www.bromium.com Open in urlscan Pro
2a02:fe80:1010::17:8 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/|
Effective URL:
https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
Submission: On September 25 via api (September 25th 2019, 5:45:43 pm UTC) from US

Summary HTTP 164 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 12 IPs in 5 countries across 13 domains to perform 164 HTTP transactions. The main IP is 2a02:fe80:1010::17:8, located in United Kingdom and belongs to SUCURI-SEC - Sucuri, US. The main domain is www.bromium.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on March 24th 2018. Valid for: 2 years.

This is the only time www.bromium.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
143	2a02:fe80:101... 2a02:fe80:1010::17:8	30148 (SUCURI-SEC) (SUCURI-SEC - Sucuri)
1	2a00:1450:400... 2a00:1450:4001:817::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
3	104.111.251.133 104.111.251.133	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	2a00:1450:400... 2a00:1450:4001:81a::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
4	93.184.220.178 93.184.220.178	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1	192.0.77.32 192.0.77.32	2635 (AUTOMATTIC) (AUTOMATTIC - Automattic)
5	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:3a	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC - Automattic)
1 2	2a00:1450:400... 2a00:1450:4001:815::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	192.28.144.124 192.28.144.124	53580 (MARKETO) (MARKETO - MARKETO)
164	12

143 2a02:fe80:1010::17:8 (United Kingdom)

ASN30148 (SUCURI-SEC - Sucuri, US)

www.bromium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.251.133 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-251-133.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 93.184.220.178 (London, United Kingdom)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

cdn.bizible.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.32 (San Francisco, United States)

ASN2635 (AUTOMATTIC - Automattic, Inc, US)
PTR: wordpress.com

s0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC - Automattic, Inc, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:815::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN53580 (MARKETO - MARKETO, Inc., US)

497-itq-712.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
143	bromium.com www.bromium.com	1 MB
5	gstatic.com fonts.gstatic.com	96 KB
4	bizible.com cdn.bizible.com	33 KB
3	wp.com s0.wp.com stats.wp.com pixel.wp.com	6 KB
3	marketo.net munchkin.marketo.net	7 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
1	mktoresp.com 497-itq-712.mktoresp.com	303 B
1	google.de www.google.de	109 B
1	google.com 1 redirects www.google.com	180 B
1	doubleclick.net 1 redirects stats.g.doubleclick.net	164 B
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	56 KB
1	googletagmanager.com www.googletagmanager.com	27 KB
1	googleapis.com fonts.googleapis.com	966 B
164	13

	Domain	Requested by
143	www.bromium.com	www.bromium.com
5	fonts.gstatic.com	www.bromium.com
4	cdn.bizible.com	www.bromium.com cdn.bizible.com
3	munchkin.marketo.net	www.bromium.com munchkin.marketo.net
2	www.google-analytics.com	1 redirects www.googletagmanager.com
1	pixel.wp.com	www.bromium.com
1	497-itq-712.mktoresp.com	munchkin.marketo.net
1	www.google.de	www.bromium.com
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	stats.wp.com	www.bromium.com
1	maxcdn.bootstrapcdn.com	www.bromium.com
1	s0.wp.com	www.bromium.com
1	www.googletagmanager.com	www.bromium.com
1	fonts.googleapis.com	www.bromium.com
164	15

This site contains links to these domains. Also see Links.

