 111
alt-svc: h3=":443"; ma=86400
x-amz-id-2: PrlT5tieoDSP31zHlaSifKdlhgRqb1EeeIrUNEm9cCJc0oFivoyojuk9lROT6WxNzpAEsUaqhZ8=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 3bbf2536-c00f-4eda-8720-702b9ec563ae
last-modified: Mon, 17 Jun 2024 23:25:05 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qAJrS3t6rAt7eax5alhXRYoCQS%2FlMdGgSN09G7wwQpJ6eblm9%2Bfk2xt1jWBNu8oYqFK%2F43Q%2F27wR2keGKESBCkGLGhttO6VkpvjnpXXHKpRqA9Qo2rlzT46qnRwUAGibI%2BYvPg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-656644bdb-tjdnr
access-control-allow-credentials: false
cf-ray: 8a1fe21a7ca05268-MXP
timing-allow-origin: blog.morphisec.com
x-amz-cf-id: b4Mu_o4GrlMjBlDUUV3O2HWpyIsI3GVU9PVkZL1GhlqZLwIj20sKUg==

GET
H3 200 module_-2712622_Site_Search_Input.min.js Show response
cdn2.hubspot.net/hub/-1/hub_generated/module_assets/-2712622/1720647964806/ 4 KB
2 KB 56ms
52ms Script
application/javascript 104.18.91.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/-1/hub_generated/module_assets/-2712622/1720647964806/module_-2712622_Site_Search_Input.min.js
Requested by: Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.91.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 863886e2347be57cf71d7ed3fc614593e94bbce61858cd8c0761ba7a78d2ace4

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding: br
age: 127157
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"f9134a973469f840bf03f740af92c65f"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1720647964806
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-evy-trace-virtual-host: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 12 Jul 2024 09:07:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: f3f0504b-2319-40fb-aee2-dc3a3afd37a7
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 163
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: f3f0504b-2319-40fb-aee2-dc3a3afd37a7
last-modified: Wed, 10 Jul 2024 21:46:05 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j0ElUcsEk1WuBc%2F0QWJz9wNvFdU185E%2FjSgg4zq8WcUBBFZk1vGLDuK7ebu1zGNOEirOwedyMRJpIRi7jrYdI0GwwrdJal%2FHyVK5LwyW4k1I9DNVPd%2Fwolk%2FOO8m6GbgG4s%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-cdn2-td/envoy-proxy-7bc58b7fb6-g67cx
cf-ray: 8a1fe21a7d5a5250-MXP

GET
H3 200 lazyload-min.min.js Show response
blog.morphisec.com/hs-fs/hub/1534169/hub_generated/template_assets/36272650673/1603042259630/2020_-_UIS_-_Template_Folders/Vendor_JS/ 8 KB
4 KB 135ms
133ms Script
application/javascript 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.morphisec.com/hs-fs/hub/1534169/hub_generated/template_assets/36272650673/1603042259630/2020_-_UIS_-_Template_Folders/Vendor_JS/lazyload-min.min.js

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cb079eb01e730c435ef0b80f62f636245fa0f8f0e86c144935e42a8dd12a545

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
age: 2604
x-amz-request-id: 60PS19102AHKFCP6
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"67744f609bc5dbc8a0fb9fe0d5005f25"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1603042259630
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 12 Jul 2024 09:07:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 baddfcb4f2a6876b4fcc03bcd62427ee.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 4SGyaLwa93KERwdBmZy9UM4.3aqx9djg
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 9bf7a7d5-5602-45ba-8285-d8c3d4479514
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 175
alt-svc: h3=":443"; ma=86400
x-amz-id-2: cAeQuoUwECAA4f/+kiXZnh5GEPWt7H1rfslH6cel92fTXi5ZTLJ1WwV2c/pNTLW+PkOLEM6B77I=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 9bf7a7d5-5602-45ba-8285-d8c3d4479514
last-modified: Sun, 18 Oct 2020 17:31:00 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oGT2TcLhrbAMLj6KT7ieQaXefYTFxvbR10%2BxSZiNsyCDHwlNp2BveLJ5Aubs5z5qph4ZFNTDTNHtr38KQhp%2BuEGA6MFsxkDUC4i0HODzTPiTrFSN3S1aG9We%2BltprMo2ar0OnA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-656644bdb-x5qbk
access-control-allow-credentials: false
cf-ray: 8a1fe21a7ca75268-MXP
timing-allow-origin: blog.morphisec.com
x-amz-cf-id: KTRZJ3Gc_LRn-iY3ylcKpNwXelQ5fxlEt06gBwhmVs6xbDkPD4-60Q==

GET
H3 200 vide.js Show response
blog.morphisec.com/hs-fs/hub/1534169/hub_generated/template_assets/6224156614/1569821730014/Morphisec/Coded_Files/ 4 KB
3 KB 125ms
122ms Script
application/javascript 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.morphisec.com/hs-fs/hub/1534169/hub_generated/template_assets/6224156614/1569821730014/Morphisec/Coded_Files/vide.js

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

be3950dab42791bb50d60a09c80869ba8c86f7dab74eff23b91a365d0c710831

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
age: 2054
x-amz-request-id: P553ZQM2EDM003BS
x-evy-trace-route-service-name: envoyset-translator
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"901e2d8fd2af243d3d8dd68e38fa22da"
vary: origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 12 Jul 2024 09:07:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 2e50d9b1ee017f302768660f02b7418e.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: xCDhIWpBzbsqxgnqK8jsUmPM_UWe2ml.
x-amz-cf-pop: IAD89-C1
x-hubspot-correlation-id: 37796c96-5e20-4cf0-88ad-bf5811a7b1dd
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 129
alt-svc: h3=":443"; ma=86400
x-amz-id-2: m9+ocZVcws9zVZDj0asaWb2T2WcBVAAlFwgzs44Z/7I2fAiOy64BXwLTSyeghS5WQ1QgGQzQIX/uWPwNrGrtQdsCi2wmCjHH9qCmcqIO7Ew=
x-request-id: 37796c96-5e20-4cf0-88ad-bf5811a7b1dd
x-evy-trace-route-configuration: listener_https/all
last-modified: Mon, 30 Sep 2019 05:35:31 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kmrFBHZBg7Zd4VVP%2BiBeQ8CZfrsyHIWsx5nFKF2879bOpIYzE4dv4cGNQEg5aI3U4esjiBLZpmU6NxqlsR9ASk%2BgUD%2FQTMyT3ydRvUUeXz%2Ba68mL459J7HoGvn8bidyJjQwbRA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-656644bdb-jn7vt
access-control-allow-credentials: false
cf-ray: 8a1fe21a7ca95268-MXP
timing-allow-origin: blog.morphisec.com
x-amz-cf-id: 4ItJp3PfHLfMrhvGpK4oO20n1LEC4fWIBJndtnCWoMnuubn3twUl6w==

GET
H3 200 magnificpopup.js Show response
blog.morphisec.com/hs-fs/hub/1534169/hub_generated/template_assets/6224925249/1569821730326/Morphisec/Coded_Files/ 20 KB
9 KB 99ms
97ms Script
application/javascript 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.morphisec.com/hs-fs/hub/1534169/hub_generated/template_assets/6224925249/1569821730326/Morphisec/Coded_Files/magnificpopup.js

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
age: 2604
x-amz-request-id: JZ4R1M0XEN59HA08
x-evy-trace-route-service-name: envoyset-translator
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"ba6cf724c8bb1cf5b084e79ff230626e"
vary: origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 12 Jul 2024 09:07:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 5c91d033409cd7607633594f94b09064.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: AenlXmDNTXiJmWpCG4hF_X9US4k8ofw.
x-amz-cf-pop: IAD89-C1
x-hubspot-correlation-id: 400f9d7d-f0e8-4a64-9652-58f168564b84
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 168
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 0cA0WNlFy3YqnV/Wwyzzevo6F5wNRCbNKerUxaoWEKoMN2yGcOHMM/QaCZWwxlIxC7cl2qMMGv3IaLeeGb6048ASKAg58gtLLcpYn7wT4uw=
x-request-id: 400f9d7d-f0e8-4a64-9652-58f168564b84
x-evy-trace-route-configuration: listener_https/all
last-modified: Mon, 30 Sep 2019 05:35:31 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pIaYa6I7DdIWfyTld%2F%2F0Lx0Ub5hIdrzIf20L3RRwdEKf4D0rYxx2ilB6cewVbbM%2BXYuSNyPJW8n%2B57HA4aobIxGRInqtPwAg%2BLPkkOmVp0XqNV%2B3ZLbtoR6W0ZS1aFAuDu4h1A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-656644bdb-tjdnr
access-control-allow-credentials: false
cf-ray: 8a1fe21a7cac5268-MXP
timing-allow-origin: blog.morphisec.com
x-amz-cf-id: kvL9MeMyffF68A12pT9uh7ugo0WYPyoQY4vzKZuFAg7tZiNBoPBtww==

GET
H3 200 Morphisec_Sept2018_script.min.js Show response
blog.morphisec.com/hs-fs/hub/1534169/hub_generated/template_assets/6213834399/1671716921459/Morphisec/Coded_Files/ 166 KB
43 KB 134ms
132ms Script
application/javascript 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.morphisec.com/hs-fs/hub/1534169/hub_generated/template_assets/6213834399/1671716921459/Morphisec/Coded_Files/Morphisec_Sept2018_script.min.js

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c5f683908c190d5f9f618337d8d7c586d735f1ace24afdc81208dbf52a5f45c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
age: 2604
x-amz-request-id: 60PKSPWPVERYHG2M
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"f7327c38d9f5aeef245b0ee300152178"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1671716922383
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 12 Jul 2024 09:07:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 d1cde188ada6755fe03b8541b71fce4a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: YMjvkoc5EhQ12za.7KqifcSwG8LKYS3S
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: eac3cd15-9495-490c-8884-e63eae06baf9
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 213
alt-svc: h3=":443"; ma=86400
x-amz-id-2: aIfsUNet6oYYdTBWBxjfp0v917wGVM46z18sMoFIPcpcUqaJED5bPfxY1FLcibuDBIJU4Dn30KEYrtEUHwK1xeK3aUCJNphc
x-evy-trace-route-configuration: listener_https/all
x-request-id: eac3cd15-9495-490c-8884-e63eae06baf9
last-modified: Thu, 22 Dec 2022 13:48:43 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wqcPj%2FQZ1iDDRXkUDx2Tt6FGBJKdONYRS5Jaxu5ZQE33GuKEC0oGGX2NubBmh8yF%2BdZaaHHGPJwJX1OrQOFT5WLgy3tsFX3%2FBSR%2FJlHYowa1QkwMnNfkk0eScNkwwbIeu%2FdXAw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-656644bdb-lrfms
access-control-allow-credentials: false
cf-ray: 8a1fe21a7cad5268-MXP
timing-allow-origin: blog.morphisec.com
x-amz-cf-id: O6swmMYsESHWrzb-DCEtaLJH-EuCK5NBELb9qoIEATsuavdHAQfnQg==

GET
H3 200 1534169.js Show response
blog.morphisec.com/hs/scriptloader/ 3 KB
1 KB 85ms
82ms Script
application/javascript 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.morphisec.com/hs/scriptloader/1534169.js

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

40b2a62fa46893ec1e11caf8f475d3df6fe70cdfe7e9a4e6315134fe984eefb6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 09:07:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 2
x-evy-trace-route-service-name: envoyset-translator
cf-polished: origSize=3053
content-security-policy: upgrade-insecure-requests
x-hubspot-correlation-id: 690c0003-0fc6-4ee8-bd9f-6663b4131d76
x-envoy-upstream-service-time: 10
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 690c0003-0fc6-4ee8-bd9f-6663b4131d76
last-modified: Fri, 12 Jul 2024 09:07:27 GMT
cf-bgj: minify
server: cloudflare
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://blog.morphisec.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-7dd59b876-jdjql
cache-control: public, max-age=90
access-control-allow-credentials: true
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GFeG5dHb7w6gvQXr5sgsYRwLI9auWY5jJRn9wCZhhPd91F2%2BkzU7lmzFvKd7KCsc5JGikdlDgyodM7I88WmZdqK0kuY8wVBofUiyMEf6IMIxYavjxdyWgypeDlx%2B%2BPgDcHeM9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8a1fe21a7caf5268-MXP
expires: Fri, 12 Jul 2024 09:08:59 GMT

GET
H3 200 index.js Show response
blog.morphisec.com/hs/hsstatic/HubspotToolsMenu/static-1.321/js/ 12 KB
5 KB 134ms
131ms Script
application/javascript 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.morphisec.com/hs/hsstatic/HubspotToolsMenu/static-1.321/js/index.js

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f826bcac220a5475477ee65fae659b0d8292d038d180a122df67fadb6742ed52

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 09:07:29 GMT
content-encoding: gzip
via: 1.1 71f808ad45a98980e167f452a2aaf882.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 6781448
x-amz-cf-pop: MXP63-P3
x-amz-server-side-encryption: AES256
content-security-policy: upgrade-insecure-requests
x-cache: Hit from cloudfront
x-amz-version-id: 1rlxLpliQ7bEVIEMqiesE48_Sx9RmqkP
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 20 Mar 2024 15:59:57 GMT
server: cloudflare
etag: W/"5885ac5129ee80f8b7e1e228e142587d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lbyxtH8pSM5S4noHjZStpf%2BoXt4t6QGCkt69YDxit5nkTLbc4hIrugnyVj0mk2gapBqOKPOZUY9ReZiLoLEAqED8LP6pRppSpnGKYgnjstAc72ihKgNkuJ4stOG%2BoJMeEuFFkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8a1fe21a7cb05268-MXP
x-amz-cf-id: Q8xnKz9DMsv4gVl7Af7CYezRpDbqpCCj304G5ZhiXhF-CeK-GQGYHQ==
expires: Sat, 12 Jul 2025 09:07:29 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 310 KB
107 KB 110ms
49ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PQBJZ8K

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9ed4ee028b62fc35262ac5fe78181d6cf1b05fad812aa3c021ad28c88722cf2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 09:07:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 108937
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 12 Jul 2024 09:07:29 GMT

GET
H2 200 banner.no-autoblock.js Show response
consent.cookiefirst.com/ 98 KB
35 KB 52ms
50ms Script
application/javascript 2400:52e0:1e00::1080:1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiefirst.com/banner.no-autoblock.js
Requested by: Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/sites/morphisec.com-e09f147d-1c6f-4132-9a2b-2a82974b5289/consent.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: Cookie First CDN-DE1-1080 /
Resource Hash: 20cbf0257211c27b38b47a8bcf3f0aa0e9dc4d96e25f714848282096e2e5a040

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 09:07:29 GMT
content-encoding: br
cdn-edgestorageid: 1081
cdn-storageserver: DE-663
cdn-cachedat: 07/11/2024 08:32:38
cdn-pullzone: 236985
visitor-location: IT
last-modified: Thu, 11 Jul 2024 08:32:37 GMT
server: Cookie First CDN-DE1-1080
cdn-fileserver: 588
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"668f98a5-1883e"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: d602dab6-3f92-4809-a378-608fd2b89403
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control: public, max-age=1200
cdn-requestid: 74018496e1724cbfa0d32f3e3951b506
cdn-requestcountrycode: IT
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, traceparent
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 hotjar-3506314.js Show response
static.hotjar.com/c/ 9 KB
4 KB 131ms
49ms Script
application/javascript 18.66.102.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3506314.js?sv=6

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-11.fra56.r.cloudfront.net

Software

Resource Hash

dbba51d69f3cfdd66361a4e55d56387c6c9933fe649ae476ef90715afd1786ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Fri, 12 Jul 2024 09:07:27 GMT
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 2
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/0872d7e4273c23b9d56b970ce410276c
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: k3MskOX5I2lJRlhCdlPQp-opRTytHcQGLYUfO9UVcbbgJqT9vwUVIQ==

GET
H2 200 css2
fonts.googleapis.com/ 57 KB
3 KB 139ms
53ms Stylesheet
text/css 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,600;1,700;1,800&display=swap

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/hs-fs/hub/1534169/hub_generated/template_assets/110809165900/1719863796001/2023/CSS/old-style.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f322afdaf7184e4ddd7fca589f89cdd7e2e2721dffbf8abed7cb1eca88b0915f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://blog.morphisec.com/hs-fs/hub/1534169/hub_generated/template_assets/110809165900/1719863796001/2023/CSS/old-style.min.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Jul 2024 09:07:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 Jul 2024 07:50:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Jul 2024 09:07:29 GMT

GET
H2 404 version.json Show response
consent.cookiefirst.com/sites/blog.morphisec.com-e09f147d-1c6f-4132-9a2b-2a82974b5289/ 678 B
1 KB 165ms
79ms Fetch
text/html 2400:52e0:1e00::1080:1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiefirst.com/sites/blog.morphisec.com-e09f147d-1c6f-4132-9a2b-2a82974b5289/version.json?v=1720775249121
Requested by: Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.no-autoblock.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: Cookie First CDN-DE1-1080 /
Resource Hash: f62504abbb867b0d53b4d90d746313621819f2c5d39ceab4695ac2b0ef8cf223

Request headers

Accept: application/json
Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 09:07:29 GMT
content-encoding: br
cdn-edgestorageid: 1082
cdn-storageserver: DE-679
cdn-cachedat: 07/12/2024 09:07:29
cdn-pullzone: 236985
visitor-location: IT
server: Cookie First CDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 404
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cdn-cache: MISS
cdn-uid: d602dab6-3f92-4809-a378-608fd2b89403
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control: public, max-age=5
cdn-requestid: 80f44afcdbb52c720ebe5a43cc4d3035
cdn-requestcountrycode: IT
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, traceparent
cdn-status: 404
cdn-requestpullsuccess: True

GET
H3 200 Montserrat-Regular.woff2
www.morphisec.com/hubfs/fonts/ 64 KB
66 KB 181ms
146ms Font
application/font-woff2 199.60.103.225
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.morphisec.com/hubfs/fonts/Montserrat-Regular.woff2

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/hs-fs/hub/1534169/hub_generated/template_assets/109621200285/1680693252014/2023/Fonts/fonts.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.225 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3437637c88e40ab5f57b1e37129d03ebb7594a6fc8ea56061284c93f8088beb8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://blog.morphisec.com/
Origin: https://blog.morphisec.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-109620535302,FD-109627043208,P-1534169,FLS-ALL
age: 219655
x-amz-request-id: CP7X116E1XT8FZHM
x-amz-server-side-encryption: AES256
edge-cache-tag: F-109620535302,FD-109627043208,P-1534169,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: "6b8307d4d485772acfa7afe8265fb942"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1680693119101
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 12 Jul 2024 09:07:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 71d15e4317f9ba4644f6c17f42ef94c8.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: nSDGlIqPXu9uV3l2fdqqNA5m3fzDIOo2
x-amz-cf-pop: MXP64-C2
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-109620535302,FD-109627043208,P-1534169,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 65900
x-amz-id-2: urRJcqtWIsIsuTOU4SMAd+rjwNdm774EDlKO36+cpRUo2kvDKuphAHEHU4649Gm2zzBHO4ADkhs=
last-modified: Wed, 05 Apr 2023 11:12:00 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=11wJB7l1AZ4lyOKUtGUtoy%2BLqCnEX6y0xPxat8MwHQfNfrXnBm0U%2BqI6qa4sN2Ukb1UExkGgGVwKFjo3PE5ZXFHyum4Vioy%2FlAIYzWxW2RwvYHBIaWa2uhKWFo53oMQK7hdj"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8a1fe21b9e673746-MXP
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: frag-gXBPd6mKdpiGwwZcp3thE1fp1kiaiRcz0B3fB8yxtRxcAEsQQ==

GET
H2 200 modules.e4b2dc39f985f11fb1e4.js Show response
script.hotjar.com/ 223 KB
56 KB 128ms
44ms Script
application/javascript 13.32.27.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.e4b2dc39f985f11fb1e4.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3506314.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-107.fra56.r.cloudfront.net

Software

Resource Hash

619feac205d68f6356fcad13d6758533011a8acc7830e3deb0f763249d7516c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 01 Jul 2024 08:11:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 953782
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56291
last-modified: Mon, 01 Jul 2024 08:10:34 GMT
etag: "ca025d2d8ae4b3dc51e058b782590501"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 8uuUkrwVOz25cV7_NE4dAifAp03cLqKcZnVkqVNnS43vCCcJ7W5CbA==