Domain
support.bromium.com
twitter.com
www.linkedin.com
www.facebook.com

Subject Issuer	Validity	Valid
www.bromium.com DigiCert SHA2 Extended Validation Server CA	`2018-03-24` - `2020-03-27`	2 years	crt.sh
*.googleapis.com GTS CA 1O1	`2019-09-05` - `2019-11-28`	3 months	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2018-12-24` - `2020-03-24`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-09-05` - `2019-11-28`	3 months	crt.sh
cdn.bizible.com Go Daddy Secure Certificate Authority - G2	`2019-03-14` - `2021-04-13`	2 years	crt.sh
*.wp.com Go Daddy Secure Certificate Authority - G2	`2018-04-10` - `2020-05-11`	2 years	crt.sh
*.google.com GTS CA 1O1	`2019-09-05` - `2019-11-28`	3 months	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-14` - `2020-10-13`	a year	crt.sh
www.google.de GTS CA 1O1	`2019-09-05` - `2019-11-28`	3 months	crt.sh
*.mktoresp.com GeoTrust RSA CA 2018	`2018-02-05` - `2020-02-05`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
Frame ID: 5B44D561E809CA37D457CEEF65EEE452
Requests: 164 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
html /<link[^>]+s\d+\.wp\.com/i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<link[^>]* href=[\'"][^']+revslider[\/\w-]+\.css\?ver=([0-9.]+)[\'"]/i
script /\/revslider\/[\/\w-]+\/js/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
html /<link[^>]+s\d+\.wp\.com/i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<link[^>]* href=[\'"][^']+revslider[\/\w-]+\.css\?ver=([0-9.]+)[\'"]/i
script /\/revslider\/[\/\w-]+\/js/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
html /<link[^>]+s\d+\.wp\.com/i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<link[^>]* href=[\'"][^']+revslider[\/\w-]+\.css\?ver=([0-9.]+)[\'"]/i
script /\/revslider\/[\/\w-]+\/js/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Lightbox (JavaScript Libraries) Expand

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

script /munchkin\.marketo\.net\/munchkin\.js/i

Revslider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[\'"][^']+revslider[\/\w-]+\.css\?ver=([0-9.]+)[\'"]/i
script /\/revslider\/[\/\w-]+\/js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

164
Requests

100 %
HTTPS

64 %
IPv6

13
Domains

15
Subdomains

12
IPs

5
Countries

1712 kB
Transfer

4928 kB
Size

9
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://support.bromium.com/s/
Title: Support

Search URL Search Domain Scan URL

URL: https://twitter.com/bromium

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/company/bromium

Search URL Search Domain Scan URL

URL: https://www.facebook.com/bromium

Search URL Search Domain Scan URL

URL: https://www.facebook.com/share.php?u=https%3A%2F%2Fwww.bromium.com%2Fpage-not-found%2F
Title: Share

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Page+Not+Found&url=https%3A%2F%2Fwww.bromium.com%2Fpage-not-found%2F
Title: Tweet

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/cws/share?url=https%3A%2F%2Fwww.bromium.com%2Fpage-not-found%2F
Title: Share

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 154

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=844354871&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bromium.com%2Freawakening-of-emotet-an-analysis-of-its-javascript-downloader%2F%257C&ul=en-us&de=UTF-8&dt=Page%20Not%20Found%20-%20Bromium&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=1801541846&gjid=1088950579&cid=352680408.1569433526&tid=UA-31745238-1&_gid=1019575541.1569433526&_r=1&gtm=2ou9i1&z=290063096 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-31745238-1&cid=352680408.1569433526&jid=1801541846&_gid=1019575541.1569433526&gjid=1088950579&_v=j79&z=290063096 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-31745238-1&cid=352680408.1569433526&jid=1801541846&_v=j79&z=290063096 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-31745238-1&cid=352680408.1569433526&jid=1801541846&_v=j79&z=290063096&slf_rd=1&random=2107302757

164 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 404 Primary Request %7C Show response
www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/ 995 KB
127 KB 1781ms
1702ms Document
text/html 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

a89c958f3a4bde414ee9c20002614d2a48ea28614e300c641a710a685c173197

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.bromium.com
:scheme: https
:path: /reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1

Response headers

status: 404
server: nginx
date: Wed, 25 Sep 2019 17:45:24 GMT
content-type: text/html; charset=UTF-8
x-sucuri-id: 15017
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.bromium.com/wp-json/>; rel="https://api.w.org/"
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 25 Sep 2019 17:45:25 GMT
etag: "7b6d3394e433e8b337ce60d8b6fc692b"
referrer-policy: no-referrer-when-downgrade
x-sucuri-cache: MISS

GET
H2 200 blocks.style.build.css
www.bromium.com/wp-content/plugins/social-warfare/assets/js/post-editor/dist/ 2 KB
1 KB 9ms
5ms Stylesheet
text/css 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/plugins/social-warfare/assets/js/post-editor/dist/blocks.style.build.css?ver=5.2.1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

88a7e4cccc0b6c41c2083d7ab0ee74767320246b2ce97fa78339068b15fbb854

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 726
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 14 Jun 2019 16:36:42 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "8a0-58b4b4059fa80-gzip"
vary: Accept-Encoding
content-type: text/css
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 layerslider.css
www.bromium.com/wp-content/plugins/LayerSlider/static/layerslider/css/ 22 KB
5 KB 9ms
6ms Stylesheet
text/css 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/plugins/LayerSlider/static/layerslider/css/layerslider.css?ver=6.9.0

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

39eadd1cbab3247462a6e2c98e375d19e3e6e9b7a52bcf5996f396b83e82fc85

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:08:17 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "5883-592b0538ee788-gzip"
vary: Accept-Encoding
content-type: text/css
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: MISS

GET
H2 200 css
fonts.googleapis.com/ 11 KB
966 B 21ms
17ms Stylesheet
text/css 2a00:1450:4001:817::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,300,regular,700,900%7COpen+Sans:300%7CIndie+Flower:regular%7COswald:300,regular,700&subset=latin%2Clatin-ext

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

86f306efe3ec56b97723e20997d0eeb2b0bf6f1ccd62822dc3c89f62330b12de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Wed, 25 Sep 2019 17:45:25 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Wed, 25 Sep 2019 17:45:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Wed, 25 Sep 2019 17:45:25 GMT

GET
H2 200 styles.css
www.bromium.com/wp-content/plugins/ditty-news-ticker/inc/static/libs/fontastic/ 5 KB
1 KB 10ms
6ms Stylesheet
text/css 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/plugins/ditty-news-ticker/inc/static/libs/fontastic/styles.css?ver=2.2.8

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

578332cd14c1c8f1c9ea7cc966ca50ae73945b7de3055e07f06dc099d4feeee0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 980
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:04:15 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1421-592b0451d78b1-gzip"
vary: Accept-Encoding
content-type: text/css
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 style.css
www.bromium.com/wp-content/plugins/ditty-news-ticker/inc/static/css/ 10 KB
2 KB 10ms
6ms Stylesheet
text/css 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/plugins/ditty-news-ticker/inc/static/css/style.css?ver=1568660655

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

f60c29fe691d2e86ac7912268faf0f341a4dbdb28346fa04bc4b0b13568b83c7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 2102
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:04:15 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "28bc-592b04523ca03-gzip"
vary: Accept-Encoding
content-type: text/css
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 rs6.css
www.bromium.com/wp-content/plugins/revslider/public/assets/css/ 55 KB
12 KB 10ms
7ms Stylesheet
text/css 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.1.0

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

d63fa35ad0ec42110f7779d3825e3bcf079bf7fe188c7e7909494002194d694d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:09:12 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "db2a-592b056d5fe4b-gzip"
vary: Accept-Encoding
content-type: text/css
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: MISS

GET
H2 200 svgs-attachment.css
www.bromium.com/wp-content/plugins/svg-support/css/ 222 B
562 B 12ms
8ms Stylesheet
text/css 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/plugins/svg-support/css/svgs-attachment.css?ver=5.2.1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

756df835cdc3e6d51abfaa6f2cd0d48a3430e2bcc2c12566e06dc79f3ba4ff74

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 111
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 17 Dec 2018 17:45:45 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "de-57d3b59b30440-gzip"
vary: Accept-Encoding
content-type: text/css
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 style.css
www.bromium.com/wp-content/plugins/thumbs-rating/css/ 994 B
761 B 12ms
9ms Stylesheet
text/css 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/plugins/thumbs-rating/css/style.css?ver=1.0.0

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

dbabf1b2b74046794682055598b1989a3e72e80f711bd6b1762c5688f3385a4f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 308
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 14 Jun 2019 16:36:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "3e2-58b4b40787f00-gzip"
vary: Accept-Encoding
content-type: text/css
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 ult_marketo_forms-public.css
www.bromium.com/wp-content/plugins/ultimate-marketo-forms/public/css/ 35 B
445 B 14ms
11ms Stylesheet
text/css 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/plugins/ultimate-marketo-forms/public/css/ult_marketo_forms-public.css?ver=1.0.1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

7a109bbaf31b60ea0c1182758f73e7e2050aeabc9d37913ebc0c72030a48cf23

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:24 GMT
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 35
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 17 Dec 2018 17:45:47 GMT
server: nginx
etag: "23-57d3b59d188c0"
x-frame-options: SAMEORIGIN
content-type: text/css
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: HIT