GET
H2 200 3c83d6d5-0c56-47b7-8aee-ae6edf73c360.png
no-cache.hubspot.com/cta/default/1534169/ 2 KB
2 KB 180ms
179ms Image
image/png 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://no-cache.hubspot.com/cta/default/1534169/3c83d6d5-0c56-47b7-8aee-ae6edf73c360.png

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d0faa1510d3999ee6ce630052e0f8c562acc8b69380ceb4e7f812aaa4c5303f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 09:07:29 GMT
x-amz-version-id: ulKQMNoMzME6ZWTBPDeq_A_qJjzsu_Xz
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-request-id: HV4TJF7DV8DWSBQT
x-amz-server-side-encryption: AES256
content-length: 1631
x-amz-id-2: z+cx+egyvB6SMzEPQWBpLgz8EPOvlBQLcwALNhfrifEaVEmvYkWXmx1GBXl6RVkGHG9sE3RHBECfJ6bwCqp44bWmChTMkubc9KgAzUKtdF8=
last-modified: Wed, 05 Apr 2023 16:30:06 GMT
server: cloudflare
etag: "3d5f63abc7db36507720723f2c0d0e15"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sjm8Xg%2FdBU5XLlAk6Bvc%2B5FMZ0O3F08qD8eptq677Zobaqq0hyiFUWxXEk76RFYLoptuGOVnRgPiNBSDRyV0i%2BdDZ%2F8BR25e25BN%2F989e%2B8zzj4AsgOYNAcCC6syT7Yg5zDVNuiCexJX79llEOPGg7jX"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache, no-store
accept-ranges: bytes
cf-ray: 8a1fe21b6c334c66-MXP

GET
H3 200 arrow.svg
www.morphisec.com/hubfs/ 271 B
2 KB 149ms
111ms Image
image/svg+xml 199.60.103.225
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.morphisec.com/hubfs/arrow.svg

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/hs-fs/hub/1534169/hub_generated/module_assets/109590708858/1718666705155/module_109590708858_Header_-_Global.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.225 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8178a23344ec8e9b3f599125e10c07ec57bd94f1790a8b5b04f16d11747faded

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://blog.morphisec.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-meta-cache-tag: F-109679247133,P-1534169,FLS-ALL
age: 12542
x-amz-request-id: 5MM3C30X80GPG8Z0
x-amz-server-side-encryption: AES256
edge-cache-tag: F-109679247133,P-1534169,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: W/"4e0f4888e02de418e83ed88b0fb6b77b"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1680710835406
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 12 Jul 2024 09:07:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 298295dc49d01ca277aeb7439bbb326e.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: NbewtlYhb0U79FAEY4s37zmrf8HRhCTq
x-amz-cf-pop: MXP64-C2
x-hs-alternate-content-type: text/plain
x-cache: Miss from cloudfront
cache-tag: F-109679247133,P-1534169,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
x-amz-id-2: IIK/JIV6ZNMBFKauqAG2FzGLS3nMt4gZs4cKU9YjdXv4uUiIuKV2T4CPNljpi9smfUbrmsfmZNo=
last-modified: Wed, 05 Apr 2023 16:07:16 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l1Zg2clZqFkbwECbQJpGKYl1LGqJKrtJj3gdwBU%2BbKs9%2FFB4BDHPwQHH4TaBHhZgQ%2BY43nnFATaEOTVvWM4S66Q4NTHiu8jJ4fW7%2F8wqLbClvdYZQBgMD9Gmhb5m%2FnPSU%2BzQ"}],"group":"cf-nel","max_age":604800}
cf-ray: 8a1fe21bd8b0baff-MXP
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: 60u7PIn0-oIvwtqmysz_8bp_uL-3Lbq5ATLgE_dtbTFZZ-L5esMDxg==

GET
H3 200 arrow-white.svg
blog.morphisec.com/hubfs/ 349 B
1 KB 90ms
90ms Image
image/svg+xml 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.morphisec.com/hubfs/arrow-white.svg

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d19d09e24c8a6da58f2db0561d49f8719a08c9d80561578116bf155a615bd98a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-meta-cache-tag: F-109627044436,P-1534169,FLS-ALL
age: 219655
x-amz-request-id: G8BWCSMMZDAVYXFD
x-amz-server-side-encryption: AES256
edge-cache-tag: F-109627044436,P-1534169,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: W/"60bbbc0bc1edd1fb7cca1a100a63be01"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1680694543135
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 12 Jul 2024 09:07:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 3e8c7159e6734f06c78a06c36a369370.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: KMw_AMABoswm8oNvOvnloHZvZpdq9inh
x-amz-cf-pop: MXP64-C2
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-109627044436,P-1534169,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 68h65Ze/9fjDkMGb4KIRsJhDb9I13fy4v/GwgovfzKkODef+9N96B1/1KAYnqwC8Ce9MIhxbNDA=
last-modified: Wed, 05 Apr 2023 11:35:44 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q0G7yoKQCYlrAq5giebMe5zCwLtj%2BXoIasWF4%2BaRlspNr%2FwLDgyuKU4k2WGt2MqJ5v9kQyT9A7nACD7I56rFMJHGb6i3IUQp0bamQ1eh%2FaP2L%2Fng7vRfL%2F6J5IAfo83R%2Fakung%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8a1fe21baeb15268-MXP
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: LG0sSiwwQDcrqLi65G0mCQVA7Y-9m_F4FreiJpQMKoTqEl4TLmcs5w==

GET
H3 200 cybersecurity%20threat%20research%20blog.jpg
blog.morphisec.com/hubfs/ 4 KB
5 KB 68ms
68ms Image
image/webp 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.morphisec.com/hubfs/cybersecurity%20threat%20research%20blog.jpg

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad5d4193328e2083398686d67b7e67b9d7ab9b935d745746d186c33d07bf4a65

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-129397473892,P-1534169,FLS-ALL
age: 110357
x-amz-request-id: CH6GVF0ZZZNSVNM8
x-amz-server-side-encryption: AES256
edge-cache-tag: F-129397473892,P-1534169,FLS-ALL
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="cybersecurity%20threat%20research%20blog.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
etag: "2b7b7ed7eb036c12623f2218a7bab31b"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1691668529263
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 12 Jul 2024 09:07:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 f3725fc3050adfa31f8eedaa3ab18d9c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: c0ZTjM3EuQi57sUJlqRjc9N65oFUDRbx
x-amz-cf-pop: MXP53-P2
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=26491
x-cache: RefreshHit from cloudfront
cache-tag: F-129397473892,P-1534169,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 3770
x-amz-id-2: aDuMbYdUQufNgqCQ9azkJGSNWc7NmrwUKtV7Movcq8Dy7mfp4mUPYgjIT5fMdnmW0Zo98l5+c4IguspvrSlBHJN1pDGVrS/z
last-modified: Thu, 10 Aug 2023 11:55:30 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JtpKJFvV%2BhNSMko7SFxSlc8RUyzKt27G1ZePTy2vW4Zl8SoGbX%2Fg9yF7OB87EKizEffdCZDcuPzqKpIohgmUIIe4EyrCzoBhi%2BIMgEWaAIayH2LEkSgRVODkcOoHaJkpnRVXTg%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8a1fe21baeb35268-MXP
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: 9AauRhtLQ-2z-eVZc5vNwYWfctqpjTSR2prnv_S3UXaBoWIbjMsLow==

GET
H3 200 footer-bg-01.svg
blog.morphisec.com/hubfs/ 1010 B
2 KB 63ms
62ms Image
image/svg+xml 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.morphisec.com/hubfs/footer-bg-01.svg

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

afebc654252e2e6725166fd88386decd2d62cbae24cf76f93af01051afcd22bf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-meta-cache-tag: F-110476466060,P-1534169,FLS-ALL
age: 218006
x-amz-request-id: G8BQB0R6HWX9M4JZ
x-amz-server-side-encryption: AES256
edge-cache-tag: F-110476466060,P-1534169,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: W/"2ede0c7ada32266a0c611cfc210050ce"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1681221340353
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 12 Jul 2024 09:07:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 3c015e946da40663bafaddc790a7bb6a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: _gIdfKK3n3930Ooq3mAnm0BVYetLtdSX
x-amz-cf-pop: MXP64-C2
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-110476466060,P-1534169,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
x-amz-id-2: wZJYYlU2f7Ftzede7cnA7i/PSgDLq8tFCPqwRsdM7ZkTdV9CUFs95WYdyv5BCoQ/VlYygR0blwgTe6JqIhyN4w==
last-modified: Tue, 11 Apr 2023 13:55:41 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uZEzTRjDQNkamuxnSVOSIQuukPCyWgVq8UOlG%2B9W7ubn7ev2D4Q0Vzi%2FXf%2Bt3dtDpGhQfAFQPj83d%2FmYt3Dn2Bo6G09pd4Mh1Wk2rq7nf4QuTgJptSE6PuJZ01Ysq%2Fqjdcat9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8a1fe21bbeb85268-MXP
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: Bu5BmR71Jb9JyFP2MZlq8u52ZwX9_U7M-Es0mvABQHgCHunnYFbTMA==

GET
H3 200 Montserrat-SemiBold.woff2
www.morphisec.com/hubfs/fonts/ 65 KB
66 KB 93ms
92ms Font
application/font-woff2 199.60.103.225
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.morphisec.com/hubfs/fonts/Montserrat-SemiBold.woff2

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/hs-fs/hub/1534169/hub_generated/template_assets/109621200285/1680693252014/2023/Fonts/fonts.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.225 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3d8c648b4ec40e2369730c552db76ad40994c6dd489ff87b28f6fc1ea2ced96

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://blog.morphisec.com/
Origin: https://blog.morphisec.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-109621325689,FD-109627043208,P-1534169,FLS-ALL
age: 219656
x-amz-request-id: HTKS5TGC6DB0AM55
x-amz-server-side-encryption: AES256
edge-cache-tag: F-109621325689,FD-109627043208,P-1534169,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: "09e9af57c990afbf2833f00d90880b6b"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1680693119436
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 12 Jul 2024 09:07:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 6266dd3ac90488da9055f1b5c43dd138.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: N4AY2AcWVnuw91nHKeLaBhsvto1u2FqE
x-amz-cf-pop: MXP64-C2
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-109621325689,FD-109627043208,P-1534169,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 66104
x-amz-id-2: 4y0RRC1/GfNdOLss2sa1KA8q8Jhvt3QtB+/2tAyh8Jz0Y6LoV595m63HeY8GfwVbohJeFLNLuQg=
last-modified: Wed, 05 Apr 2023 11:12:00 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fw4TSeD4VilQOzT2Z9mnfaEBF0tv9Qd1x%2Ffc3QvgcNoiUgRcfXV5iFWnyXN8%2BpCHEywZbTGlz6phEfdAyK3V6QWyxb7XY3axkTU1EkBOq%2B4b91OCrsrYPYNXN84tFzrZghLd"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8a1fe21bdeeb3746-MXP
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: ZQTsDh4dxBuepFhniBFyFYhDe8wZhZ9v3Lggde_HA1RJPLX-Gx4EJw==

GET
H3 200 Montserrat-Light.woff2
www.morphisec.com/hubfs/fonts/ 64 KB
65 KB 129ms
128ms Font
application/font-woff2 199.60.103.225
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.morphisec.com/hubfs/fonts/Montserrat-Light.woff2

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/hs-fs/hub/1534169/hub_generated/template_assets/109621200285/1680693252014/2023/Fonts/fonts.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.225 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

636ecb5784f08327b02a785d4bbd25f44b0eeb98b3a8391ec47c0af6b87554a8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://blog.morphisec.com/
Origin: https://blog.morphisec.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-109627043216,FD-109627043208,P-1534169,FLS-ALL
age: 219656
x-amz-request-id: HDCYC49CPFE2QT4Z
x-amz-server-side-encryption: AES256
edge-cache-tag: F-109627043216,FD-109627043208,P-1534169,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: "aab897981ce728bf9faaf8d7e9273e82"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1680693119255
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 12 Jul 2024 09:07:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 7c3241a948c4d88d2b9d7793615eaf0c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: pc80gFZ4d8MJD6P02C8Utp.DAeRoai1s
x-amz-cf-pop: MXP64-C2
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-109627043216,FD-109627043208,P-1534169,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 65268
x-amz-id-2: TZollc+UiM/qkYFLrMxd6gZU0uVoxhOrCIotKaIHeBOQFiwMI92BFsiZR5CbRtjmxWu0Kgqti7E=
last-modified: Wed, 05 Apr 2023 11:12:00 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zh7Zkf7SPWqLGH9%2BjuOgRlv4BvQ7DkWrW%2FAP6wJYMUp%2BDOTQr35koB7iYd4ANB3U3kjt2KDA7u6oNOxCkJoJqyan%2BB6BJY2a%2BnYYqhDUITS%2BuLb6tpzIRd8hIfvsMbj01wSr"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8a1fe21bdeed3746-MXP
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: DgVvH_tZ3QtLrF3TzEMvwW7ZTvDs9opVgz0s47nK2aLlyBnt6NrmOw==

GET
H3 200 Montserrat-ExtraBold.woff2
www.morphisec.com/hubfs/fonts/ 65 KB
67 KB 75ms
74ms Font
application/font-woff2 199.60.103.225
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.morphisec.com/hubfs/fonts/Montserrat-ExtraBold.woff2

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/hs-fs/hub/1534169/hub_generated/template_assets/109621200285/1680693252014/2023/Fonts/fonts.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.225 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8dfa70f0dccd44f1f69659a7d4715aef17d48c4a8f88d4868b919fc9aabb453

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://blog.morphisec.com/
Origin: https://blog.morphisec.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-109628007973,FD-109627043208,P-1534169,FLS-ALL
age: 179636
x-amz-request-id: MVD3PAN2ZQ5REDJA
x-amz-server-side-encryption: AES256
edge-cache-tag: F-109628007973,FD-109627043208,P-1534169,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: "4e861b47db165af12ec0447c91b0167f"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1680693119362
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 12 Jul 2024 09:07:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 18ed774d313b70b8e2b1c10f6f30ee3c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: Ai1BLbuGpLfH9Dc8qMneVI9MZINf4ZFA
x-amz-cf-pop: ATH50-C1
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-109628007973,FD-109627043208,P-1534169,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 66876
x-amz-id-2: hyfldSIqkhMA4cu45vHp185l9zoSjXmMcm07Nwsy+8ZH187cGrpyn5Fyol0jAeTlbdmrOq8WRbo=
last-modified: Wed, 05 Apr 2023 11:12:00 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RRDupBaMw31dNQU3X7E4q57w%2FpHYibdyv8HN5hS9fKrq25zx%2B7stF9B45fS0WyLndQtDTN7oLcl1rzMiOynP4hE2NAtpcEwqkc3N4a7kdTPxLJTWVx2ubdyDGI3zcRtxccL6"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8a1fe21bdeee3746-MXP
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: vMVHo4Uml8wCeK4a8KRNaD2bRvtIw4kdC1elynikCNmphndIiMYC8g==

GET
H3 200 Montserrat-Medium.woff2
www.morphisec.com/hubfs/fonts/ 64 KB
66 KB 151ms
150ms Font
application/font-woff2 199.60.103.225
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.morphisec.com/hubfs/fonts/Montserrat-Medium.woff2

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/hs-fs/hub/1534169/hub_generated/template_assets/109621200285/1680693252014/2023/Fonts/fonts.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.225 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4d476694bb5382da2de611b3b716fbed22fcd64d18753111b6d15a28667fd24

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://blog.morphisec.com/
Origin: https://blog.morphisec.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-109620535301,FD-109627043208,P-1534169,FLS-ALL
age: 98318
x-amz-request-id: ABSZDSZW0ACPCP2J
x-amz-server-side-encryption: AES256
edge-cache-tag: F-109620535301,FD-109627043208,P-1534169,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: "16c1a5b7a2037ec2bad9740c8b0ff8ee"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1680693119004
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 12 Jul 2024 09:07:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 13234883000891123bda3fd8d846da9c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: FUjuK6I4k.9p.Gx8MyhsJW6pvpTlo4q4
x-amz-cf-pop: MXP64-C2
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-109620535301,FD-109627043208,P-1534169,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 66036
x-amz-id-2: BTxARcMyGfOQ3zNiff7QCyaoG1s8apaxj6MslglJZqlUQ8fD1u+FzxMM9B32E99qODIYALLf562MneNSBwMICg==
last-modified: Wed, 05 Apr 2023 11:12:00 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0FfwsP%2BrkkJ3RLmjQvPxOxk%2Fryeo0awSCcG1b5rdjI%2FcTHZcBQrg5Gmnym3lM%2FSeezrv%2FKD27X4SEhfKhq3DVZT42mcLL7LsIHNgYDYKi%2F2J2eBr2u7C9RVDvU3bLH3BjySg"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8a1fe21bdef13746-MXP
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: DhKDrIFXBVlPuQwM_4hJkVKS_MpVETx5B7w-HC7bWbRQ9AC8XlvTug==

GET
H3 200 search_icon.svg
blog.morphisec.com/hubfs/ 350 B
1 KB 80ms
79ms Image
image/svg+xml 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.morphisec.com/hubfs/search_icon.svg

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

939c1b1420c9dcd654cf23e16482d791454288ca4ff1059fb8839412cc29b2a5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-meta-cache-tag: F-109619762806,P-1534169,FLS-ALL
age: 231084
x-amz-request-id: QHEXHMRJAG3NRDP6
x-amz-server-side-encryption: AES256
edge-cache-tag: F-109619762806,P-1534169,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: W/"3d95f4288550b5cf8de25c3fedbd715b"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1680691466397
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 12 Jul 2024 09:07:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 61df0586835e6744e27d7864085281b6.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 1GYCNZt2jwANbtrTaH7YaF79VqL7t05m
x-amz-cf-pop: LHR3-C2
x-hs-alternate-content-type: text/plain
x-cache: Miss from cloudfront
cache-tag: F-109619762806,P-1534169,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
x-amz-id-2: LL/mpXU9+lsuV26IM34sp3aXDAlQYqm4B3VNqhZZ76ZilgA6L3/m9gqaYcPz7P58pu3msqvNSkk=
last-modified: Wed, 05 Apr 2023 10:44:27 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C%2FIVsOe%2FnyBT89dn5KBl%2FqWw3CHTMFz2OoRkEaB0fSXywsxx5ED1sHUbEyKTrfsKt1XBLRkRg2%2F9N2dMURraJRpnJzU%2FmgyexuGuyKxr1UpzNq75qSs65cFL5ptvsKW3CPy91A%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8a1fe21bdef55268-MXP
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: smyp17ni6zKpX8yADlLUiE-SQrjUbsGSzMuDsKnI3_D-y3fluK03RQ==

GET
H3 200 blog.svg
blog.morphisec.com/hubfs/ 797 B
2 KB 81ms
79ms Image
image/svg+xml 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.morphisec.com/hubfs/blog.svg

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3e8357cc1fe184a45255c2831770245aa454c3e957dfe3df6a0ee789ac77e01

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-meta-cache-tag: F-109682604959,P-1534169,FLS-ALL
age: 219655
x-amz-request-id: XW0J12AW4B4PBPA9
x-amz-server-side-encryption: AES256
edge-cache-tag: F-109682604959,P-1534169,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: W/"8d9f2f91fe33b0b94a5bef7287c3abbf"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1680711424510
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 12 Jul 2024 09:07:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 36be2c773789c1382b13900c0a0f5724.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: ijpJM2MB9gHe5XFpk9UWNXBHqcRn_Olq
x-amz-cf-pop: MXP64-C2
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-109682604959,P-1534169,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
x-amz-id-2: AyfgU1rC+Ok3TtDDcZESpJQy9xvZmyDjCw1Rb7NlaaniTbMAjRvNCWTQM07qIBgpoS55ZDEwEEM=
last-modified: Wed, 05 Apr 2023 16:17:05 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qzeX0EkKj6W7N6acF3xqdVMZlTqhi%2FP6K9z2I0Na3G%2FaaWK9f2LUGzl%2FIfbKRutdjlTEAygVl%2BVxop0EDoMSIQBQP%2FMCjKOkQeY6t00ZuPCI57grSRq%2Bh1nzDOHkzCJbR4wM%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8a1fe21bdef65268-MXP
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: BcQyvBAJo1FHT4EzIm9VgnWv5Im40NI_Q1UwERJBvu17poAihAbO-w==