GET
H2 200 wonderplugin3dcarousel.css
www.bromium.com/wp-content/plugins/wonderplugin-3dcarousel/engine/ 24 KB
2 KB 15ms
11ms Stylesheet
text/css 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/plugins/wonderplugin-3dcarousel/engine/wonderplugin3dcarousel.css?ver=3.3C

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

62855a25508bf218a96a1179788320756ce0ae0346a586cca1fc5a6b5e7a4668

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:04:40 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "61f9-592b046a0b5dc-gzip"
vary: Accept-Encoding
content-type: text/css
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: MISS

GET
H2 200 wonderpluginsliderengine.css
www.bromium.com/wp-content/plugins/wonderplugin-slider/engine/ 16 KB
1 KB 15ms
12ms Stylesheet
text/css 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/plugins/wonderplugin-slider/engine/wonderpluginsliderengine.css?ver=11.8C

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

c3ef28a4f156c353239b74328046126175c702be2d89b9a24c8527a8b53ee0e4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 1025
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:04:40 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "4039-592b046a8ef80-gzip"
vary: Accept-Encoding
content-type: text/css
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 style.min.css
www.bromium.com/wp-content/plugins/social-warfare/assets/css/ 48 KB
7 KB 15ms
12ms Stylesheet
text/css 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/plugins/social-warfare/assets/css/style.min.css?ver=3.6.1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

0035720fc5883c540c438849f0cd10659229c9d41f0a4ea6dc8fd369aa1e644b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 6670
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 14 Jun 2019 16:36:42 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "bf38-58b4b4059fa80-gzip"
vary: Accept-Encoding
content-type: text/css
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 style.css
www.bromium.com/wp-content/themes/Avada/ 430 B
745 B 16ms
12ms Stylesheet
text/css 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/themes/Avada/style.css?ver=5.2.1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

200aa81263dd5ac5a353e5dd0dab49ada16d846e5129854fb7924e0c3c26bbc6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 294
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:05:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1ae-592b04aa30a42-gzip"
vary: Accept-Encoding
content-type: text/css
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 style.min.css
www.bromium.com/wp-content/themes/Avada/assets/css/ 173 KB
28 KB 16ms
13ms Stylesheet
text/css 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/themes/Avada/assets/css/style.min.css?ver=6.0.3

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

f21de765b65c579280cb9915be3ff45c473cbae011a13a67e2a4ea4d898bf06b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 27920
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:05:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "2b59f-592b04aa3065a-gzip"
vary: Accept-Encoding
content-type: text/css
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 mediaelementplayer-legacy.min.css
www.bromium.com/wp-includes/js/mediaelement/ 11 KB
3 KB 19ms
16ms Stylesheet
text/css 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.6-78496d1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

ffa31f5802b20d64a10c71ad93394c1e2b4b16f33e2f479d8274fd02ce0a594f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 2585
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 17 Dec 2018 17:45:39 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "2be0-57d3b595776c0-gzip"
vary: Accept-Encoding
content-type: text/css
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 wp-mediaelement.min.css
www.bromium.com/wp-includes/js/mediaelement/ 4 KB
2 KB 20ms
17ms Stylesheet
text/css 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=5.2.1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

245dba3be6a1b10208f628f21377fc998b5384dc303bdef6954df3910e4f36b5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 1142
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 06 Feb 2019 17:49:08 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1043-5813d57b4ad00-gzip"
vary: Accept-Encoding
content-type: text/css
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 wpv-pagination.css
www.bromium.com/wp-content/plugins/wp-views/embedded/res/css/ 5 KB
2 KB 20ms
17ms Stylesheet
text/css 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/plugins/wp-views/embedded/res/css/wpv-pagination.css?ver=2.9.2

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

8df538914fba722850077131e0945dce3dc057ddad54441557115bf3ee6a0355

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 1298
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:04:37 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1213-592b0467b8d5b-gzip"
vary: Accept-Encoding
content-type: text/css
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 jetpack.css
www.bromium.com/wp-content/plugins/jetpack/css/ 70 KB
13 KB 21ms
18ms Stylesheet
text/css 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/plugins/jetpack/css/jetpack.css?ver=7.7.1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

b42989a0f2a1fb6d69e72c4f548ef2e73c4d3089d53649f5ed75e45c7b91cffb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 12564
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:04:18 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "117db-592b0455769f1-gzip"
vary: Accept-Encoding
content-type: text/css
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 greensock.js Show response
www.bromium.com/wp-content/plugins/LayerSlider/static/layerslider/js/ 115 KB
39 KB 27ms
25ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/plugins/LayerSlider/static/layerslider/js/greensock.js?ver=1.19.0