GET
H3 200 Morphisec_Mispadu_800x400_v.1.1_lorez.png
blog.morphisec.com/hs-fs/hubfs/ 82 KB
82 KB 72ms
70ms Image
image/webp 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.morphisec.com/hs-fs/hubfs/Morphisec_Mispadu_800x400_v.1.1_lorez.png?width=800&height=388&name=Morphisec_Mispadu_800x400_v.1.1_lorez.png

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

200954b04f46184e189e14baf2db33b97d2c10c4aa353af0df78f46c0b963d2e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 09:07:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 ed45efeb163f9ffaca42564e88ebc17e.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
cache-tag: F-162051107990,P-1534169,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 83466
cf-resized: internal=ok/m q=0 n=779+0 c=3+113 v=2024.6.0 l=83466
last-modified: Mon, 25 Mar 2024 20:17:27 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cffVbeL4txf_oVY58jjxQFfqQGHQ3yjvPWDiV8vK3LDQ:7d9c19d4794c4b41e0dafe6723fbef1c"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kJ7pBtoQvqvrDFvxBaxCuEcPW3oaz8bv5ZXEMlbIMhMxXs%2FM4PerGlhAChxW7sSpN7cELDJzoaiyuByUnjbpTVspYtQQAxapamJlQaVRoUScKGMIOf9QbbqR0JNUnyvFO6Sfbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 8a1fe21bdef85268-MXP
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net

GET
H3 200 MispaduDistribution-ezgif.com-png-to-webp-converter.webp
blog.morphisec.com/hs-fs/hubfs/ 16 KB
16 KB 69ms
67ms Image
image/webp 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.morphisec.com/hs-fs/hubfs/MispaduDistribution-ezgif.com-png-to-webp-converter.webp?width=750&height=394&name=MispaduDistribution-ezgif.com-png-to-webp-converter.webp

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2dc5f87466c5894b8ade72eaf752138710362019b8131e0f71be5664649a6a0c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 09:07:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 b9ff2ec964f1eea80fc668bb9d85ec54.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
cache-tag: F-162050151170,P-1534169,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 16032
cf-resized: internal=ok/m q=0 n=885+0 c=7+49 v=2024.6.0 l=16032
last-modified: Mon, 25 Mar 2024 20:18:35 GMT
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cfObgqq_xmFrbkX0V4Jd6NHPlB4ri6bdgXHut-FJjFDQ:7a637b129563d37feb059cfd45f2c718"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fKeW0qX77VbHte5LnKd5mR%2B9nyGZxEdG%2B%2FXBAtlOeYRpFiXAagtCBPzN9lI5W%2FvpqgNtaWJKJL2%2BpW0YABu9JyeGXrCenCo5p3I8mnBbodzlGiRqWqH6u1%2Fr%2BJQy3wtCMv3FiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 8a1fe21bdef95268-MXP
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net

GET
H3 200 Mispadu_Diagram_1-ezgif.com-optiwebp-1.webp
blog.morphisec.com/hs-fs/hubfs/ 19 KB
20 KB 285ms
283ms Image
image/webp 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.morphisec.com/hs-fs/hubfs/Mispadu_Diagram_1-ezgif.com-optiwebp-1.webp?width=700&height=425&name=Mispadu_Diagram_1-ezgif.com-optiwebp-1.webp

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

87acaa711a76ca454848c896233d28a5e2b9b64315957876c803fb387b5eb6da

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 09:07:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 0eb16b4893257d69c3dccf274633b342.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
cache-tag: F-162051410802,P-1534169,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 19660
cf-resized: internal=ram/m q=0 n=0+0 c=0+0 v=2024.6.0 l=19660
last-modified: Mon, 25 Mar 2024 20:20:37 GMT
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cfJfg4KHTOXTiicyxaE9ARUfU8b-8W6qZLkp3_38cqDQ:e76dbb447e654d3130a60533e7793c94"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=04SD3rO7hUqKQLUMppWntkWvB5D3Yg%2B7Oi%2BxLefRRGjowayImZ3tnJhrmj%2B%2B35hwiLPbTcaee7kbHH6WCp73Crtwcc%2FgtH%2B4F7EgsopSwUphUlKIVO1ojHptJEs27YsA4pqIcg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 8a1fe21bdefb5268-MXP
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net

GET
H3 200 json Show response
blog.morphisec.com/_hcms/forms/embed/v3/form/1534169/37b11fda-a2aa-4805-9c0e-bae8eaccd6b7/ 11 KB
4 KB 187ms
187ms XHR
application/json 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.morphisec.com/_hcms/forms/embed/v3/form/1534169/37b11fda-a2aa-4805-9c0e-bae8eaccd6b7/json?hs_static_app=forms-embed&hs_static_app_version=1.5387&X-HubSpot-Static-App-Info=forms-embed-1.5387

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/_hcms/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a15c76ffbd785e1d53f116da0971bd8165b0a2d04ecd673a99f3abc7e0cde50e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-origin-hublet: na1
date: Fri, 12 Jul 2024 09:07:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: df89a24a-1546-46a6-89a8-d727e36225f5
content-security-policy: upgrade-insecure-requests
x-envoy-upstream-service-time: 15
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: df89a24a-1546-46a6-89a8-d727e36225f5
server: cloudflare
vary: origin, Accept-Encoding
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-max-age: 180
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-776cb5686f-jxrsm
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Aj3%2FanVr28QX5wh0qXUv4FBPNeRdBK808GEC6ZSHJVL62k3hCnVeCmApHtLk14iZD0GxPap4e9iPS344%2B8QUe1Cit0tuEzHJ9%2Belnh6PceyGBkZ%2FNKm14h1V7XIKAs1QtxixWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8a1fe21c2f705268-MXP
access-control-allow-headers: *
x-robots-tag: none

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 38 KB
14 KB 137ms
37ms Script
application/javascript 2a02:26f0:e300::5f64:9252
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:e300::5f64:9252 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

dbfeb010a0c8acddc38dea97e228787f16ac5e30b4af96b764fa2252fe3827e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 09:07:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Jul 2024 09:19:33 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=37360
accept-ranges: bytes
content-length: 14011

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 90ms
31ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 09:07:29 GMT
content-encoding: gzip
last-modified: Thu, 04 Apr 2024 00:26:35 GMT
x-amz-server-side-encryption: AES256
etag: "bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15412
x-served-by: cache-iad-kcgs7200164-IAD, cache-fra-etou8220091-FRA

GET
H2 200 sl.js Show response
scout-cdn.salesloft.com/ 6 KB
3 KB 90ms
36ms Script
application/javascript 2606:4700::6810:4769
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://scout-cdn.salesloft.com/sl.js

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:4769 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a007af67f716c30c8848ab0ad0bfaab8a5fcf3e36dedf918b59c9429d522440

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 09:07:29 GMT
x-amz-version-id: 6anzvBQcvmaBDc8BSO9zI6Th.IIiwArc
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-request-id: EZPM7RQRGGE70WS6
age: 2303
alt-svc: h3=":443"; ma=86400
x-amz-id-2: r7iNhNQxflg/amAiQzf2jRtr58bQazGddBxBt46NGoeDpgLBBp7cQOVTF21tAeTPYfMGmafwUiU=
last-modified: Mon, 13 Dec 2021 16:28:37 GMT
server: cloudflare
etag: W/"d74cc4825c8e333b2116da3fcc649db1"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 8a1fe21c8e7c4bf7-MXP
expires: Fri, 12 Jul 2024 13:07:29 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
4 KB 94ms
34ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

561838aa186c582927c3d15c062fdbf2c90d3f15cd57552e24c0d179db764e82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 12 Jul 2024 09:07:29 GMT
content-md5: 8JUmFAC6P0oeEzQ6LDkCBg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1688
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=27, rtx=0, c=12, mss=1297, tbw=2800, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug: fopsokhklJAdk59UJ1BtmHqFTsqcDToIcsI9X9bDXcabvZjAssmZhAr41w4qRK2GanUpa4yoClQxv3BPKVxNEg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: c55c64837c6af6f2ba63eeab82e1bf03
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "52ad6868faa39035d9c9f2b73484811a"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Fri, 12 Jul 2024 09:10:27 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 72ms
18ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CF9) /
Resource Hash: 173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Fri, 12 Jul 2024 09:07:29 GMT
Content-Encoding: gzip
Age: 392
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27597
Last-Modified: Mon, 11 Dec 2023 17:20:28 GMT
Server: ECS (mil/6CF9)
Etag: "824beb891744db98ccbd3a456e59e0f7+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 324 KB
106 KB 51ms
49ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HFVX4VZHCS&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PQBJZ8K

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bda916cc0eed8b8f24573ccca8ab04ab5915bf94f1a3decf817cbf8559b5ceac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 09:07:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 108787
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 12 Jul 2024 09:07:29 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 324 KB
106 KB 56ms
54ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QY7QHR57BF&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PQBJZ8K

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1bf1355d69f1910f1542ac3f7303dfbf4d63ba2b64ccfd0fc95dee6fe39ca551

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 09:07:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 108732
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 12 Jul 2024 09:07:29 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 72ms
21ms Script
text/javascript 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PQBJZ8K

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 12 Jul 2024 08:10:12 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3437
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 12 Jul 2024 10:10:12 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 223 KB
58 KB 76ms
33ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c4832b19dd5406ac0855426096610e532861e94c65819651ada45299002455de

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 12 Jul 2024 09:07:29 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58653
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=27, rtx=0, c=12, mss=1297, tbw=6595, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: 1+Sy7xVwSBTgswBmdwviiuexXtuQG38+aOoNHUoPqA7JTGAKRXbEH+/dLRQuRAJIyUqKuuVvjjijp3PhMXyhDA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 8424750.js Show response
snid.snitcher.com/ 24 KB
25 KB 320ms
242ms Script
application/javascript 18.184.15.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://snid.snitcher.com/8424750.js
Requested by: Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.184.15.116 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-15-116.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 651d990871ba3e1246d82ca402f3104b6785c7578b782b283e828510ccbd37e8

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
x-vapor-base64-encode: True
date: Fri, 12 Jul 2024 09:07:29 GMT
cache-control: max-age=1800, private
content-length: 24876
apigw-requestid: ayrMxg6dFiAEJxQ=
content-type: application/javascript

GET
H2 200 tags.js Show response
tag.clearbitscripts.com/v1/pk_5fe48b59baf6bb406e34c9012803b845/ 17 KB
5 KB 278ms
200ms Script
application/javascript 2600:9000:2670:f600:7:d7d6:3c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.clearbitscripts.com/v1/pk_5fe48b59baf6bb406e34c9012803b845/tags.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PQBJZ8K

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2670:f600:7:d7d6:3c40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Clearbit /

Resource Hash

3fc6f43f8d589a8e68a0242c1b868cc5219f5bd368d1b960af52716a8541dfec

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 09:07:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-envoy-response-flags: -
via: 1.1 e999795aa400a9b7027a66ec4ada5728.cloudfront.net (CloudFront)
server: Clearbit
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P9
etag: W/"4dc4ea822cc55aa67719411f6076fcbc"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
cache-control: private, max-age=600
x-amz-cf-id: WiGULauNu7oveKlS7m8hfeOAiiWMB_43M1KjbegMdlgHhiDAfXYAmw==

GET lt-v3.js
lltrck.com/scripts/ 0
0

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 69 KB
24 KB 84ms
42ms Script
application/javascript 2606:4700::6810:6bfe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hscollectedforms.net/collectedforms.js

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/hs/scriptloader/1534169.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6bfe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53a3dc763a0bd679523a77f5610e4ab27231fe6763d7089c1c92966daa1663f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
Origin: https://blog.morphisec.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
age: 145
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.503/bundles/project.js&cfRay=8a1fde917b164bdb-MXP
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"7d377a186677c174f204d466b8fa5fdb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: collected-forms-embed-js/static-1.503/bundles/project.js
date: Fri, 12 Jul 2024 09:07:29 GMT
x-amz-version-id: WQne3xdBhaNpu67z_dXMAVxQ_qJQQf8W
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 b9e3ae23b2e5d7b2e1c159467ba23f34.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: cd0cfc7f-a8b9-41d6-aca3-16c2576b2dd7
x-cache: Hit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 2
x-evy-trace-route-configuration: listener_https/all
x-request-id: cd0cfc7f-a8b9-41d6-aca3-16c2576b2dd7
last-modified: Wed, 15 May 2024 14:34:44 UTC
server: cloudflare
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-65f7f7c749-5bdqs
cf-ray: 8a1fe21cfcc0bafa-MXP
x-amz-cf-id: tyrhil-sm2SuIHJxTkKKfblqeEX74MGSa3rXrfbhzjFwgFwOVsadUQ==

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/1534169/ 71 KB
26 KB 83ms
39ms Script
text/javascript 2606:4700:4400::ac40:991b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/1534169/banner.js
Requested by: Host: blog.morphisec.com
URL: https://blog.morphisec.com/hs/scriptloader/1534169.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae0393f48f5412e3124cafc47dd3e8b7bd39a6eb1f2517883c8b175df4df6334

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 09:07:29 GMT
x-amz-version-id: JBubI2iZXhfvR9NjtL2LPV82OaUIjqI9
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: MD4C3MEHXKRXNT2C
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 5bb35968-48f5-4c63-b76c-13a14fc22355
age: 1
x-envoy-upstream-service-time: 80
x-amz-id-2: AYOXzstzU6gNDtrb5ZAOe/wzigsv4d1jcx/CpOHemPSUeAqKykz/T084lofph3IFIbiVJzLl+uvMzdJ55bGpIfA2v16SzhGLTkqHvkxe9jw=
x-evy-trace-listener: listener_https
x-request-id: 5bb35968-48f5-4c63-b76c-13a14fc22355
x-evy-trace-route-configuration: listener_https/all
last-modified: Wed, 24 Apr 2024 13:11:59 GMT
server: cloudflare
etag: W/"850933666a1091136679efb21afc00bc"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://blog.morphisec.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7bfb89fbf6-zmwrp
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 8a1fe21d0e1c4bed-MXP
expires: Fri, 12 Jul 2024 09:12:28 GMT

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 551 KB
92 KB 86ms
43ms Script
application/javascript 2606:4700::6812:8d11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsleadflows.net/leadflows.js

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/hs/scriptloader/1534169.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:8d11 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd26d9d88899d0587c9377964b7d1ab478a318b0fdbee7b9d6a084e4aa6425f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
Origin: https://blog.morphisec.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
age: 79597
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.1355/bundle/main/lead-flows-release.js&cfRay=8a184ad4fad64882-MXP
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"be45bdb720f44c8db4ee42bc228ff2a8"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=86400, max-age=0
x-hs-target-asset: lead-flows-js/static-1.1355/bundle/main/lead-flows-release.js
date: Fri, 12 Jul 2024 09:07:29 GMT
x-amz-version-id: HLkmxotJV8gQ_mnvhNwLT9fnVmh1uWjb
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 bcfffcf7e0fc8cd9cfe4125369a9f036.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 6ecfdeb5-540c-4870-bba7-132ed526f92a
x-cache: Hit from cloudfront
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 12
x-evy-trace-route-configuration: listener_https/all
x-request-id: 6ecfdeb5-540c-4870-bba7-132ed526f92a
last-modified: Thu, 30 May 2024 10:22:15 UTC
server: cloudflare
access-control-max-age: 3000
x-hs-cache-status: MISS
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-65f7f7c749-zrgzf
cf-ray: 8a1fe21d0b46523a-MXP
x-amz-cf-id: zfZXt4_nqeJaq1vz9kYQTHzRQ5Rw09CtNUiKP8kfqOO9U_XzO3n1cA==

GET
H2 200 web-interactives-embed.js Show response
js.hubspot.com/ 82 KB
24 KB 158ms
117ms Script
application/javascript 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hubspot.com/web-interactives-embed.js

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/hs/scriptloader/1534169.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

223ce47ad1f37b0e8d8d12e8333faa417930d86e8a2b69e932364cd4fa725310

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
Origin: https://blog.morphisec.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
age: 1
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.1232/bundles/project.js&cfRay=8a1fe216ad5a5268-MXP
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"a72ef6dcb4ff7248d922f14d4297ff6d"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-hs-target-asset: web-interactives-embed/static-2.1232/bundles/project.js
date: Fri, 12 Jul 2024 09:07:29 GMT
x-amz-version-id: VlZofOO6XLIMBEw0GCyKL1V6eti3_6c2
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 dfc1931cc62ecd4133c2b9bdae1bb476.cloudfront.net (CloudFront)
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: a0ffab97-55a3-4f4c-8b63-b4b41dcbaa46
x-cache: Hit from cloudfront
cache-tag: staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 6
x-evy-trace-route-configuration: listener_https/all
x-request-id: a0ffab97-55a3-4f4c-8b63-b4b41dcbaa46
last-modified: Wed, 10 Jul 2024 15:31:47 UTC
server: cloudflare
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7GC9qbNackNre32DEBbhDNBK6jTp9GgCBG4iMqCcuMW9IUt4N96o8VSMD2SfJw6CUheO3XTCmWeaVbdJKz0TQD84woKNDSWwvVRVZCtIBmYuaeHIl3Z%2FWS2QxFUpgTLsDnZC6T5PnH28PgrF"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: MISS
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-65f7f7c749-2hwf8
cf-ray: 8a1fe21d0e8d4be4-MXP
x-amz-cf-id: jTfUkuQlnqydAkohlcXJhygNp9v-LFZejy-SbF4YM_rwLLXgB1raeA==

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
4 KB 146ms
103ms Script
application/javascript 2606:4700::6811:df98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsadspixel.net/fb.js

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/hs/scriptloader/1534169.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:df98 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

265e4bbd1db28d8f58e233e0992fb26719b1226402f84985e269dcd1a3dbb83a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 09:07:29 GMT
x-amz-version-id: UWSQIcf29vJdwcwnUNcwRMWbLRONtdx9
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 d0d53eedec01ac540f737b5fafb16436.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
age: 396
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.567/bundles/pixels-release.js&cfRay=8a1fd86fbbbcbabd-MXP
x-cache: Hit from cloudfront
x-hubspot-correlation-id: f5a2f115-7c7b-4188-a0aa-c49e3da4e204
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 0
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: f5a2f115-7c7b-4188-a0aa-c49e3da4e204
last-modified: Thu, 11 Jul 2024 14:18:51 UTC
server: cloudflare
etag: W/"426dc06770cc2e882c1638294f975a21"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-65f7f7c749-jxxbv
cf-ray: 8a1fe21d1b670df7-MXP
x-amz-cf-id: P3AR1lec0UdHfrCA4s1TK4_FeRm0kPBwq8eogVAXBbL4HwGtr-MD9Q==
x-hs-target-asset: adsscriptloaderstatic/static-1.567/bundles/pixels-release.js

GET
H2 200 1534169.js Show response
js.hs-analytics.net/analytics/1720775100000/ 74 KB
26 KB 86ms
35ms Script
text/javascript 2606:4700::6810:a0a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1720775100000/1534169.js
Requested by: Host: blog.morphisec.com
URL: https://blog.morphisec.com/hs/scriptloader/1534169.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:a0a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9900b9f29bada72b398bc1df758ee8b87f14a5e635d04e29cc26a786c47a4bce

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 09:07:29 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: TC0HHX9ET2WASVVY
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 8a35c660-2a3b-4a95-bf1f-e2cba932856b
age: 1
x-envoy-upstream-service-time: 22
x-amz-id-2: sHlDL0mgkGwUUt8G48F8DgEqB7cTJv0rBk9NUZKRhcXBKA5iHH0pi3G0DbDVU1Th17kkr4K1V0g=
x-evy-trace-listener: listener_https
x-request-id: 8a35c660-2a3b-4a95-bf1f-e2cba932856b
x-evy-trace-route-configuration: listener_https/all
last-modified: Tue, 09 Jul 2024 17:51:00 GMT
server: cloudflare
etag: W/"7afc634b401cc976ce38c8efa6bc29c8"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7bfb89fbf6-647fb
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 8a1fe21d58fd3761-MXP
expires: Fri, 12 Jul 2024 09:12:28 GMT

GET
H2 204 has-permission-json Show response
app.hubspot.com/content-tools-menu/api/v1/tools-menu/ 0
674 B 224ms
220ms XHR
text/plain 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/content-tools-menu/api/v1/tools-menu/has-permission-json?portalId=1534169

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/hs/hsstatic/HubspotToolsMenu/static-1.321/js/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	no-sniff

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 09:07:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: no-sniff
cf-cache-status: DYNAMIC
x-hs-worker-debug-mode: false
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: b3f1900f-779c-4ffa-be7b-4f12833fbe60
x-envoy-upstream-service-time: 6
x-evy-trace-route-configuration: listener_https/all
reporting-endpoints: default="https://send.hsbrowserreports.com/csp/reports?cfRay=8a1fe21c6ddd4c66&resource=unknown"
x-evy-trace-listener: listener_https
x-request-id: b3f1900f-779c-4ffa-be7b-4f12833fbe60
server: cloudflare
vary: origin, Accept-Encoding
access-control-allow-methods: GET
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]}
access-control-allow-origin: https://blog.morphisec.com
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-65f7f7c749-qfdc9
cache-control: max-age=0
access-control-allow-credentials: true
x-evy-trace-virtual-host: all
cf-ray: 8a1fe21c6ddd4c66-MXP

GET
H3 200 postlisting Show response
blog.morphisec.com/_hcms/ 12 KB
3 KB 64ms
62ms XHR
application/json 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.morphisec.com/_hcms/postlisting?blogId=3742504875&maxLinks=10&listingType=recent&orderByViews=false&hs-expires=1752239614&hs-version=2&hs-signature=AJ2IBuFDZojA5mAvRykX276cjls4Jr308w&currentUrl=https%3A%2F%2Fblog.morphisec.com%2Fmispadu-infiltration-beyond-latam

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/hs/hsstatic/AsyncSupport/static-1.122/js/post_listing_asset.js

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

85f12c3cc6ab25570b5692f96b7b5069b72613b4ad08d0635e03521fddbd1857

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 09:07:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1
x-evy-trace-route-service-name: envoyset-translator
content-security-policy: upgrade-insecure-requests
x-hubspot-correlation-id: b63cb437-447b-42f2-a1e0-733c39fd6d69
x-envoy-upstream-service-time: 25
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: b63cb437-447b-42f2-a1e0-733c39fd6d69
last-modified: Fri, 12 Jul 2024 09:07:21 GMT
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mGmbNVT6y9KDd%2FstZBN0AKzGM0r2pEewBGrBtYDtDhSF0Mcv8Rz2395hbU29qyZtmu%2B0SWxs9NZHNQa52SoFhOl68cUL1ruRqBw%2F4I%2BGRiIhn8kivlUhwEoYP27HO1kpKxdKLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
x-evy-trace-served-by-pod: iad02/cms-10-19-td/envoy-proxy-64f59868fc-qs252
x-evy-trace-virtual-host: all
access-control-allow-credentials: false
cf-ray: 8a1fe21c6fca5268-MXP
x-robots-tag: none

GET
H3 200 arrow-white.svg Show response
blog.morphisec.com/hubfs/ 349 B
0 0ms
0ms XHR
image/svg+xml 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.morphisec.com/hubfs/arrow-white.svg

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d19d09e24c8a6da58f2db0561d49f8719a08c9d80561578116bf155a615bd98a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-meta-cache-tag: F-109627044436,P-1534169,FLS-ALL
age: 219655
x-amz-request-id: G8BWCSMMZDAVYXFD
x-amz-server-side-encryption: AES256
edge-cache-tag: F-109627044436,P-1534169,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: W/"60bbbc0bc1edd1fb7cca1a100a63be01"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1680694543135
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 12 Jul 2024 09:07:29 GMT
via: 1.1 3e8c7159e6734f06c78a06c36a369370.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: KMw_AMABoswm8oNvOvnloHZvZpdq9inh
x-amz-cf-pop: MXP64-C2
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-109627044436,P-1534169,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 68h65Ze/9fjDkMGb4KIRsJhDb9I13fy4v/GwgovfzKkODef+9N96B1/1KAYnqwC8Ce9MIhxbNDA=
last-modified: Wed, 05 Apr 2023 11:35:44 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q0G7yoKQCYlrAq5giebMe5zCwLtj%2BXoIasWF4%2BaRlspNr%2FwLDgyuKU4k2WGt2MqJ5v9kQyT9A7nACD7I56rFMJHGb6i3IUQp0bamQ1eh%2FaP2L%2Fng7vRfL%2F6J5IAfo83R%2Fakung%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8a1fe21baeb15268-MXP
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: LG0sSiwwQDcrqLi65G0mCQVA7Y-9m_F4FreiJpQMKoTqEl4TLmcs5w==

GET
H3 200 arrow-white.svg Show response
blog.morphisec.com/hubfs/ 349 B
0 1ms
0ms XHR
image/svg+xml 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.morphisec.com/hubfs/arrow-white.svg

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d19d09e24c8a6da58f2db0561d49f8719a08c9d80561578116bf155a615bd98a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-meta-cache-tag: F-109627044436,P-1534169,FLS-ALL
age: 219655
x-amz-request-id: G8BWCSMMZDAVYXFD
x-amz-server-side-encryption: AES256
edge-cache-tag: F-109627044436,P-1534169,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: W/"60bbbc0bc1edd1fb7cca1a100a63be01"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1680694543135
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 12 Jul 2024 09:07:29 GMT
via: 1.1 3e8c7159e6734f06c78a06c36a369370.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: KMw_AMABoswm8oNvOvnloHZvZpdq9inh
x-amz-cf-pop: MXP64-C2
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-109627044436,P-1534169,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 68h65Ze/9fjDkMGb4KIRsJhDb9I13fy4v/GwgovfzKkODef+9N96B1/1KAYnqwC8Ce9MIhxbNDA=
last-modified: Wed, 05 Apr 2023 11:35:44 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q0G7yoKQCYlrAq5giebMe5zCwLtj%2BXoIasWF4%2BaRlspNr%2FwLDgyuKU4k2WGt2MqJ5v9kQyT9A7nACD7I56rFMJHGb6i3IUQp0bamQ1eh%2FaP2L%2Fng7vRfL%2F6J5IAfo83R%2Fakung%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8a1fe21baeb15268-MXP
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: LG0sSiwwQDcrqLi65G0mCQVA7Y-9m_F4FreiJpQMKoTqEl4TLmcs5w==

GET
H3 200 close.svg Show response
blog.morphisec.com/hubfs/ 543 B
2 KB 56ms
55ms XHR
image/svg+xml 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.morphisec.com/hubfs/close.svg

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a4850f556812a808a87669edcc26eecd8abc3e0a35178b57e9049c4271c9117

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-meta-cache-tag: F-109618525080,P-1534169,FLS-ALL
age: 231084
x-amz-request-id: R98JQNYG6C4GHCGS
x-amz-server-side-encryption: AES256
edge-cache-tag: F-109618525080,P-1534169,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: W/"613d5e657a45fdd73680a2a43b1810a9"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1680690377289
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 12 Jul 2024 09:07:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 b61e218bc35668646b673c626203e5d4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: ojcPDMW2kfX705kNgng7YRySVuOGEcf5
x-amz-cf-pop: LHR3-C2
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-109618525080,P-1534169,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
x-amz-id-2: o8B1Jur+VVpVXCZjwn5cBIjG7Od9dYMY7WS3lp+cNenal0U7zGVeCoMq0+tJRLfe6GvRkTZytcBmEOB4E0hKWg==
last-modified: Wed, 05 Apr 2023 10:26:18 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f981UTp1%2BgXwEDh7IKY7CxHZb84upB%2F%2BnbSwP7x1b2%2F1sJii5sDFNS80drv%2FGMhAJVfEfvWhd%2FZ75h6coNccuy%2BYnO5d8g0JXM9JhUwPHWjXuWE0yWSPgtOLeCw3EueeSSQCOA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8a1fe21c7ff15268-MXP
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: KJ8LhERAdICjeRL9MXSfZ_GGzOyLjl7EoHkg989Cfhu-rCRa7dXrHw==

GET
H3 200 search_icon.svg Show response
blog.morphisec.com/hubfs/ 350 B
0 2ms
2ms XHR
image/svg+xml 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.morphisec.com/hubfs/search_icon.svg

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

939c1b1420c9dcd654cf23e16482d791454288ca4ff1059fb8839412cc29b2a5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-meta-cache-tag: F-109619762806,P-1534169,FLS-ALL
age: 231084
x-amz-request-id: QHEXHMRJAG3NRDP6
x-amz-server-side-encryption: AES256
edge-cache-tag: F-109619762806,P-1534169,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: W/"3d95f4288550b5cf8de25c3fedbd715b"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1680691466397
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 12 Jul 2024 09:07:29 GMT
via: 1.1 61df0586835e6744e27d7864085281b6.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 1GYCNZt2jwANbtrTaH7YaF79VqL7t05m
x-amz-cf-pop: LHR3-C2
x-hs-alternate-content-type: text/plain
x-cache: Miss from cloudfront
cache-tag: F-109619762806,P-1534169,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
x-amz-id-2: LL/mpXU9+lsuV26IM34sp3aXDAlQYqm4B3VNqhZZ76ZilgA6L3/m9gqaYcPz7P58pu3msqvNSkk=
last-modified: Wed, 05 Apr 2023 10:44:27 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C%2FIVsOe%2FnyBT89dn5KBl%2FqWw3CHTMFz2OoRkEaB0fSXywsxx5ED1sHUbEyKTrfsKt1XBLRkRg2%2F9N2dMURraJRpnJzU%2FmgyexuGuyKxr1UpzNq75qSs65cFL5ptvsKW3CPy91A%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8a1fe21bdef55268-MXP
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: smyp17ni6zKpX8yADlLUiE-SQrjUbsGSzMuDsKnI3_D-y3fluK03RQ==

GET
H3 200 blog.svg Show response
blog.morphisec.com/hubfs/ 797 B
0 2ms
2ms XHR
image/svg+xml 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.morphisec.com/hubfs/blog.svg

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3e8357cc1fe184a45255c2831770245aa454c3e957dfe3df6a0ee789ac77e01

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-meta-cache-tag: F-109682604959,P-1534169,FLS-ALL
age: 219655
x-amz-request-id: XW0J12AW4B4PBPA9
x-amz-server-side-encryption: AES256
edge-cache-tag: F-109682604959,P-1534169,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: W/"8d9f2f91fe33b0b94a5bef7287c3abbf"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1680711424510
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 12 Jul 2024 09:07:29 GMT
via: 1.1 36be2c773789c1382b13900c0a0f5724.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: ijpJM2MB9gHe5XFpk9UWNXBHqcRn_Olq
x-amz-cf-pop: MXP64-C2
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-109682604959,P-1534169,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
x-amz-id-2: AyfgU1rC+Ok3TtDDcZESpJQy9xvZmyDjCw1Rb7NlaaniTbMAjRvNCWTQM07qIBgpoS55ZDEwEEM=
last-modified: Wed, 05 Apr 2023 16:17:05 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qzeX0EkKj6W7N6acF3xqdVMZlTqhi%2FP6K9z2I0Na3G%2FaaWK9f2LUGzl%2FIfbKRutdjlTEAygVl%2BVxop0EDoMSIQBQP%2FMCjKOkQeY6t00ZuPCI57grSRq%2Bh1nzDOHkzCJbR4wM%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8a1fe21bdef65268-MXP
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: BcQyvBAJo1FHT4EzIm9VgnWv5Im40NI_Q1UwERJBvu17poAihAbO-w==

GET
H3 200 search_icon.svg Show response
blog.morphisec.com/hubfs/ 350 B
0 4ms
4ms XHR
image/svg+xml 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.morphisec.com/hubfs/search_icon.svg

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

939c1b1420c9dcd654cf23e16482d791454288ca4ff1059fb8839412cc29b2a5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-meta-cache-tag: F-109619762806,P-1534169,FLS-ALL
age: 231084
x-amz-request-id: QHEXHMRJAG3NRDP6
x-amz-server-side-encryption: AES256
edge-cache-tag: F-109619762806,P-1534169,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: W/"3d95f4288550b5cf8de25c3fedbd715b"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1680691466397
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 12 Jul 2024 09:07:29 GMT
via: 1.1 61df0586835e6744e27d7864085281b6.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 1GYCNZt2jwANbtrTaH7YaF79VqL7t05m
x-amz-cf-pop: LHR3-C2
x-hs-alternate-content-type: text/plain
x-cache: Miss from cloudfront
cache-tag: F-109619762806,P-1534169,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
x-amz-id-2: LL/mpXU9+lsuV26IM34sp3aXDAlQYqm4B3VNqhZZ76ZilgA6L3/m9gqaYcPz7P58pu3msqvNSkk=
last-modified: Wed, 05 Apr 2023 10:44:27 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C%2FIVsOe%2FnyBT89dn5KBl%2FqWw3CHTMFz2OoRkEaB0fSXywsxx5ED1sHUbEyKTrfsKt1XBLRkRg2%2F9N2dMURraJRpnJzU%2FmgyexuGuyKxr1UpzNq75qSs65cFL5ptvsKW3CPy91A%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8a1fe21bdef55268-MXP
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: smyp17ni6zKpX8yADlLUiE-SQrjUbsGSzMuDsKnI3_D-y3fluK03RQ==

GET
H3 200 blog.svg Show response
blog.morphisec.com/hubfs/ 797 B
0 4ms
4ms XHR
image/svg+xml 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.morphisec.com/hubfs/blog.svg

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3e8357cc1fe184a45255c2831770245aa454c3e957dfe3df6a0ee789ac77e01

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-meta-cache-tag: F-109682604959,P-1534169,FLS-ALL
age: 219655
x-amz-request-id: XW0J12AW4B4PBPA9
x-amz-server-side-encryption: AES256
edge-cache-tag: F-109682604959,P-1534169,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: W/"8d9f2f91fe33b0b94a5bef7287c3abbf"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1680711424510
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 12 Jul 2024 09:07:29 GMT
via: 1.1 36be2c773789c1382b13900c0a0f5724.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: ijpJM2MB9gHe5XFpk9UWNXBHqcRn_Olq
x-amz-cf-pop: MXP64-C2
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-109682604959,P-1534169,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
x-amz-id-2: AyfgU1rC+Ok3TtDDcZESpJQy9xvZmyDjCw1Rb7NlaaniTbMAjRvNCWTQM07qIBgpoS55ZDEwEEM=
last-modified: Wed, 05 Apr 2023 16:17:05 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qzeX0EkKj6W7N6acF3xqdVMZlTqhi%2FP6K9z2I0Na3G%2FaaWK9f2LUGzl%2FIfbKRutdjlTEAygVl%2BVxop0EDoMSIQBQP%2FMCjKOkQeY6t00ZuPCI57grSRq%2Bh1nzDOHkzCJbR4wM%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8a1fe21bdef65268-MXP
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: BcQyvBAJo1FHT4EzIm9VgnWv5Im40NI_Q1UwERJBvu17poAihAbO-w==

GET
H2 200 cta-json Show response
cta-service-cms2.hubspot.com/ctas/v2/public/cs/ 14 KB
4 KB 202ms
201ms XHR
application/json 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/ctas/v2/public/cs/cta-json?canon=https%3A%2F%2Fblog.morphisec.com%2Fmispadu-infiltration-beyond-latam&pageId=162037724749&pid=1534169&sv=cta-embed-js-static-1.300&rdy=1&cos=1&df=t&pg=c9a3865e-2993-4f6e-b357-de969e5176a5&pg=3c83d6d5-0c56-47b7-8aee-ae6edf73c360&pg=d4f17ebf-d8a2-49c3-9bca-a8f8112b45f3&pg=3c83d6d5-0c56-47b7-8aee-ae6edf73c360&pg=d4f17ebf-d8a2-49c3-9bca-a8f8112b45f3&pg=c0c8d819-c7bc-43c9-a80b-7db9c88cd5ab&pg=e098d357-1710-4cfe-8901-19c93de122f4

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/hs/cta/cta/current.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

794c7410e453f2fce6b313b48e31fe158f51dd00c197f224ba3c004a18c00ef0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-origin-hublet: na1
date: Fri, 12 Jul 2024 09:07:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: d02aec11-f4b9-4e93-8c47-aed88cb22464
x-envoy-upstream-service-time: 50
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: d02aec11-f4b9-4e93-8c47-aed88cb22464
server: cloudflare
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://blog.morphisec.com
x-evy-trace-virtual-host: all
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-776cb5686f-gqvsp
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ez6YN3PGYD7Fc%2FaWGU5I%2FJRRoJNo9bI9JlLgTR%2F609KQBseLPCFnj%2BysA5%2BPVmNuM4hqsPMR3W8wiR7jIdNZt%2FFWu%2BE0cNj7xgplWF2caFE5gIVsKjLG37jINtstr9dH%2FXmOnxGUEf%2Bwt70bD3y4cP89EkJTsnLK%2FX0%3D"}],"group":"cf-nel","max_age":604800}
x-robots-tag: noindex, follow
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 8a1fe21c8e184c66-MXP

GET
H2 200 r Show response
scout.salesloft.com/ 41 B
360 B 364ms
118ms XHR
application/json 54.144.102.7
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://scout.salesloft.com/r?tid=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0IjoxMDQ1MTF9.eiHnDZAhBhx__pSttlATzaQdSltPIpahvpYGdr_Bfrg

Requested by

Host: scout-cdn.salesloft.com
URL: https://scout-cdn.salesloft.com/sl.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.144.102.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-144-102-7.compute-1.amazonaws.com

Software

Resource Hash

aa011ed383cb780028a85caaa0dda67dce19b0f4bc596f4f708d1857015c1362

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 09:07:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://blog.morphisec.com
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 41
x-request-id: f5eee643d8bb337bb1865e6c526b4645

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 299 KB
86 KB 73ms
36ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=59b356f083b07ed1c91ccbee1e987093

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

bd63361be592c4fc1b61e7bc8f0b92c83b52f54f57789e91ad577d006f71768c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
Origin: https://blog.morphisec.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 12 Jul 2024 09:07:29 GMT
content-md5: qt2j2lTtzxrQwolaHJ4vrA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87599
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=34, rtx=0, c=23, mss=1232, tbw=4300, tp=9, tpl=0, uplat=1, ullat=-1
x-fb-debug: qG6d5/PeauOFfnKwA5XmwhokkowU8IiRp7z26pljaosbWpsjM0biNK8BFRYvhzHMcweTvPnpoPP33ETzyEoFXA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: c1ef60bf7069d1a4413bfef98795b6ae
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "3932f5064c71d4ca9ae6f2703d9c5723"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Sat, 12 Jul 2025 08:00:51 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
223 B 35ms
34ms XHR
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1644365677&t=pageview&_s=1&dl=https%3A%2F%2Fblog.morphisec.com%2Fmispadu-infiltration-beyond-latam&ul=it-it&de=UTF-8&dt=Breaking%20Boundaries%3A%20Mispadu%27s%20Infiltration%20Beyond%20LATAM&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=832022718&gjid=1414008335&cid=1543411705.1720775249&tid=UA-60065248-1&_gid=249755182.1720775249&_r=1&_slc=1&gtm=45He4790n81PQBJZ8Kv897572158za200&gcd=13l3l3l2l1&dma_cps=syphamo&dma=1&tag_exp=0&npa=1&z=581584315

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

777936a4dafb4a9776ea814a2737a4ed51a49172e8f79491a4988a40bd93c90d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 12 Jul 2024 09:07:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.morphisec.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 107ms
35ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-HFVX4VZHCS&gtm=45je4790v897583451z8897572158za200zb897572158&_p=1720775249006&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1543411705.1720775249&ul=it-it&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1720775249&sct=1&seg=0&dl=https%3A%2F%2Fblog.morphisec.com%2Fmispadu-infiltration-beyond-latam&dt=Breaking%20Boundaries%3A%20Mispadu%27s%20Infiltration%20Beyond%20LATAM&en=page_view&_fv=1&_ss=1&tfd=912&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HFVX4VZHCS&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jul 2024 09:07:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.morphisec.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
256 B 122ms
40ms Ping
text/plain 2a00:1450:400c:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-HFVX4VZHCS&cid=1543411705.1720775249&gtm=45je4790v897583451z8897572158za200zb897572158&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HFVX4VZHCS&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jul 2024 09:07:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.morphisec.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.it/ads/ 42 B
107 B 134ms
59ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.it/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HFVX4VZHCS&cid=1543411705.1720775249&gtm=45je4790v897583451z8897572158za200zb897572158&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1&npa=1&frm=0&z=296606172