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

dfc519eb2d0e5ac0e8cdbe86fef355135280c643df14fa9a8e6abd5820d01159

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 39570
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:08:17 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1cb35-592b0538eeb70-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 jquery.js Show response
www.bromium.com/wp-includes/js/jquery/ 95 KB
33 KB 21ms
18ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 33776
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 14 Jun 2019 16:38:18 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "17a69-58b4b4612d280-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 jquery-migrate.min.js Show response
www.bromium.com/wp-includes/js/jquery/ 10 KB
4 KB 27ms
25ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 4014
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 17 Dec 2018 17:45:39 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "2748-57d3b595776c0-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 layerslider.kreaturamedia.jquery.js Show response
www.bromium.com/wp-content/plugins/LayerSlider/static/layerslider/js/ 123 KB
46 KB 22ms
21ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.kreaturamedia.jquery.js?ver=6.9.0

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

8ab9d49b143033d0ac3b4b6f72e52e99dd2fb7327a22c734e85462d2938ddb72

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 46410
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:08:17 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1ed3c-592b0538eeb70-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 layerslider.transitions.js Show response
www.bromium.com/wp-content/plugins/LayerSlider/static/layerslider/js/ 23 KB
4 KB 6ms
6ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.transitions.js?ver=6.9.0

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

e60fbf0bdc14cbc9e44557e622bdd1864f5556b72b7d9f46e0f039aed2f4840a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 3396
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:08:17 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "5d17-592b0538eeb70-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 revolution.tools.min.js Show response
www.bromium.com/wp-content/plugins/revslider/public/assets/js/ 147 KB
50 KB 25ms
23ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/plugins/revslider/public/assets/js/revolution.tools.min.js?ver=6.0

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

45012f93c4cbd739c51f4043a3a1d3c8377272ef606dd39e51a6a81e02dad594

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 50582
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:09:12 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "24ba4-592b056d60233-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 rs6.min.js Show response
www.bromium.com/wp-content/plugins/revslider/public/assets/js/ 261 KB
66 KB 26ms
23ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.1.0

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

3ef8e11864cb4fe830ee71e98447368b0255a360f27efcf9201ed9418f328313

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:09:12 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "412a9-592b056d6061b-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: MISS

GET
H2 200 general.js Show response
www.bromium.com/wp-content/plugins/thumbs-rating/js/ 2 KB
1 KB 6ms
6ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/plugins/thumbs-rating/js/general.js?ver=4.0.1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

386642ab1368fac97c760cf61e9d4f8009e9d439edd08f1c68d67a2823ec6739

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 674
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 14 Jun 2019 16:36:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "643-58b4b40787f00-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 forms2.min.js Show response
www.bromium.com/wp-content/plugins/ultimate-marketo-forms/public/js/ 164 KB
56 KB 26ms
24ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/plugins/ultimate-marketo-forms/public/js/forms2.min.js?ver=1.0.1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

de5ba330570616401d1840de0075059a65e62280b8d2524334be84290f43a4d7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 17 Dec 2018 17:45:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "29076-57d3b59d188c0-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
x-proxy-cache: MISS

GET
H2 200 ult_marketo_forms-public.js Show response
www.bromium.com/wp-content/plugins/ultimate-marketo-forms/public/js/ 2 KB
1 KB 26ms
24ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/plugins/ultimate-marketo-forms/public/js/ult_marketo_forms-public.js?ver=1.0.1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

4463996b808a043a2091ce400b56adcdb7407264272e6d2e389075e143e1c901

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 785
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 17 Dec 2018 17:45:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "6fb-57d3b59d188c0-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 1093ms
22ms Script
application/x-javascript 104.111.251.133
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js?ver=1.0.1
Requested by: Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.251.133 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-251-133.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 66f7eaa7a45f696c332cd450771f4be48e110f6afbe1fe7b39c7a95518aeef76