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jul 2024 09:07:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
375 B 372ms
301ms Image
image/gif 93.184.221.165
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=961a5d78-e150-4766-9475-f9efe5afea70&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=1f24a7fa-02f4-48c9-900f-a1bcc47aa6f7&tw_document_href=https%3A%2F%2Fblog.morphisec.com%2Fmispadu-infiltration-beyond-latam&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nxrig&type=javascript&version=2.3.30

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.184.221.165 London, United Kingdom, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-response-time: 182
date: Fri, 12 Jul 2024 09:07:28 GMT
strict-transport-security: max-age=0
server: tsa_f
content-type: image/gif;charset=utf-8
x-transaction-id: 1c3e18080d4f277f
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: c4f6eeed18980a2d4908bf2d543e79397325cebe872fd5c8887c7bc26e080260
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
393 B 217ms
139ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=961a5d78-e150-4766-9475-f9efe5afea70&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=1f24a7fa-02f4-48c9-900f-a1bcc47aa6f7&tw_document_href=https%3A%2F%2Fblog.morphisec.com%2Fmispadu-infiltration-beyond-latam&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nxrig&type=javascript&version=2.3.30

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-response-time: 109
date: Fri, 12 Jul 2024 09:07:28 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 57e703e59212f744
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: f1187b418ed30eaed8adf1d84e24df6f9d443a908ab089ed3aead867791a0815
content-length: 43

GET
H/1.1 200
OK widget_iframe.2f70fb173b9000da126c79afe2098f02.html
platform.twitter.com/widgets/ Frame 87BD 0
0 69ms
17ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fblog.morphisec.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CEA) /
Resource Hash

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 9443097
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105429
Content-Type: text/html; charset=utf-8
Date: Fri, 12 Jul 2024 09:07:29 GMT
Etag: "81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified: Mon, 11 Dec 2023 17:19:49 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (mil/6CEA)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 57ms
34ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-QY7QHR57BF&gtm=45je4790v898987771z8897572158za200zb897572158&_p=1720775249006&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1543411705.1720775249&ul=it-it&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1720775249&sct=1&seg=0&dl=https%3A%2F%2Fblog.morphisec.com%2Fmispadu-infiltration-beyond-latam&dt=Breaking%20Boundaries%3A%20Mispadu%27s%20Infiltration%20Beyond%20LATAM&en=page_view&_fv=1&_ss=1&tfd=961&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QY7QHR57BF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jul 2024 09:07:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.morphisec.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
54 B 73ms
39ms Ping
text/plain 2a00:1450:400c:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-QY7QHR57BF&cid=1543411705.1720775249&gtm=45je4790v898987771z8897572158za200zb897572158&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QY7QHR57BF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jul 2024 09:07:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.morphisec.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.it/ads/ 42 B
408 B 85ms
59ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.it/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-QY7QHR57BF&cid=1543411705.1720775249&gtm=45je4790v898987771z8897572158za200zb897572158&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1&npa=1&frm=0&z=23008913

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jul 2024 09:07:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
818 B 275ms
190ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=32136%2C3607898&time=1720775249576&url=https%3A%2F%2Fblog.morphisec.com%2Fmispadu-infiltration-beyond-latam
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept: *
Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 09:07:29 GMT
content-encoding: gzip
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: A3D8485B890246C384F27A30ECCB6186 Ref B: MIL30EDGE1112 Ref C: 2024-07-12T09:07:29Z
access-control-allow-methods: GET, OPTIONS
x-li-fabric: prod-ltx1
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
content-type: application/json
x-li-proto: http/2
x-restli-protocol-version: 1.0.0
access-control-allow-headers: *
x-li-uuid: AAYdCTV/oNXexC/p9vRSGg==
x-fs-uuid: 00061d09357fa0d5dec42fe9f6f4521a

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=32136%2C3607898&time=1720775249576&url=https%3A%2F%2Fblog.morphisec.com%2Fmispadu-infiltration-beyond-latam
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=32136%2C3607898&time=1720775249576&url=https%3A%2F%2Fblog.morphisec.com%2Fmispadu-infiltration-beyond-latam&e_ipv6=AQLvPjPk07KpGAAAAZCmMo9Qy7rSKQ...

0
268 B

224ms
165ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=32136%2C3607898&time=1720775249576&url=https%3A%2F%2Fblog.morphisec.com%2Fmispadu-infiltration-beyond-latam&e_ipv6=AQLvPjPk07KpGAAAAZCmMo9Qy7rSKQao3Ui2JTWv_RQF_kmAGtnCzx_IUa6FwExkomj10g
Requested by: Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 09:07:29 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 0B6674605D464ECDBAAC4E3344D791E1 Ref B: MRS20EDGE0207 Ref C: 2024-07-12T09:07:29Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYdCTWDZH27HFJm+0Rg+A==

Redirect headers

date: Fri, 12 Jul 2024 09:07:29 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 30B8DE9E428E4A73A38B28BC6597743A Ref B: MIL30EDGE1010 Ref C: 2024-07-12T09:07:29Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=32136%2C3607898&time=1720775249576&url=https%3A%2F%2Fblog.morphisec.com%2Fmispadu-infiltration-beyond-latam&e_ipv6=AQLvPjPk07KpGAAAAZCmMo9Qy7rSKQao3Ui2JTWv_RQF_kmAGtnCzx_IUa6FwExkomj10g
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYdCTV/tOu7pBbfBWjfPg==

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
624 B 296ms
215ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 12 Jul 2024 09:07:29 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 96D3779C35AB4DA9BE0C8BDC908EB150 Ref B: MIL30EDGE1010 Ref C: 2024-07-12T09:07:29Z
linkedin-action: 1
vary: Origin
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
access-control-allow-origin: https://blog.morphisec.com
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYdCTV/6qqkl35T6tnAlA==

GET
H2 200 885880844953016 Show response
connect.facebook.net/signals/config/ 68 KB
14 KB 31ms
28ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/885880844953016?v=2.9.161&r=stable&domain=blog.morphisec.com&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a315b4d2ab322e795e09f334f3278fac7b25272a8dd28887f24ed2036ede8e65

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 12 Jul 2024 09:07:29 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 14009
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=27, rtx=0, c=66, mss=1297, tbw=66314, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: 5naCRQ3Xd+EPglXPQzxZ+cIYA5n6teFaSHATRMLtwcTcYgopLslA6gKP9lkPUvBPDjl/O+ozemwOBaEcnBEimw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 counters.gif
forms-na1.hsforms.com/embed/v3/ 35 B
886 B 175ms
146ms Image
image/gif 104.18.80.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 09:07:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 1393b979-9291-48b1-a018-a8cd68af9478
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 1393b979-9291-48b1-a018-a8cd68af9478
server: cloudflare
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-776cb5686f-lh447
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 8a1fe21e5caf4c5c-MXP

GET
H3 200 cta-loaded.js Show response
blog.morphisec.com/hs/cta/ctas/v2/public/cs/ 0
1 KB 204ms
202ms Script
application/javascript 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.morphisec.com/hs/cta/ctas/v2/public/cs/cta-loaded.js?pid=1534169&pg=d4f17ebf-d8a2-49c3-9bca-a8f8112b45f3&lt=1720775249180&dt=1720775249181&at=1720775249645&an=1

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/hs/cta/cta/current.js

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-origin-hublet: na1
date: Fri, 12 Jul 2024 09:07:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 500e9e0b-ed74-47b6-bd48-712f84d5368f
x-envoy-upstream-service-time: 4
alt-svc: h3=":443"; ma=86400
content-length: 0
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 500e9e0b-ed74-47b6-bd48-712f84d5368f
last-modified: Fri, 12 Jul 2024 09:07:29 GMT
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fKr%2FjykiYnYL8TH7CvuUGbG2bpA55I3r5oBN6BNWGDMAXc8%2F5JcdYQuZ7inms8dB1fSqOFe6aIi%2FIG27u3cgQIu7AYZx%2FdfAou8iHVxq1DykS9BxBJDEPnzKgu9BwQwpdVCPaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=utf-8
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-776cb5686f-hlwff
x-evy-trace-virtual-host: all
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
cf-ray: 8a1fe21e5bc95268-MXP
x-robots-tag: noindex, follow

GET
H3 200 cta-loaded.js Show response
blog.morphisec.com/hs/cta/ctas/v2/public/cs/ 0
1 KB 398ms
397ms Script
application/javascript 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.morphisec.com/hs/cta/ctas/v2/public/cs/cta-loaded.js?pid=1534169&pg=d4f17ebf-d8a2-49c3-9bca-a8f8112b45f3&lt=1720775249180&dt=1720775249181&at=1720775249646&an=1

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/hs/cta/cta/current.js

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-origin-hublet: na1
date: Fri, 12 Jul 2024 09:07:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 2428fe38-4947-49ae-acdb-d0091a8b9174
x-envoy-upstream-service-time: 7
alt-svc: h3=":443"; ma=86400
content-length: 0
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 2428fe38-4947-49ae-acdb-d0091a8b9174
last-modified: Fri, 12 Jul 2024 09:07:30 GMT
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xgaXU%2FR8hyreEHgjUUKrfE3P9VZ7kZkgrfD0oG2A7RLtI1rpafFaicBLgucgrOI3iXhmr6nOEPfKVMXzKvV4iiuJICBHBsCIQK8xJyB8etsQg2ESsg0LY4JUeFVv2fBQUtqyOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=utf-8
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-776cb5686f-ptpxr
x-evy-trace-virtual-host: all
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
cf-ray: 8a1fe21e5bcb5268-MXP
x-robots-tag: noindex, follow

GET
H3 200 cta-loaded.js Show response
blog.morphisec.com/hs/cta/ctas/v2/public/cs/ 0
1 KB 205ms
204ms Script
application/javascript 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.morphisec.com/hs/cta/ctas/v2/public/cs/cta-loaded.js?pid=1534169&pg=e098d357-1710-4cfe-8901-19c93de122f4&lt=1720775249202&dt=1720775249202&at=1720775249647&an=1

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/hs/cta/cta/current.js

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-origin-hublet: na1
date: Fri, 12 Jul 2024 09:07:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 863010fe-86ee-4a08-86a6-08ef58bd8c96
x-envoy-upstream-service-time: 5
alt-svc: h3=":443"; ma=86400
content-length: 0
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 863010fe-86ee-4a08-86a6-08ef58bd8c96
last-modified: Fri, 12 Jul 2024 09:07:29 GMT
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KitlgIhVfgXfJpc32F4YrRqXIqsLmjMCvbPaQhu71b5%2FKKu0ovrtnDAhzjV6hH9CenZ2pS1HKWZ%2FxhOpuHTYv5ADY1aM54kp%2FYx3Q63d4yg9oSQnO3uFLej%2Fr00onRLhC4CHcw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=utf-8
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-776cb5686f-5974s
x-evy-trace-virtual-host: all
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
cf-ray: 8a1fe21e5bcd5268-MXP
x-robots-tag: noindex, follow

GET
H3 200 cta-loaded.js Show response
blog.morphisec.com/hs/cta/ctas/v2/public/cs/ 0
1 KB 205ms
204ms Script
application/javascript 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.morphisec.com/hs/cta/ctas/v2/public/cs/cta-loaded.js?pid=1534169&pg=3c83d6d5-0c56-47b7-8aee-ae6edf73c360&lt=1720775249180&dt=1720775249181&at=1720775249648&an=1

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/hs/cta/cta/current.js

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-origin-hublet: na1
date: Fri, 12 Jul 2024 09:07:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: d6d93e96-404e-4f53-bee6-b068af3b7f23
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=86400
content-length: 0
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: d6d93e96-404e-4f53-bee6-b068af3b7f23
last-modified: Fri, 12 Jul 2024 09:07:29 GMT
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MBMo9%2BzNPNJzELpeRaJ50nOfb5fmTdrVxABbVzFJD8Lesd9nJ41b5qi6vMuF3eATjmFHOx7dGXKfB5w%2BEWoJ%2FyTDKbeKbgaCReMbMuzZOIWbO2lsHva9O0c3SKZfOBjI8Q6bbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=utf-8
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-776cb5686f-x87g5
x-evy-trace-virtual-host: all
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
cf-ray: 8a1fe21e5bd05268-MXP
x-robots-tag: noindex, follow

GET
H3 200 cta-loaded.js Show response
blog.morphisec.com/hs/cta/ctas/v2/public/cs/ 0
1 KB 196ms
195ms Script
application/javascript 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.morphisec.com/hs/cta/ctas/v2/public/cs/cta-loaded.js?pid=1534169&pg=c0c8d819-c7bc-43c9-a80b-7db9c88cd5ab&lt=1720775249201&dt=1720775249201&at=1720775249649&an=1

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/hs/cta/cta/current.js

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-origin-hublet: na1
date: Fri, 12 Jul 2024 09:07:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 23e96335-41e1-4cb8-84e7-430ac7c593a6
x-envoy-upstream-service-time: 6
alt-svc: h3=":443"; ma=86400
content-length: 0
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 23e96335-41e1-4cb8-84e7-430ac7c593a6
last-modified: Fri, 12 Jul 2024 09:07:29 GMT
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zK4Gy%2FhoNOsL1BOcAjqbEwj2QcT5XCpzew4CnF9qdssOiLXloJE7qQPMYRVjYdjQ184A%2Fj2NtG52q32CU0CnlCMvyB6RHbXKPAay7qjRT21qj5Kbc7INUn2PjiIMJgyUpbk0%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=utf-8
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-776cb5686f-9q8fv
x-evy-trace-virtual-host: all
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
cf-ray: 8a1fe21e5bd45268-MXP
x-robots-tag: noindex, follow

GET
H3 200 cta-loaded.js Show response
blog.morphisec.com/hs/cta/ctas/v2/public/cs/ 0
1 KB 390ms
383ms Script
application/javascript 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.morphisec.com/hs/cta/ctas/v2/public/cs/cta-loaded.js?pid=1534169&pg=c9a3865e-2993-4f6e-b357-de969e5176a5&lt=1720775249177&dt=1720775249178&at=1720775249650&an=1

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/hs/cta/cta/current.js

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-origin-hublet: na1
date: Fri, 12 Jul 2024 09:07:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 27b9feb8-5d96-4a60-bae9-0ebc9fe6d2f4
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=86400
content-length: 0
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 27b9feb8-5d96-4a60-bae9-0ebc9fe6d2f4
last-modified: Fri, 12 Jul 2024 09:07:30 GMT
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wO7W%2BUVMH8sy6DsdhkwjrZyWHR6GKJ7KVquLpkm%2BIaohmCSpYLaa2My2pbz%2F4iSNvwua3bDmjfREgi8wvxA8waVUrE%2FF3jlBBwHfNcH9g2lhql3NLcFZVoZfJvbXpdMYf7NyJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=utf-8
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-776cb5686f-xtlwj
x-evy-trace-virtual-host: all
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
cf-ray: 8a1fe21e6bec5268-MXP
x-robots-tag: noindex, follow

GET
H3 200 counters.gif
perf.hsforms.com/embed/v3/ 35 B
892 B 172ms
165ms Image
image/gif 104.18.80.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf.hsforms.com/embed/v3/counters.gif?key=cta-json-success&value=1

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 09:07:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 93b1ae5f-c2a0-483e-b912-8f3efa6b4326
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 93b1ae5f-c2a0-483e-b912-8f3efa6b4326
last-modified: Fri, 12 Jul 2024 09:07:29 GMT
server: cloudflare
vary: origin, Accept-Encoding
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-776cb5686f-gqvlc
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: none
cf-ray: 8a1fe21e6cd54c5c-MXP

GET
H3 200 counters.gif
perf.hsforms.com/embed/v3/ 35 B
891 B 169ms
162ms Image
image/gif 104.18.80.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf.hsforms.com/embed/v3/counters.gif?key=cta-render-success&value=1

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 09:07:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: cd2cc7de-2600-4197-997e-52617f34a5de
x-envoy-upstream-service-time: 4
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: cd2cc7de-2600-4197-997e-52617f34a5de
last-modified: Fri, 12 Jul 2024 09:07:29 GMT
server: cloudflare
vary: origin, Accept-Encoding
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-776cb5686f-gqvsp
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: none
cf-ray: 8a1fe21e6cd84c5c-MXP

GET
H3 200 CYBER%20RESILIENCY-280x280%D6%B9_v1.1.png
www.morphisec.com/hs-fs/hubfs/ 67 KB
68 KB 69ms
64ms Image
image/webp 199.60.103.225
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.morphisec.com/hs-fs/hubfs/CYBER%20RESILIENCY-280x280%D6%B9_v1.1.png?height=280&width=280

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.225 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c66f537de497e2306014e30c269b7d65e0671eec4b25e53120de90d627100f5

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 09:07:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 ec6f32a0d1c5fef22993e49d055871c2.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
cache-tag: F-171610370224,P-1534169,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 68558
cf-resized: internal=ok/h q=0 n=23+0 c=2+201 v=2024.6.0 l=68558
last-modified: Fri, 28 Jun 2024 20:35:53 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfxjpKy-LQDu2K5cATPBvf7WurkryKNOHkFkb-FTMTDQ:a015821c789fe4047a66a1cb79283ff8"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PAFVsxOcFOo6BY0sl48PCezAzEN8cnfo6yF9kcDJOnhxpNTd0piBkZ6gMycI0KgOeY9HG%2Bj7NlcPLbqHf5Y6%2B9UvElo64Z9hgiqWOqs3H1iON8l6TJjdDj%2FAOL70%2F23N2S9g"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 8a1fe21e6ca7baff-MXP
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net

GET
H2 200 a8b85f6e-5b92-440b-9490-8f52fe151636.png
1534169.fs1.hubspotusercontent-na1.net/hubfs/1534169/hub_generated/resized/ 42 KB
43 KB 125ms
82ms Image
image/png 2606:4700:4400::6812:297c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1534169.fs1.hubspotusercontent-na1.net/hubfs/1534169/hub_generated/resized/a8b85f6e-5b92-440b-9490-8f52fe151636.png
Requested by: Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:297c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60bd6bad64c21fc8b1d3f6bf3fa261780974e6b0489a67a1d02db33fb4c9b7b6

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-meta-cache-tag: P-1534169,FLS-ALL
age: 0
x-amz-request-id: HV4W7YQX6F62YBQA
x-amz-server-side-encryption: AES256
edge-cache-tag: P-1534169,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: "52f2133547882c1af4bd99b776191ea7"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1704491705781
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 12 Jul 2024 09:07:29 GMT
via: 1.1 71d15e4317f9ba4644f6c17f42ef94c8.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: aXW8S0NNcXgP1skXixHskKHTqJIbr4lJ
x-amz-cf-pop: MXP64-C2
x-hs-alternate-content-type: text/plain
x-cache: Miss from cloudfront
cache-tag: P-1534169,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
content-length: 42909
x-amz-id-2: PcGEydse33tFRV7s87L9SUKbfXs4yy/Q85o9E2/tiGYqweTDkYyVADvF9fVObxQqI6w5oxHE59XFI7XJWtMgl/fOHoQbgmgz8QHxFS9a0yY=
last-modified: Fri, 05 Jan 2024 21:55:06 GMT
server: cloudflare
accept-ranges: bytes
cf-ray: 8a1fe21ea88fbac1-MXP
timing-allow-origin: 1534169.fs1.hubspotusercontent-na1.net
x-amz-cf-id: WmyZVXnvX-qGzmydSpbfOi9K-hFQnuoKHstgS-45RoRibmOPp0Fqtw==

GET
H3 200 arrow-white-1.svg
www.morphisec.com/hubfs/ 393 B
2 KB 109ms
106ms Image
image/svg+xml 199.60.103.225
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.morphisec.com/hubfs/arrow-white-1.svg

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/hs-fs/hub/1534169/hub_generated/module_assets/109590708858/1718666705155/module_109590708858_Header_-_Global.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.225 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f04b9db4570a8f016c3b42727fd56b2e8779876c8f6ee5fdcfabb4df25eb48b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://blog.morphisec.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-meta-cache-tag: F-109682673984,P-1534169,FLS-ALL
age: 218006
x-amz-request-id: DCXQRDBX650M0C1A
x-amz-server-side-encryption: AES256
edge-cache-tag: F-109682673984,P-1534169,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: W/"f6b8983a7a9f44be13760be2a7d47927"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1680712961922
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 12 Jul 2024 09:07:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 be8ca88bcfbe9f1ac2e2b6bb9e74f1d6.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: ZWYxcYkJ3fJQSXhQh1nDTahxfuzH5ivg
x-amz-cf-pop: MXP64-C2
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-109682673984,P-1534169,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
x-amz-id-2: uqhICnCN3PSLnIi/A4XgTW3KYnd47mMi839Yau/DpuaMjkOS5Kc8iu+dbWzO5sd9EPh3h64cZiA=
last-modified: Wed, 05 Apr 2023 16:42:42 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VzXVcFOcYx34RevnTwvHT0NgJlVnib3ll1bKDwlu8JQrtcf84TtCVSya1mjyTvVd2rMOjW7Xstj3%2FpxkrlH5MgMRf4y%2BdwEmqr6R1cN6MoUgFLgxSvEOoYnV%2BLh6uCewZJDC"}],"group":"cf-nel","max_age":604800}
cf-ray: 8a1fe21e6ca8baff-MXP
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: pUSfwgumUXhT3FEsmW4KdrVFj84cFdLIhPGuBTzRRDBxj1QYvhsjnw==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 286 KB
98 KB 50ms
49ms Script
application/javascript 216.58.212.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4GZ4VXKYJ8&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

cfb11726b4d8692159323348253330777ef8b869bf408fbd7d0c31423ea76954

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 09:07:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 100352
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 12 Jul 2024 09:07:29 GMT

GET
H2 200 json Show response
forms.hscollectedforms.net/collected-forms/v1/config/ 133 B
454 B 146ms
144ms XHR
application/json 2606:4700::6810:6bfe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=1534169&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6bfe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1fbec94ad9621a43267c401bb53db7e0605c1a5fb4b666a613356bee7cb84d81

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 09:07:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: c88ac3bc-9b7f-4d35-92bd-aa013508c511
x-envoy-upstream-service-time: 8
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: c88ac3bc-9b7f-4d35-92bd-aa013508c511
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://blog.morphisec.com
x-evy-trace-virtual-host: all
cache-control: max-age=0
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-65f7f7c749-fvpqg
access-control-max-age: 180
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 8a1fe21ebf34bafa-MXP

GET
H3 200 counters.gif
forms-na1.hsforms.com/embed/v3/ 35 B
852 B 148ms
147ms Image
image/gif 104.18.80.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 09:07:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 9249ebdb-ae47-4571-830b-73adf91cd901
x-envoy-upstream-service-time: 5
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 9249ebdb-ae47-4571-830b-73adf91cd901
server: cloudflare
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-776cb5686f-9q8fv
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 8a1fe21ecd824c5c-MXP

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 114 B
1 KB 227ms
175ms XHR
application/json 2606:4700::6812:f26c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=1534169

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f26c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf1cb8930dbca6515121d94c81df4c6b2567c5021435ab4ac683abfc51768ec5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 09:07:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 018188fc-d1e5-499b-bdbd-e6b3c68b63da
content-encoding: br
x-envoy-upstream-service-time: 4
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 018188fc-d1e5-499b-bdbd-e6b3c68b63da
server: cloudflare
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://blog.morphisec.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-7dd59b876-25btk
access-control-max-age: 180
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wbDi6VNX3UGdZL%2BVGB7V4sIIGUT1WRCBQjtv7PekRvQjJXkvH3kq6Feeugn7b4cQ2XH55wfw1zL4WtoWPUvJvkEA9Pzs001BxaZL6DOVNOFy4ULQ14%2BDuh%2Bh4onfpcr3MPJKK9QXUbJitd0T"}],"group":"cf-nel","max_age":604800}
cf-ray: 8a1fe21f2a1a4c61-MXP
access-control-allow-headers: *

GET
H2 200 combinedConfigs Show response
cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/ 108 B
1 KB 139ms
138ms Fetch
application/json 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=1534169&currentUrl=https%3A%2F%2Fblog.morphisec.com%2Fmispadu-infiltration-beyond-latam&contentId=162037724749

Requested by

Host: js.hubspot.com
URL: https://js.hubspot.com/web-interactives-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a45c89da6cfa94009a61215c8921175ec1bf18444adb5bcba07e22e9b12954d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 09:07:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 49cedf1e-3ff5-4bfe-8079-e52d6c1806ee
content-encoding: br
x-envoy-upstream-service-time: 6
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 49cedf1e-3ff5-4bfe-8079-e52d6c1806ee
server: cloudflare
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://blog.morphisec.com
x-evy-trace-virtual-host: all
access-control-max-age: 180
access-control-allow-credentials: true
cache-control: max-age=0, no-cache, no-store
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Th1T6n0q89rY%2FZAnLo4dCEYpN238T3NkOCvWzr1SUDQwWMhnh4brylMMljuIFe5sFvvl7%2F9xaqM4Zx9GkbgpNe18m4kUDWJpbIagGslgDDFC1QJHpLx9oJvnn3DO73%2FS%2Fg2GGLSiU0o5d4jbfUQpqaTNuIne%2FEhZxys%3D"}],"group":"cf-nel","max_age":604800}
x-robots-tag: noindex, follow
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 8a1fe21ed96a4be4-MXP
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-776cb5686f-fr5m6

GET
H2 200 destinations.min.js Show response
x.clearbitjs.com/v2/pk_5fe48b59baf6bb406e34c9012803b845/ 0
21 B 342ms
272ms Script
application/javascript 3.127.196.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://x.clearbitjs.com/v2/pk_5fe48b59baf6bb406e34c9012803b845/destinations.min.js

Requested by

Host: tag.clearbitscripts.com
URL: https://tag.clearbitscripts.com/v1/pk_5fe48b59baf6bb406e34c9012803b845/tags.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.127.196.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-127-196-46.eu-central-1.compute.amazonaws.com

Software

Clearbit /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.morphisec.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 09:07:29 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-response-flags: -
server: Clearbit
content-type: application/javascript;charset=utf-8
cache-control: private, max-age=600
content-length: 0

GET
H2 200 tracking.min.js Show response
x.clearbitjs.com/v2/pk_5fe48b59baf6bb406e34c9012803b845/ 168 KB
45 KB 308ms
239ms Script
application/javascript 3.127.196.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://x.clearbitjs.com/v2/pk_5fe48b59baf6bb406e34c9012803b845/tracking.min.js

Requested by

Host: tag.clearbitscripts.com
URL: https://tag.clearbitscripts.com/v1/pk_5fe48b59baf6bb406e34c9012803b845/tags.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.127.196.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-127-196-46.eu-central-1.compute.amazonaws.com

Software

Clearbit /

Resource Hash

e87be82092a8e1a5544ef566ba1a636162eecb31e33095c6f17eb06c87cc2efb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.morphisec.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 09:07:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-envoy-response-flags: -
server: Clearbit
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: private, max-age=600

GET
H2 404 forms.js
x.clearbitjs.com/v1/pk_5fe48b59baf6bb406e34c9012803b845/ 0
0 251ms
195ms Script
application/javascript 3.127.196.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://x.clearbitjs.com/v1/pk_5fe48b59baf6bb406e34c9012803b845/forms.js?page_path=%2Fmispadu-infiltration-beyond-latam

Requested by

Host: tag.clearbitscripts.com
URL: https://tag.clearbitscripts.com/v1/pk_5fe48b59baf6bb406e34c9012803b845/tags.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.127.196.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-127-196-46.eu-central-1.compute.amazonaws.com

Software

Clearbit /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.morphisec.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 09:07:29 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-response-flags: -
server: Clearbit
content-length: 0
content-type: application/javascript;charset=utf-8

POST
H2 200 verify Show response
snid.snitcher.com/ 6 B
148 B 196ms
195ms XHR
application/json 18.184.15.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://snid.snitcher.com/verify
Requested by: Host: snid.snitcher.com
URL: https://snid.snitcher.com/8424750.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.184.15.116 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-15-116.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: d9ea8a8cab935e18796b1a064b1644c0f5db2d967a60e5f7cb8b37066b2399a4

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Fri, 12 Jul 2024 09:07:30 GMT
cache-control: no-cache, private
content-length: 6
apigw-requestid: ayrM2g-NliAEJag=
content-type: application/json

OPTIONS
H2 204 verify
snid.snitcher.com/ Frame 0
0 123ms
57ms Preflight 18.184.15.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://snid.snitcher.com/verify
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.184.15.116 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-15-116.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://blog.morphisec.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 0
apigw-requestid: ayrM1i6dliAEJ-Q=
cache-control: no-cache, private
date: Fri, 12 Jul 2024 09:07:29 GMT
vary: Access-Control-Request-Method, Access-Control-Request-Headers

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 108ms
33ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=885880844953016&ev=PageView&dl=https%3A%2F%2Fblog.morphisec.com%2Fmispadu-infiltration-beyond-latam&rl=&if=false&ts=1720775249781&sw=1600&sh=1200&v=2.9.161&r=stable&ec=0&o=4126&fbp=fb.1.1720775249779.428959315629149563&cs_est=true&ler=empty&cdl=API_unavailable&it=1720775249596&coo=false&rqm=GET

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=29, rtx=0, c=10, mss=1297, tbw=2837, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 12 Jul 2024 09:07:29 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 274ms
202ms Image
image/png 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=885880844953016&ev=PageView&dl=https%3A%2F%2Fblog.morphisec.com%2Fmispadu-infiltration-beyond-latam&rl=&if=false&ts=1720775249781&sw=1600&sh=1200&v=2.9.161&r=stable&ec=0&o=4126&fbp=fb.1.1720775249779.428959315629149563&cs_est=true&ler=empty&cdl=API_unavailable&it=1720775249596&coo=false&rqm=FGET

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x2090aa17e1215216","source_keys":["1","2"]},{"key_piece":"0xf39227e9b08ad876","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Fri, 12 Jul 2024 09:07:30 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7390673418221812223", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=29, rtx=0, c=14, mss=1297, tbw=3155, tp=-1, tpl=-1, uplat=163, ullat=0
pragma: no-cache
x-fb-debug: 1IX6bQCrjw8GqSHycwBktWh35LClBCRTrLs8gCcuOWxLnAMOO+EbGfhrmNgx07m0/nKnNqcy+yHJ971NcRA72Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7390673418221812223"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 40ms
38ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-4GZ4VXKYJ8&gtm=45je4790v9136559716za200&_p=1720775249006&_gaz=1&gcd=13l3l3l2l3&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&ul=it-it&sr=1600x1200&cid=1543411705.1720775249&_ng=1&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fblog.morphisec.com%2Fmispadu-infiltration-beyond-latam&dt=Breaking%20Boundaries%3A%20Mispadu%27s%20Infiltration%20Beyond%20LATAM&sid=1720775249&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1225&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4GZ4VXKYJ8&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jul 2024 09:07:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.morphisec.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
45 B 40ms
38ms Ping
text/plain 2a00:1450:400c:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&_ng=1&tid=G-4GZ4VXKYJ8&cid=1543411705.1720775249&gtm=45je4790v9136559716za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l3&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4GZ4VXKYJ8&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jul 2024 09:07:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.morphisec.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.it/ads/ 42 B
107 B 51ms
50ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.it/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ng=1&tid=G-4GZ4VXKYJ8&cid=1543411705.1720775249&gtm=45je4790v9136559716za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l3&npa=1&frm=0&z=681148838

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jul 2024 09:07:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 i Show response
scout.salesloft.com/ 48 B
467 B 120ms
118ms XHR
application/json 54.144.102.7
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://scout.salesloft.com/i

Requested by

Host: scout-cdn.salesloft.com
URL: https://scout-cdn.salesloft.com/sl.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.144.102.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-144-102-7.compute-1.amazonaws.com

Software

Resource Hash

68d652ff149ffaadd7e2e63b2584fbd221ced271b351ad11befceca5a16e3e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 09:07:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://blog.morphisec.com
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 48
x-request-id: 73ee692d902a808d79d0c78f2366411c

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
539 B 162ms
161ms Image
image/gif 104.18.80.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=3

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 09:07:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: fd12e8c8-0d2e-4132-983e-d5ca77592136
x-envoy-upstream-service-time: 5
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: fd12e8c8-0d2e-4132-983e-d5ca77592136
server: cloudflare
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-776cb5686f-fr5m6
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 8a1fe21faf2c4c5c-MXP

GET
H3 200 counters.gif
perf-na1.hsforms.com/embed/v3/ 35 B
581 B 156ms
155ms Image
image/gif 104.18.80.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 09:07:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 5e5fd906-ac44-47f9-9289-b0605136324d
x-envoy-upstream-service-time: 4
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 5e5fd906-ac44-47f9-9289-b0605136324d
last-modified: Fri, 12 Jul 2024 09:07:30 GMT
server: cloudflare
vary: origin, Accept-Encoding
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-776cb5686f-gqvlc
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: none
cf-ray: 8a1fe21fcf624c5c-MXP

GET
H/1.1 200
OK button.856debeac157d9669cf51e73a08fbc93.js Show response
platform.twitter.com/js/ 8 KB
3 KB 18ms
18ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.856debeac157d9669cf51e73a08fbc93.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CF9) /
Resource Hash: 426e16d014775c77916610f675f58880874c645817ed26d01873dde3466e6007

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Fri, 12 Jul 2024 09:07:29 GMT
Content-Encoding: gzip
Age: 9443092
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 2620
Last-Modified: Mon, 11 Dec 2023 17:19:47 GMT
Server: ECS (mil/6CF9)
Etag: "fdf02dd038ed38dbf3c240d56262af0c+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
platform.twitter.com/widgets/ Frame A12B 0
0 24ms
24ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CF5) /
Resource Hash

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 9443088
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 12332
Content-Type: text/html; charset=utf-8
Date: Fri, 12 Jul 2024 09:07:29 GMT
Etag: "e29e65db7bf0a096587728e1faacfd9c+gzip"
Last-Modified: Mon, 11 Dec 2023 17:19:48 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (mil/6CF5)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 embeds
syndication.twitter.com/i/jot/ 43 B
292 B 206ms
142ms Image
image/gif 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fblog.morphisec.com%2Fmispadu-infiltration-beyond-latam%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22morphisec%22%2C%22widget_creator_screen_name%22%3A%22osipov_ar%22%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1720775249924%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%222615f7e52b7e0%3A1702314776716%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=573a4213d95e6f25763cd5fccf88b1ae8d60e740

Requested by

Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-response-time: 111
date: Fri, 12 Jul 2024 09:07:29 GMT
strict-transport-security: max-age=631138519
last-modified: Fri, 12 Jul 2024 09:07:30 GMT
server: tsa_o
vary: Origin
content-type: image/gif
x-transaction-id: dae83dd6cf99c9c9
cache-control: must-revalidate, max-age=600
perf: 7402827104
x-connection-hash: 23c976f68fa282b42306c4ccf2e5cf0e50a93262679517a89baa076e6c9522f8
content-length: 43

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 38 KB
0 0ms
0ms Script
application/javascript 2a02:26f0:e300::5f64:9252
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:e300::5f64:9252 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

dbfeb010a0c8acddc38dea97e228787f16ac5e30b4af96b764fa2252fe3827e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 09:07:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Jul 2024 09:19:33 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=37360
accept-ranges: bytes
content-length: 14011

POST
H2 200 p Show response
app.clearbit.com/v1/ 16 B
1 KB 328ms
261ms XHR
application/json 18.153.4.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clearbit.com/v1/p

Requested by

Host: x.clearbitjs.com
URL: https://x.clearbitjs.com/v2/pk_5fe48b59baf6bb406e34c9012803b845/tracking.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.153.4.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-153-4-44.eu-central-1.compute.amazonaws.com

Software

Clearbit /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 12 Jul 2024 09:07:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-envoy-response-flags: -
server: Clearbit
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding, Origin
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://blog.morphisec.com
access-control-expose-headers
content-security-policy-report-only: default-src 'self'; script-src 'unsafe-inline' 'report-sample' 'self' https://browser.sentry-cdn.com https://cdn.amplitude.com/libs/amplitude-5.2.2-min.gz.js https://cdn.clearbit.com https://cdn.segment.com/analytics.js/v1/auzWlbWIBrAsKnGQIiT0X3IjfZyepgW5/analytics.min.js https://checkout.stripe.com https://connect.facebook.net https://edge.fullstory.com/s/fs.js https://fast.appcues.com https://www.google-analytics.com/analytics.js https://x.clearbitjs.com https://cdn.clearbit.com https://*.commandbar.com; style-src 'unsafe-inline' 'report-sample' 'self' https://cdn.clearbit.com https://*.commandbar.com https://fast.appcues.com https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://api.amplitude.com https://*.commandbar.com https://api.segment.io https://checkout.stripe.com https://rs.fullstory.com https://www.google-analytics.com wss://api.appcues.net https://stats.g.doubleclick.net https://sentry.io https://logo.clearbit.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://*.commandbar.com https://checkout.stripe.com; img-src 'self' https://*.commandbar.com https://*.stripe.com data: https://cdn.clearbit.com https://images.ctfassets.net https://logo.clearbit.com https://www.facebook.com https://connect.facebook.net https://www.google.com https://unpkg.com/react-flag-kit https://cloudfront.net/v1/avatars https://*.googleusercontent.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
access-control-allow-credentials: true
content-type: application/json

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
551 B 169ms
167ms Image
image/gif 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=it-it&bfp=3571879071&v=1.1&a=1534169&pi=162037724749&ct=blog-post&ccu=https%3A%2F%2Fblog.morphisec.com%2Fmispadu-infiltration-beyond-latam&cpi=162037724749&cgi=3742504875&lpi=162037724749&lvi=162037724749&lvc=en-us&pu=https%3A%2F%2Fblog.morphisec.com%2Fmispadu-infiltration-beyond-latam&t=Breaking+Boundaries%3A+Mispadu%27s+Infiltration+Beyond+LATAM&cts=1720775250140&vi=0a157dc9b1b15ff390187c3e357e7a11&nc=true&u=182053752.0a157dc9b1b15ff390187c3e357e7a11.1720775250137.1720775250137.1720775250137.1&b=182053752.1.1720775250137&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 09:07:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 6147f443-dbb8-4b36-a841-07d3c38c2702
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 11
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 6147f443-dbb8-4b36-a841-07d3c38c2702
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qomKk6Tb93WI2%2Fi3zc0bwPLWvxYm%2FkbqkrVRCluD6%2FkGFNaO%2F%2B%2BZTJ2LuTQwMWm%2BqkU7gcRB8u8jrnUFUb8LyMkn%2BGuMF8zdZ%2B8IRnVqH76sylHM4QHYr4d62pRFPPqJD%2B267It2t5hXtDkM7LQB"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-756b8c8b56-nxqrk
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 8a1fe2217dec4c66-MXP
x-robots-tag: none

GET
H3 200 counters.gif
perf.hsforms.com/embed/v3/ 35 B
581 B 151ms
150ms Image
image/gif 104.18.80.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf.hsforms.com/embed/v3/counters.gif?key=cta-with-analytics&value=1

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 09:07:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: ae5c302c-17f2-48ff-b049-6e0594e2f3d8
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: ae5c302c-17f2-48ff-b049-6e0594e2f3d8
last-modified: Fri, 12 Jul 2024 09:07:30 GMT
server: cloudflare
vary: origin, Accept-Encoding
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-776cb5686f-6lppp
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: none
cf-ray: 8a1fe2217a534c5c-MXP