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 25 Sep 2019 17:45:26 GMT
Content-Encoding: gzip
Last-Modified: Fri, 05 Apr 2019 02:53:44 GMT
Server: Apache
ETag: "54520320df20b526337717d6d28181fc:1554432824"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 752

GET
H2 200 wp3dcarousellightbox.js Show response
www.bromium.com/wp-content/plugins/wonderplugin-3dcarousel/engine/ 113 KB
25 KB 6ms
6ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/plugins/wonderplugin-3dcarousel/engine/wp3dcarousellightbox.js?ver=3.3C

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

eaefd1c3002cf49da68fdd41696a1f9460449dee5a2ba4946fc813eeb5c6d292

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 24968
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:04:40 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1c5e9-592b046a0b1f4-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 wonderplugin3dcarousel.js Show response
www.bromium.com/wp-content/plugins/wonderplugin-3dcarousel/engine/ 57 KB
12 KB 6ms
6ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/plugins/wonderplugin-3dcarousel/engine/wonderplugin3dcarousel.js?ver=3.3C

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

a45c2a1c33343ab850988816a434cdc49b5d3e97974b8359319e701872dff437

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 11504
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:04:40 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "e5dd-592b046a09a83-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 wonderpluginsliderskins.js Show response
www.bromium.com/wp-content/plugins/wonderplugin-slider/engine/ 174 KB
10 KB 26ms
24ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/plugins/wonderplugin-slider/engine/wonderpluginsliderskins.js?ver=11.8C

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

d14332dbfda395a1a0b849313089e74bb68cd16cce76aead3e0b70d1f99a573d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 9546
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:04:40 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "2b992-592b046a8eb98-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 wonderpluginslider.js Show response
www.bromium.com/wp-content/plugins/wonderplugin-slider/engine/ 305 KB
53 KB 26ms
24ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/plugins/wonderplugin-slider/engine/wonderpluginslider.js?ver=11.8C

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

e7a2dfad0d259b4b0a3fb9fc96b807545d991c4fa2197f1c1a7ef42eb202cf0f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 53732
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:04:40 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "4c409-592b046a8ef80-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 69 KB
27 KB 25ms
25ms Script
application/javascript 2a00:1450:4001:81a::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-31745238-1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c8717a5a7b2fe5da16e8a80bd6977acf54577b77be875dcac744ac031d25f4d4

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: br
last-modified: Wed, 25 Sep 2019 16:14:21 GMT
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43"
content-length: 27154
x-xss-protection: 0
expires: Wed, 25 Sep 2019 17:45:25 GMT

GET
H2 200 bizible.js Show response
cdn.bizible.com/scripts/ 85 KB
32 KB 1085ms
16ms Script
application/x-javascript 93.184.220.178
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bizible.com/scripts/bizible.js
Requested by: Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.178 London, United Kingdom, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (amb/6BA7) / ASP.NET
Resource Hash: 38e2357a7e1247afb1475fd6294b7fb8fe8d085a662bc7fc14659bbf852bcd14

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:27 GMT
content-encoding: gzip
etag: "5afd51b08e68d51:0"
last-modified: Wed, 11 Sep 2019 10:50:13 GMT
server: ECS (amb/6BA7)
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
status: 200
accept-ranges: bytes
content-length: 33059

GET
H2 200 logo-bromium-white-web.svg
www.bromium.com/wp-content/uploads/2018/07/ 5 KB
2 KB 16ms
6ms Image
image/svg+xml 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bromium.com/wp-content/uploads/2018/07/logo-bromium-white-web.svg

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

6116ae66bf197d1ddf9de2dbf754de1ff86b2874f383a574b35ffa21b2a1f714

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 2042
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: nginx
x-frame-options: SAMEORIGIN
etag: "14fc-57d3b5b11f800-gzip"
vary: Accept-Encoding
content-type: image/svg+xml
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 style.css
www.bromium.com/wp-content/plugins/eu-cookie-law/css/ 4 KB
1 KB 16ms
5ms Stylesheet
text/css 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/plugins/eu-cookie-law/css/style.css?ver=5.2.1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

e4d95c8c18f88a5e9fb28ebabb034f88f48a439bf512d0bdff78161efd302811

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 1034
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 14 Jun 2019 16:36:37 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "e73-58b4b400daf40-gzip"
vary: Accept-Encoding
content-type: text/css
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 jquery.touchSwipe.min.js Show response
www.bromium.com/wp-content/plugins/ditty-news-ticker/inc/static/js/ 11 KB
4 KB 16ms
7ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/plugins/ditty-news-ticker/inc/static/js/jquery.touchSwipe.min.js?ver=2.2.8