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
458 B 164ms
163ms Image
image/gif 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=37b11fda-a2aa-4805-9c0e-bae8eaccd6b7&fci=737602eb-541a-404e-936a-0fe2b5d163c3&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=it-it&bfp=3571879071&v=1.1&a=1534169&pi=162037724749&ct=blog-post&ccu=https%3A%2F%2Fblog.morphisec.com%2Fmispadu-infiltration-beyond-latam&cpi=162037724749&cgi=3742504875&lpi=162037724749&lvi=162037724749&lvc=en-us&pu=https%3A%2F%2Fblog.morphisec.com%2Fmispadu-infiltration-beyond-latam&t=Breaking+Boundaries%3A+Mispadu%27s+Infiltration+Beyond+LATAM&cts=1720775250144&vi=0a157dc9b1b15ff390187c3e357e7a11&nc=true&u=182053752.0a157dc9b1b15ff390187c3e357e7a11.1720775250137.1720775250137.1720775250137.1&b=182053752.1.1720775250137&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 09:07:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 530468f0-bc8b-4902-83a2-d293fad80c7a
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 11
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 530468f0-bc8b-4902-83a2-d293fad80c7a
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t%2F0xpPoaZzpWP4e%2BOY1YCCt679bbN26LISANMvYVobzaHyoprOkdz%2FoWwhn0noWA4cgq0R2xreMDQFCIGIILSNLq3kuQcOzwkCwoLbZ%2FEbWrc0moqLEwm04%2FPA%2FIr%2B1Is9LkF4ubBcldDxyw%2F6GA"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-756b8c8b56-k7dnw
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 8a1fe2218dfe4c66-MXP
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
523 B 199ms
198ms Image
image/gif 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=17&fi=37b11fda-a2aa-4805-9c0e-bae8eaccd6b7&fci=737602eb-541a-404e-936a-0fe2b5d163c3&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=it-it&bfp=3571879071&v=1.1&a=1534169&pi=162037724749&ct=blog-post&ccu=https%3A%2F%2Fblog.morphisec.com%2Fmispadu-infiltration-beyond-latam&cpi=162037724749&cgi=3742504875&lpi=162037724749&lvi=162037724749&lvc=en-us&pu=https%3A%2F%2Fblog.morphisec.com%2Fmispadu-infiltration-beyond-latam&t=Breaking+Boundaries%3A+Mispadu%27s+Infiltration+Beyond+LATAM&cts=1720775250147&vi=0a157dc9b1b15ff390187c3e357e7a11&nc=true&u=182053752.0a157dc9b1b15ff390187c3e357e7a11.1720775250137.1720775250137.1720775250137.1&b=182053752.1.1720775250137&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 09:07:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: a79b5eaf-6e05-4c58-ad1f-ea4d86de6dcb
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 15
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: a79b5eaf-6e05-4c58-ad1f-ea4d86de6dcb
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EHq7rtuJGFxefOuGrjvZNbVxIxFo2VKxmJf0xZW9eNCzt%2Be2%2BTWk4d3HfH%2B7qdicITUWJQElrc3ILELpZGjxtsYEztaEWl3tt5ArI5crqiQCKeYm0Qksw%2B%2FIOZXjRVyvHBYoKcwpx5924V4O3fdN"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-756b8c8b56-pkwbj
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 8a1fe2218e024c66-MXP
x-robots-tag: none

GET
H2 200 share_button.php
www.facebook.com/v3.0/plugins/ Frame 9DE8 0
0 151ms
86ms Document
text/html 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v3.0/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7ae9c0dbf327b1e5%26domain%3Dblog.morphisec.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fblog.morphisec.com%252Ff50e4a87b11b09096%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fblog.morphisec.com%2Fmispadu-infiltration-beyond-latam&layout=button_count&locale=en_US&sdk=joey

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=59b356f083b07ed1c91ccbee1e987093

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: zstd
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jul 2024 09:07:30 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v14.0
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma: no-cache
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7390673422599385402"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7390673422599385402", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=30, rtx=0, c=10, mss=1297, tbw=2779, tp=-1, tpl=-1, uplat=55, ullat=0
x-fb-debug: JssZID+zdh6YICS0BkosrUlYNjGVo7jgHxcgPsBlUOEJkz7X6VgNOW1Nd/gdSrYM3fotNNUYp5iTzpVuJEn29Q==
x-xss-protection: 0

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
463 B 177ms
175ms Image
image/gif 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=12&aij=%5B%22d4f17ebf-d8a2-49c3-9bca-a8f8112b45f3%22%2C%22c5b10fd2-1f83-4c8f-b33b-106296dbd6da%22%5D&rfc=8&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=it-it&bfp=3571879071&v=1.1&a=1534169&pi=162037724749&ct=blog-post&ccu=https%3A%2F%2Fblog.morphisec.com%2Fmispadu-infiltration-beyond-latam&cpi=162037724749&cgi=3742504875&lpi=162037724749&lvi=162037724749&lvc=en-us&pu=https%3A%2F%2Fblog.morphisec.com%2Fmispadu-infiltration-beyond-latam&t=Breaking+Boundaries%3A+Mispadu%27s+Infiltration+Beyond+LATAM&cts=1720775250142&vi=0a157dc9b1b15ff390187c3e357e7a11&nc=true&u=182053752.0a157dc9b1b15ff390187c3e357e7a11.1720775250137.1720775250137.1720775250137.1&b=182053752.1.1720775250137&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 09:07:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: d91f13f2-fc58-4b80-a0a8-3e184a4bf63d
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 10
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: d91f13f2-fc58-4b80-a0a8-3e184a4bf63d
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bGgzxptRggailABShT861edy%2FPOJx8QI2IfHPv6EpHUogfi5Z9wVQ6vg3DKqf%2FmVXIb59qTA3DkAcY6qPonOuRHTm4pRuRH9vPf3K%2F%2Bts67YTr%2F8hwJW01OHzW2UgbXEjetIH0mrASE3CzwiYiTa"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-756b8c8b56-rt7tr
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 8a1fe221ae484c66-MXP
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
602 B 193ms
192ms Image
image/gif 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=12&aij=%5B%22e098d357-1710-4cfe-8901-19c93de122f4%22%2C%22f5374243-2466-4afb-8700-3d366c63bdf6%22%5D&rfc=8&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=it-it&bfp=3571879071&v=1.1&a=1534169&pi=162037724749&ct=blog-post&ccu=https%3A%2F%2Fblog.morphisec.com%2Fmispadu-infiltration-beyond-latam&cpi=162037724749&cgi=3742504875&lpi=162037724749&lvi=162037724749&lvc=en-us&pu=https%3A%2F%2Fblog.morphisec.com%2Fmispadu-infiltration-beyond-latam&t=Breaking+Boundaries%3A+Mispadu%27s+Infiltration+Beyond+LATAM&cts=1720775250143&vi=0a157dc9b1b15ff390187c3e357e7a11&nc=true&u=182053752.0a157dc9b1b15ff390187c3e357e7a11.1720775250137.1720775250137.1720775250137.1&b=182053752.1.1720775250137&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 09:07:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: fa434beb-78c4-4d42-af55-b1f754fe1eae
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 12
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: fa434beb-78c4-4d42-af55-b1f754fe1eae
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GuYw7OPTaFZlbyM7nWLHWRPOjQC780uvQNjKXipYS%2Fpeb1sX0JYTX4X8K63BiQyxhRkbO1DcfoT2gGy7ZIawsKHE67CxP1f1GHE1eGHW6lgNVyKDWDDdPwb6fhmroRU7XbxCQ2rGRd7aBt5f5GPd"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-756b8c8b56-vtjjp
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 8a1fe221ae4b4c66-MXP
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
565 B 163ms
163ms Image
image/gif 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=12&aij=%5B%223c83d6d5-0c56-47b7-8aee-ae6edf73c360%22%2C%2264affa5c-d696-47c5-9e88-09336d256046%22%5D&rfc=8&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=it-it&bfp=3571879071&v=1.1&a=1534169&pi=162037724749&ct=blog-post&ccu=https%3A%2F%2Fblog.morphisec.com%2Fmispadu-infiltration-beyond-latam&cpi=162037724749&cgi=3742504875&lpi=162037724749&lvi=162037724749&lvc=en-us&pu=https%3A%2F%2Fblog.morphisec.com%2Fmispadu-infiltration-beyond-latam&t=Breaking+Boundaries%3A+Mispadu%27s+Infiltration+Beyond+LATAM&cts=1720775250143&vi=0a157dc9b1b15ff390187c3e357e7a11&nc=true&u=182053752.0a157dc9b1b15ff390187c3e357e7a11.1720775250137.1720775250137.1720775250137.1&b=182053752.1.1720775250137&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 09:07:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 6860b4fe-300a-430a-90d3-7e8f2bc3d9aa
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 18
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 6860b4fe-300a-430a-90d3-7e8f2bc3d9aa
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=61rh81O3qWZXOLL4MRvwA4OCrzy%2BQIaXlr3zYrlVlStMnLXM5wojJEyicTjyBbuFruQCQ5KzdqLehDXn0mJrwFH%2FlLZPHKPgYyY6P0Fi9DG4CbjAGS7ln8PDBVjt5d2ON%2FkonkvrERelz5fp5Q4z"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-756b8c8b56-2vxt5
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 8a1fe221ae4d4c66-MXP
x-robots-tag: none

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 3 KB
2 KB 150ms
149ms XHR
application/json 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=1534169&utk=0a157dc9b1b15ff390187c3e357e7a11&__hstc=182053752.0a157dc9b1b15ff390187c3e357e7a11.1720775250137.1720775250137.1720775250137.1&__hssc=182053752.1.1720775250137&contentId=162037724749&currentUrl=https%3A%2F%2Fblog.morphisec.com%2Fmispadu-infiltration-beyond-latam

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d045f29d7d10bab6e77d9b00adc4ac3f5a4d4cb9655bb920fd79f539a18bb58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 09:07:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: a6618e73-030e-4610-868a-01b18461ac0b
x-envoy-upstream-service-time: 17
content-length: 1067
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: a6618e73-030e-4610-868a-01b18461ac0b
server: cloudflare
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://blog.morphisec.com
x-evy-trace-virtual-host: all
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-776cb5686f-njspp
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OoonW7d7Jjv%2Bb6dqo8vH%2BtnUYdoT3o5Uq1%2BTY7Eor0NOT3TfXLtsFxOx5R3M1IbyCHzOBLIZeNP2XWwsbJINc6HFSwsVWvJsnSenTYQ2j%2FfMtTjJJ91TqNufBFup8EWSPh4FqsOCD1rVRDHGOeY%2F"}],"group":"cf-nel","max_age":604800}
x-robots-tag: none
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 8a1fe221ee754be4-MXP

GET
H2 200 trends.min.js Show response
assets.trendemon.com/tag/ 301 KB
60 KB 100ms
36ms Script
application/javascript 2600:9000:275b:a600:2:7dc7:8f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.trendemon.com/tag/trends.min.js
Requested by: Host: blog.morphisec.com
URL: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:a600:2:7dc7:8f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4970f378f1665647dc9c31f8e1f627491d30ed71c3f4e853beb67ca8553a87e6

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 13:00:43 GMT
content-encoding: gzip
via: 1.1 7115bbde016dc7107bc64db76ba40c56.cloudfront.net (CloudFront)
last-modified: Tue, 09 Jul 2024 06:52:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
age: 72409
x-amz-server-side-encryption: AES256
etag: "61d08c244d2eb486b9afc6191bb15afe"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 61219
x-amz-cf-id: 9vDpQEhi6ojAvMjWbheDo_RtizxuYomviHB3XbeLWk9TOdFdHkvs0w==

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
453 B 173ms
172ms Image
image/gif 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=16&fi=793c7b55-5354-40a5-a09f-5c8f3e0c1a23&lfi=147151&ft=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=it-it&bfp=3571879071&v=1.1&a=1534169&pi=162037724749&ct=blog-post&ccu=https%3A%2F%2Fblog.morphisec.com%2Fmispadu-infiltration-beyond-latam&cpi=162037724749&cgi=3742504875&lpi=162037724749&lvi=162037724749&lvc=en-us&pu=https%3A%2F%2Fblog.morphisec.com%2Fmispadu-infiltration-beyond-latam&t=Breaking+Boundaries%3A+Mispadu%27s+Infiltration+Beyond+LATAM&cts=1720775250370&vi=0a157dc9b1b15ff390187c3e357e7a11&nc=true&u=182053752.0a157dc9b1b15ff390187c3e357e7a11.1720775250137.1720775250137.1720775250137.1&b=182053752.1.1720775250137&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 09:07:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: f31e0b9a-696a-4fe1-a96d-41750499abff
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 9
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: f31e0b9a-696a-4fe1-a96d-41750499abff
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bcC2oFgCA6eaA54x6kXuxuckTtUn6SsyPKJLBWFOfaRoHqMu02uViiVWzpRnGZPTVw5oubkvyJL1xAzGqnRS0aG6lf5SL3YgRm1ZubkPnDRBb8RUB9ZHR7BG5vCjda6FBKSTj4XZF6%2BBpTckwKmD"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-756b8c8b56-mn8fn
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 8a1fe222d8864c66-MXP
x-robots-tag: none

GET
H2 200 2552 Show response
trackingapi.trendemon.com/api/settings/ 642 B
781 B 352ms
121ms Script
application/x-javascript 52.55.22.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trackingapi.trendemon.com/api/settings/2552?callback=jsonp167162&vid=
Requested by: Host: assets.trendemon.com
URL: https://assets.trendemon.com/tag/trends.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.55.22.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-55-22-184.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: af5ac144e175f6605a8b689e2197efe3f8261ec1b22a68fe8704429ef07fbb41

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jul 2024 09:07:30 GMT
cache-control: no-store,no-cache
server: Kestrel
content-length: 642
content-type: application/x-javascript; charset=UTF-8

GET
H2 200 identity.min.js Show response
assets.trendemon.com/global/ 18 KB
6 KB 30ms
29ms Script
application/javascript 2600:9000:275b:a600:2:7dc7:8f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.trendemon.com/global/identity.min.js
Requested by: Host: assets.trendemon.com
URL: https://assets.trendemon.com/tag/trends.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:a600:2:7dc7:8f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1220bdf087a7b3b0f068e1dc2422c361ef11cf999ff8ea343573d9e5a7c19bdc

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 07:12:12 GMT
content-encoding: gzip
via: 1.1 7115bbde016dc7107bc64db76ba40c56.cloudfront.net (CloudFront)
last-modified: Tue, 09 Jul 2024 06:52:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
age: 7626
x-amz-server-side-encryption: AES256
etag: W/"3f44b799c727cbac65d90f0779b8eb4e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: VnwyhjBcnUel4qkIcrKkLTmTFG1Gl-7msbl1ox3TIdhPwit-_VJrrA==

GET
H2 200 me Show response
trackingapi.trendemon.com/api/Identity/ 95 B
508 B 116ms
116ms Script
application/x-javascript 52.55.22.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trackingapi.trendemon.com/api/Identity/me?accountId=2552&DomainCookie=17207752508160355&fingerPrint=45e8ea42cc5ccfb9c142d7f759936bf1&callback=jsonp829708&vid=
Requested by: Host: assets.trendemon.com
URL: https://assets.trendemon.com/tag/trends.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.55.22.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-55-22-184.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: cec8f2656b32d3cc8cb3b7142df0279bfff65551a3889bbac0dcece6bbc4c97d

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jul 2024 09:07:30 GMT
cache-control: no-store,no-cache
server: Kestrel
content-length: 95
content-type: application/x-javascript; charset=UTF-8

GET
H3 200 favicon.png
blog.morphisec.com/hubfs/ 6 KB
7 KB 95ms
94ms Other
image/webp 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.morphisec.com/hubfs/favicon.png

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

21b4725e42948eeab21e8cf6f0affb63ebc065012b4c7dff779e428ebd33a814

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-3821681143,P-1534169,FLS-ALL
age: 230395
x-amz-request-id: 23CXFM8ES24HAXJ9
x-amz-server-side-encryption: AES256
edge-cache-tag: F-3821681143,P-1534169,FLS-ALL
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="favicon.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-meta-access-tag: public-indexable
cf-bgj: imgq:85,h2pri
etag: "ea24d021ea3624ea4b240968cf888698"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1453980185925
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 12 Jul 2024 09:07:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 792f70324a941726ce7e749514e6fc3c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: Cnv3wBnNrZaYmPSr18E5pTmPg2lCgt7t
x-amz-cf-pop: ZRH50-C1
cf-polished: origFmt=png, origSize=8707
x-cache: RefreshHit from cloudfront
cache-tag: F-3821681143,P-1534169,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 5908
x-amz-id-2: zwjrMRx9KHyARvpV0HYRA21QGPScAkfn7E1mHEq5RSY3M6kd8UR8iIcE7FpjdaZxQCVWkJ3DJLE=
last-modified: Wed, 03 Apr 2024 17:46:43 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mp4aGI9dDSY3cut%2BIm35m0B16GhnVCQXW%2BQnjpo8j%2Fh%2Blk5yutZkX05cze7rNw%2F5xJZpBKZXU%2FRhxZQUi6ZG9nxnZ6q7FEldLNQrhLFE1u9LeAJXRtCdQu0ZlE6LRtYk%2Fbj%2FKA%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8a1fe2265a2e5268-MXP
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: bSdc0kKURWZFMkkK59uvDubq32NNP2ukhyH_0gjGQRBnbAz0QFqylw==

GET
H2 200 marketingautomation Show response
trackingapi.trendemon.com/api/ 95 B
232 B 120ms
120ms Script
application/x-javascript 52.55.22.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trackingapi.trendemon.com/api/marketingautomation?AccountId=2552&ClientUrl=aHR0cHM6Ly9ibG9nLm1vcnBoaXNlYy5jb20vbWlzcGFkdS1pbmZpbHRyYXRpb24tYmV5b25kLWxhdGFt&CookieId=17207752508160355&MaCookie=MGExNTdkYzliMWIxNWZmMzkwMTg3YzNlMzU3ZTdhMTE%3D&MaCookieName=aHVic3BvdHV0aw%3D%3D&MaName=hubspot&callback=jsonp293193&vid=2552:17207752502208862
Requested by: Host: assets.trendemon.com
URL: https://assets.trendemon.com/tag/trends.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.55.22.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-55-22-184.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: 30766fa2effc10ef57c6e752c336cf2a51abc24b24bc9939dbc02eb8fa5b7890

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jul 2024 09:07:31 GMT
cache-control: no-store,no-cache
server: Kestrel
content-length: 95
content-type: application/x-javascript; charset=UTF-8

GET
H2 200 pageview
trackingapi.trendemon.com/api/events/ 43 B
234 B 124ms
124ms Image
image/gif 52.55.22.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trackingapi.trendemon.com/api/events/pageview?accountId=2552&url=aHR0cHM6Ly9ibG9nLm1vcnBoaXNlYy5jb20vbWlzcGFkdS1pbmZpbHRyYXRpb24tYmV5b25kLWxhdGFt&cookie=17207752508160355&referral=&variant=&otwId=&otwItemId=&streamId=&streamContentId=&vid=2552:17207752502208862&r=1720775251045
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.55.22.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-55-22-184.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://blog.morphisec.com/mispadu-infiltration-beyond-latam
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jul 2024 09:07:31 GMT
server: Kestrel
age: 1691358
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43
expires: Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: lltrck.com
URL: https://lltrck.com/scripts/lt-v3.js?llid=35958

Verdicts & Comments Add Verdict or Comment

205 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

42 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.blog.morphisec.com/	1970-01-20 21:59:37	Name: __cf_bm Value: N3G5cGsB.tiVNbROrvuHmzgaZEuujiA6YyL4Iqs13ws-1720775248-1.0.1.1-_5SO77VkKw1azkpMYE4kujc30qQ_As0W0EZYfo5HMZOcvS6KZAGQ8J_QLuPzIRpiczSpgikUWvqjmjV4sWRUUw
.blog.morphisec.com/	1969-12-31 23:59:59	Name: __cfruid Value: e162d1851d129e81dcb73fa49d70c70c366db7ce-1720775248
.hsforms.net/	1970-01-20 21:59:37	Name: __cf_bm Value: 21XAWUBcj.wUBVC_2GPZpJwWERpRBan0tD3j64w4YZA-1720775249-1.0.1.1-Lox_OGsNZAZCuJ45DLDmoBy8qozPnZnnbOlxpYIyC21Ma1Fv0h9NXA_QG5hw5vRvCwp3MaUYFobeTzsNena5Jg
.morphisec.com/	1970-01-21 00:09:11	Name: _gcl_au Value: 1.1.667919019.1720775249
.www.morphisec.com/	1970-01-20 21:59:37	Name: __cf_bm Value: _zegQh2BsryzWL46Rfko_neKgijnaNtVVe4u_NCvmJs-1720775249-1.0.1.1-l.THZrmxDgRix7YIcxy5QhjFKKHx2VXszFvUR7.JYjdYaoG.X0D3PD2BEYd6b.H1S6frsegWS9a2pIkoW6qQ1w
.www.morphisec.com/	1969-12-31 23:59:59	Name: __cfruid Value: a114897781a219550fbea24f60c28262b1257593-1720775249
.hubspot.com/	1970-01-20 21:59:37	Name: __cf_bm Value: DKZVkyhdpQ09QIUymVWJPr3SF3JqNdC0SLGer.SU2_4-1720775249-1.0.1.1-zajozdViy.1Vl3Qk6HNKtu.B4687tjUndOusjtzV.vgJV8OpqHrHG2BrDlA0NeljOg0bZ4VFf.eFrFs_km_YdQ
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: BQ3McjSLbV5O9INSV5LjbW9bIPpkH7tap6kLATsEN3I-1720775249396-0.0.1.1-604800000
.morphisec.com/	1970-01-21 06:45:11	Name: _hjSessionUser_3506314 Value: eyJpZCI6ImFkMDgxNWZhLTUyMzgtNTc1OS05ODg3LTQ5NTcxZDMyZTYyYyIsImNyZWF0ZWQiOjE3MjA3NzUyNDk0MjQsImV4aXN0aW5nIjpmYWxzZX0=
.morphisec.com/	1970-01-20 21:59:37	Name: _hjSession_3506314 Value: eyJpZCI6Ijg4YjE4NWNlLTI3MzctNGM5YS1hMDNmLWZkMTQ0ZGM2ZWVhZCIsImMiOjE3MjA3NzUyNDk0MjYsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.morphisec.com/	1970-01-20 22:01:01	Name: _gid Value: GA1.2.249755182.1720775249
.morphisec.com/	1970-01-20 21:59:35	Name: _gat_UA-60065248-1 Value: 1
.morphisec.com/	1970-01-21 07:35:35	Name: _ga_HFVX4VZHCS Value: GS1.1.1720775249.1.0.1720775249.60.0.0
.morphisec.com/	1970-01-21 07:35:35	Name: _ga Value: GA1.1.1543411705.1720775249
.morphisec.com/	1970-01-21 07:35:35	Name: _ga_QY7QHR57BF Value: GS1.1.1720775249.1.0.1720775249.60.0.0
snid.snitcher.com/	1970-01-21 07:35:35	Name: SNID Value: eyJpdiI6ImJKMFpRVmZEdkZWbWRBZEMyekh0U3c9PSIsInZhbHVlIjoiSGxYSE1udHZlcU41UU1XaXJoaUMzUUtYZXhwSXdneGR2UjZrYjM0eUowTHU5SHdtSndPemFiZ1ZhckdlT2phckJjUU8zay9HcmlqRHlhQldlTTRWWUxCZnROa3dnaVhtSnNNY0JKNnlLOEF5UDFnbkxaNUtWNnZsVGxpSDZvUXUiLCJtYWMiOiIzNDA5ZmNmMTg4YTQ5ZjRiNjlmOGU3ZjhkMTk1MWQ2OTFkZjNlZGNkMDU4ZGExNGIxZDU2YjZiMThmNjY0ZWY3IiwidGFnIjoiIn0%3D
.twitter.com/	1970-01-21 07:35:35	Name: personalization_id Value: "v1_cXesdNtqK9t6h+Q7OLEtYA=="
.morphisec.com/	1970-01-21 00:09:11	Name: _fbp Value: fb.1.1720775249779.428959315629149563
.morphisec.com/	1970-01-21 07:35:35	Name: _ga_4GZ4VXKYJ8 Value: GS1.2.1720775249.1.0.1720775249.60.0.0
blog.morphisec.com/	1970-01-20 22:09:40	Name: slireg Value: https://scout.us2.salesloft.com
.hsforms.com/	1970-01-20 21:59:37	Name: __cf_bm Value: 78lMJDth5Jnr4bbkrpnWEJcTMyNL7tuvTjdkAPKR_8Q-1720775249-1.0.1.1-XAy5jSDRS9ukXfzMNxVAXPS9Cyz5zPnJRrBCzCen8_b2rqWZuMR86GLWfmBeXouYWWRXXsvla0VeXAfpvp4i6Q
.hsforms.com/	1969-12-31 23:59:59	Name: _cfuvid Value: Psfhgq0UZqAGtm1Feun25l6hCRKX1QrEZlbmP8wNJRA-1720775249854-0.0.1.1-604800000
.linkedin.com/	1970-01-21 06:45:11	Name: bcookie Value: "v=2&15464aa2-e4d1-4590-811e-e09d3dca6ce2"
.linkedin.com/	1970-01-21 02:18:47	Name: li_gc Value: MTswOzE3MjA3NzUyNDk7MjswMjGMm8t9Z7xCThkZXPRcZSR3iJVhFQHzjkxYDP4sLnhWqA==
.linkedin.com/	1970-01-20 22:01:01	Name: lidc Value: "b=OGST01:s=O:r=O:a=O:p=O:g=3336:u=1:x=1:i=1720775249:t=1720861649:v=2:sig=AQHzWNG6Q1zoUA7bYd8GAd_XProXv5hN"
.t.co/	1970-01-21 07:35:35	Name: muc_ads Value: 782391c0-7a2e-48a5-9a0d-9aa4da5d9e14
blog.morphisec.com/	1970-01-21 06:45:11	Name: sliguid Value: 5b66e5a8-5689-4d20-94af-bb690fb22819
blog.morphisec.com/	1970-01-21 06:45:11	Name: slirequested Value: true
.morphisec.com/	1970-01-21 06:45:11	Name: cb_user_id Value: null
.morphisec.com/	1970-01-21 06:45:11	Name: cb_group_id Value: null
.morphisec.com/	1970-01-21 06:45:11	Name: cb_anonymous_id Value: %222ec20441-ac92-49dd-8452-267b9b5718db%22
.morphisec.com/	1970-01-21 02:18:47	Name: __hstc Value: 182053752.0a157dc9b1b15ff390187c3e357e7a11.1720775250137.1720775250137.1720775250137.1
.morphisec.com/	1970-01-21 02:18:47	Name: hubspotutk Value: 0a157dc9b1b15ff390187c3e357e7a11
.morphisec.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.morphisec.com/	1970-01-20 21:59:37	Name: __hssc Value: 182053752.1.1720775250137
.morphisec.com/	1970-01-21 06:45:11	Name: trd_cid Value: 17207752508160355
trackingapi.trendemon.com/	1970-01-21 07:35:35	Name: trd_gavid_2552 Value: 17207752502208862
trackingapi.trendemon.com/	1970-01-21 07:35:35	Name: trd_gvid Value: 17207752502208862
trackingapi.trendemon.com/	1970-01-21 07:35:35	Name: trd_vid_2552 Value: 2552%3A17207752502208862
.morphisec.com/	1970-01-21 06:45:11	Name: trd_vid_l Value: 2552%3A17207752502208862
.morphisec.com/	1970-01-21 06:45:11	Name: trd_vuid_l Value: -2027767328189456528
.morphisec.com/	1970-01-20 22:00:18	Name: trd_ma_cookie Value: MGExNTdkYzliMWIxNWZmMzkwMTg3YzNlMzU3ZTdhMTE%3D

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://consent.cookiefirst.com/sites/blog.morphisec.com-e09f147d-1c6f-4132-9a2b-2a82974b5289/version.json?v=1720775249121 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://x.clearbitjs.com/v1/pk_5fe48b59baf6bb406e34c9012803b845/forms.js?page_path=%2Fmispadu-infiltration-beyond-latam Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1534169.fs1.hubspotusercontent-na1.net
analytics.twitter.com
api.hubapi.com
app.clearbit.com
app.hubspot.com
assets.trendemon.com
blog.morphisec.com
cdn2.hubspot.net
cdnjs.cloudflare.com
connect.facebook.net
consent.cookiefirst.com
cta-service-cms2.hubspot.com
fonts.googleapis.com
forms-na1.hsforms.com
forms.hscollectedforms.net
forms.hsforms.com
forms.hubspot.com
js.hs-analytics.net
js.hs-banner.com
js.hsadspixel.net
js.hscollectedforms.net
js.hsforms.net
js.hsleadflows.net
js.hubspot.com
lltrck.com
no-cache.hubspot.com
perf-na1.hsforms.com
perf.hsforms.com
platform.linkedin.com
platform.twitter.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
scout-cdn.salesloft.com
scout.salesloft.com
script.hotjar.com
snap.licdn.com
snid.snitcher.com
static.ads-twitter.com
static.hotjar.com
static.hsappstatic.net
stats.g.doubleclick.net
syndication.twitter.com
t.co
tag.clearbitscripts.com
track.hubspot.com
trackingapi.trendemon.com
www.facebook.com
www.google-analytics.com
www.google.it
www.googletagmanager.com
www.morphisec.com
x.clearbitjs.com
lltrck.com
104.17.24.14
104.18.141.119
104.18.80.204
104.18.91.62
104.244.42.131
104.244.42.200
13.107.42.14
13.32.27.107
146.75.120.157
157.240.0.6
18.153.4.44
18.184.15.116
18.66.102.11
199.60.103.225
199.60.103.31
2001:4860:4802:32::178
2001:4860:4802:32::36
216.58.212.168
2400:52e0:1e00::1080:1
2600:9000:2670:f600:7:d7d6:3c40:93a1
2600:9000:275b:a600:2:7dc7:8f00:93a1
2606:2800:233:66b5:799a:7cd3:f74d:7071
2606:2800:234:59:254c:406:2366:268c
2606:4700:4400::6812:297c
2606:4700:4400::ac40:991b
2606:4700::6810:4769
2606:4700::6810:6bfe
2606:4700::6810:7574
2606:4700::6810:7674
2606:4700::6810:a0a8
2606:4700::6811:af5b
2606:4700::6811:df98
2606:4700::6812:8d11
2606:4700::6812:f26c
2620:1ec:21::14
2a00:1450:4001:806::2003
2a00:1450:4001:81d::200a
2a00:1450:4001:827::2008
2a00:1450:400c:c04::9a
2a02:26f0:e300::5f64:9252
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
3.127.196.46
52.55.22.184
54.144.102.7
93.184.221.165
1220bdf087a7b3b0f068e1dc2422c361ef11cf999ff8ea343573d9e5a7c19bdc
134e6c14db8e795110e5ec270e421c05bfb6b9499353d50003006ca05e7fe928
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
1bf1355d69f1910f1542ac3f7303dfbf4d63ba2b64ccfd0fc95dee6fe39ca551
1c5f683908c190d5f9f618337d8d7c586d735f1ace24afdc81208dbf52a5f45c
1d045f29d7d10bab6e77d9b00adc4ac3f5a4d4cb9655bb920fd79f539a18bb58
1fbec94ad9621a43267c401bb53db7e0605c1a5fb4b666a613356bee7cb84d81
200954b04f46184e189e14baf2db33b97d2c10c4aa353af0df78f46c0b963d2e
20cbf0257211c27b38b47a8bcf3f0aa0e9dc4d96e25f714848282096e2e5a040
21b4725e42948eeab21e8cf6f0affb63ebc065012b4c7dff779e428ebd33a814
223ce47ad1f37b0e8d8d12e8333faa417930d86e8a2b69e932364cd4fa725310
265e4bbd1db28d8f58e233e0992fb26719b1226402f84985e269dcd1a3dbb83a
2dc5f87466c5894b8ade72eaf752138710362019b8131e0f71be5664649a6a0c
30766fa2effc10ef57c6e752c336cf2a51abc24b24bc9939dbc02eb8fa5b7890
3437637c88e40ab5f57b1e37129d03ebb7594a6fc8ea56061284c93f8088beb8
356bb4bf2245a68ee5de5732b5574260dd2016a2c3987e17ad97fb2586a883d1
3a4850f556812a808a87669edcc26eecd8abc3e0a35178b57e9049c4271c9117
3c66f537de497e2306014e30c269b7d65e0671eec4b25e53120de90d627100f5
3d0faa1510d3999ee6ce630052e0f8c562acc8b69380ceb4e7f812aaa4c5303f
3fc6f43f8d589a8e68a0242c1b868cc5219f5bd368d1b960af52716a8541dfec
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
401925a1114f7003121630392768d35516be54a4028f01024528aeae99a45a56
40943198e5e26cbcf474c1ed0846442abc4398198117de5251a8840fb421cd13
40b2a62fa46893ec1e11caf8f475d3df6fe70cdfe7e9a4e6315134fe984eefb6
426e16d014775c77916610f675f58880874c645817ed26d01873dde3466e6007
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44bc30322b395963cf09e8fb1bee4d07e58d60599a82c4e821cf89ed36d0b786
46c7b6ee01c236fd8d98d0b7c8f00fba85340c3432932e624d44f7663aef8513
4970f378f1665647dc9c31f8e1f627491d30ed71c3f4e853beb67ca8553a87e6
4a007af67f716c30c8848ab0ad0bfaab8a5fcf3e36dedf918b59c9429d522440
4c1113b143de12d58d3771cbddb3a4e7c76580a89ea241479cc9bd5288fd2fd0
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
4e0a2edf9cc6b61a6576a95fe791ac7b4470577d68e0cc738a2f90d2d6416589
53a3dc763a0bd679523a77f5610e4ab27231fe6763d7089c1c92966daa1663f7
561838aa186c582927c3d15c062fdbf2c90d3f15cd57552e24c0d179db764e82
5b4134fc9963276fb840bb8178d62e95d0efa733909f6eeef3f364d4d60f0777
60bd6bad64c21fc8b1d3f6bf3fa261780974e6b0489a67a1d02db33fb4c9b7b6
619feac205d68f6356fcad13d6758533011a8acc7830e3deb0f763249d7516c0
636ecb5784f08327b02a785d4bbd25f44b0eeb98b3a8391ec47c0af6b87554a8
651d990871ba3e1246d82ca402f3104b6785c7578b782b283e828510ccbd37e8
68d652ff149ffaadd7e2e63b2584fbd221ced271b351ad11befceca5a16e3e32
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b011f48059b6591b0d266a9abdf45d9263e702059d29a207e770ddb87b49c72
6cb079eb01e730c435ef0b80f62f636245fa0f8f0e86c144935e42a8dd12a545
71815070cf1baa5e8fe6694ab489c18374703c8fb1e11700f2530ccb8fb32d33
723fbf8d73cd4e75f64f7d21558585aa1658b11332e87bd288f6987e398ecfb4
7336afe3d92703a1b35e780301c688426c74d5a8c3d9cd1794d3370d763e58d3
743dab2897708c0bb6d3d28804aaa59eb506de813152a8983515f96840d4bd76
76dd9ffb1b604b0ad3f128d2fe014cc22f934ed40ae792ef9b4600a17866aeb2
777936a4dafb4a9776ea814a2737a4ed51a49172e8f79491a4988a40bd93c90d
794c7410e453f2fce6b313b48e31fe158f51dd00c197f224ba3c004a18c00ef0
8178a23344ec8e9b3f599125e10c07ec57bd94f1790a8b5b04f16d11747faded
85f12c3cc6ab25570b5692f96b7b5069b72613b4ad08d0635e03521fddbd1857
863886e2347be57cf71d7ed3fc614593e94bbce61858cd8c0761ba7a78d2ace4
87acaa711a76ca454848c896233d28a5e2b9b64315957876c803fb387b5eb6da
89bf8cdea73ce776d6b81d03837bc7f04af5e3946b839a3c0bfbf3094ad3f7be
8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02
8e7902d12bed414b23fd30c7019fc0fe08d03b14984beb21e486aaa59135f803
8efd720233d2e85f1df1c0836f3c9b7113b0a18c8c4ef434cc9f1d56bf0f134a
939c1b1420c9dcd654cf23e16482d791454288ca4ff1059fb8839412cc29b2a5
98dfeb1d061e8788b320a130a84723813efed0b2518921f30b40cc8a09bf8ecf
9900b9f29bada72b398bc1df758ee8b87f14a5e635d04e29cc26a786c47a4bce
9a45c89da6cfa94009a61215c8921175ec1bf18444adb5bcba07e22e9b12954d
9ec3c84e8019f979befe03094b124908c617d66036668dade9e8edf77b239924
9ed4ee028b62fc35262ac5fe78181d6cf1b05fad812aa3c021ad28c88722cf2b
9f04b9db4570a8f016c3b42727fd56b2e8779876c8f6ee5fdcfabb4df25eb48b
a15c76ffbd785e1d53f116da0971bd8165b0a2d04ecd673a99f3abc7e0cde50e
a315b4d2ab322e795e09f334f3278fac7b25272a8dd28887f24ed2036ede8e65
aa011ed383cb780028a85caaa0dda67dce19b0f4bc596f4f708d1857015c1362
aa15f8f68b6a4531f528660eb6b161331e4126ce16f9cce6afd8a0dfd451cd6a
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
abd611420c0557b18c6fbd0dd66eb643fc3298fbaccd15e0a2ba9fdf78f2ca72
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad5d4193328e2083398686d67b7e67b9d7ab9b935d745746d186c33d07bf4a65
ae0393f48f5412e3124cafc47dd3e8b7bd39a6eb1f2517883c8b175df4df6334
af5ac144e175f6605a8b689e2197efe3f8261ec1b22a68fe8704429ef07fbb41
afebc654252e2e6725166fd88386decd2d62cbae24cf76f93af01051afcd22bf
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b28f2758dd0c48fa0e8e33ccfee02f1b581b93484aae2af63190df3d4bcc068f
b3e8357cc1fe184a45255c2831770245aa454c3e957dfe3df6a0ee789ac77e01
bd63361be592c4fc1b61e7bc8f0b92c83b52f54f57789e91ad577d006f71768c
bda916cc0eed8b8f24573ccca8ab04ab5915bf94f1a3decf817cbf8559b5ceac
be3950dab42791bb50d60a09c80869ba8c86f7dab74eff23b91a365d0c710831
be96a16025bfbe78bed5a7475f5877696f919dcf9b37939866f8c2d47af7976c
c4832b19dd5406ac0855426096610e532861e94c65819651ada45299002455de
c8dfa70f0dccd44f1f69659a7d4715aef17d48c4a8f88d4868b919fc9aabb453
c9492eab132c2db0eaef81fea1bb719d8e3f5a11a32f7ebeeea5af202cd4e5c7
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cec8f2656b32d3cc8cb3b7142df0279bfff65551a3889bbac0dcece6bbc4c97d
cf1cb8930dbca6515121d94c81df4c6b2567c5021435ab4ac683abfc51768ec5
cf3e0ecae28a70c5e010c24c160321243efe54f497d49a6a8f31ca12ee7eb972
cfb11726b4d8692159323348253330777ef8b869bf408fbd7d0c31423ea76954
d00e54d87cce777c78c59c446e01bc3bcaabca266daa6463181dd527c98738e9
d19d09e24c8a6da58f2db0561d49f8719a08c9d80561578116bf155a615bd98a
d2d09c4a39acf0339c9697b5837fec5bb2bfb9f92677ac2133640b900f91925c
d4d476694bb5382da2de611b3b716fbed22fcd64d18753111b6d15a28667fd24
d7c2ddb591f4a579e867624a9ac11234ee3b7ef13f41c743088d4b4d723b8461
d9ea8a8cab935e18796b1a064b1644c0f5db2d967a60e5f7cb8b37066b2399a4
dbba51d69f3cfdd66361a4e55d56387c6c9933fe649ae476ef90715afd1786ea
dbfeb010a0c8acddc38dea97e228787f16ac5e30b4af96b764fa2252fe3827e4
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dd26d9d88899d0587c9377964b7d1ab478a318b0fdbee7b9d6a084e4aa6425f7
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5b1ceffda14543118fcc1d2d886fa5049d579ef1d139a7e94efbe9368fa9235
e87be82092a8e1a5544ef566ba1a636162eecb31e33095c6f17eb06c87cc2efb
ee3184f88b136b6ad521ec8d57fcf138b0c78172ee82e5d8773998bebac6486d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1d760682f66979c85193208c7d10daddd5d3e74c6c148bef442a203d330cb22
f322afdaf7184e4ddd7fca589f89cdd7e2e2721dffbf8abed7cb1eca88b0915f
f3d8c648b4ec40e2369730c552db76ad40994c6dd489ff87b28f6fc1ea2ced96
f62504abbb867b0d53b4d90d746313621819f2c5d39ceab4695ac2b0ef8cf223
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f826bcac220a5475477ee65fae659b0d8292d038d180a122df67fadb6742ed52
fb56af9f7623a55839dfb9cf019b05664a62e1b41671d925f3ed587c506443b5
ffa32165d364971ca407e3dd1d73d242172964887701ba8841516296449fbe4e

blog.morphisec.com Open in urlscan Pro 199.60.103.31 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

164 Requests

99 %HTTPS

57 %IPv6

36 Domains

53 Subdomains

47 IPs

6 Countries

2677 kBTransfer

7206 kBSize

42 Cookies

48 Outgoing links

Redirected requests

164 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

blog.morphisec.com Open in urlscan Pro
199.60.103.31 Public Scan

Screenshot
Live screenshot

Full Image

164
Requests

99 %
HTTPS

57 %
IPv6

36
Domains

53
Subdomains

47
IPs

6
Countries

2677 kB
Transfer

7206 kB
Size

42
Cookies

164 HTTP transactions
0 data transactions