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

f65f3aeed46b79940849fa2022f2cbdf368288de9046f2b3da075c42f9dde8f6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 3904
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:04:15 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "2d38-592b04523d1d3-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 jquery.easing.js Show response
www.bromium.com/wp-content/plugins/ditty-news-ticker/inc/static/js/ 4 KB
2 KB 17ms
7ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/plugins/ditty-news-ticker/inc/static/js/jquery.easing.js?ver=1.4.1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

95577ab82ae6298380cdbd69ecc41d5b6895cbc107b7b996e03a96673e3470ae

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 1203
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:04:15 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "ffa-592b04523cdeb-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 imagesloaded.pkgd.min.js Show response
www.bromium.com/wp-content/plugins/ditty-news-ticker/inc/static/js/ 5 KB
2 KB 17ms
8ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/plugins/ditty-news-ticker/inc/static/js/imagesloaded.pkgd.min.js?ver=4.1.0

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

23bd7e5fac741d9a4b7cd4572ab0df7556b4dd610c67e3dfaa852d28812b4250

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 1747
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:04:15 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "151f-592b04523cdeb-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 ditty-news-ticker.min.js Show response
www.bromium.com/wp-content/plugins/ditty-news-ticker/inc/static/js/ 19 KB
5 KB 18ms
8ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/plugins/ditty-news-ticker/inc/static/js/ditty-news-ticker.min.js?ver=1568660655

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

cc5b7e9d50341b678822a5768ded2b87098a89ca6e96a453ddec9d51ca87bbe8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 4277
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:04:15 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "4ddd-592b04523cdeb-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 devicepx-jetpack.js Show response
s0.wp.com/wp-content/js/ 10 KB
3 KB 1064ms
15ms Script
application/x-javascript 192.0.77.32
Automattic

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/wp-content/js/devicepx-jetpack.js?ver=201939
Requested by: Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: f32d41f2099a0be20e6b57c5e0d1b71c079d3e1345827b0f5c5b97c6e5e3f78d

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Wed, 25 Sep 2019 17:45:27 GMT
content-encoding: gzip
server: nginx
etag: W/"5867460b-52b6"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=31536000
x-ac: 3.ams _dfw
expires: Wed, 02 Sep 2020 10:09:49 GMT

GET
H2 200 script.min.js Show response
www.bromium.com/wp-content/plugins/social-warfare/assets/js/ 12 KB
4 KB 18ms
8ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/plugins/social-warfare/assets/js/script.min.js?ver=3.6.1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

318c82030733c1cff75b713ed1efd26385fdfe3ee7704fd1322cb21b03a7773d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 3705
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 14 Jun 2019 16:36:42 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "30da-58b4b4059fa80-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 new-tab.min.js Show response
www.bromium.com/wp-content/plugins/page-links-to/js/ 4 KB
3 KB 18ms
8ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/plugins/page-links-to/js/new-tab.min.js?ver=3.1.2

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

582278063c6f97f70b739bc1530060e16e176bb7b792ec5bd542d2083ed6b21c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 2285
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:04:19 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "f3f-592b04560b124-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 modernizr.js Show response
www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 13 KB
5 KB 18ms
9ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/modernizr.js?ver=3.3.1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

45489ffcf01ef61169bda340908095cfc2c0ddcfa78a6cad71a2d1b636feccdf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 5086
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:05:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "32bf-592b04aa0bc5e-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 jquery.fitvids.js Show response
www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 2 KB
1 KB 19ms
9ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.fitvids.js?ver=1.1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

233cb2b905dec5df68df039e52e26980f674880fee51a8f6b7f75486760f1f3e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 788
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:05:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "6e7-592b04aa0bc5e-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 fusion-video-general.js Show response
www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 6 KB
2 KB 19ms
10ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/fusion-video-general.js?ver=1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

51e3bcc3ac62c35390092bef9784cfc44241c9abb5d931ccdfbb199ebf2b822e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 1933
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:05:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "19d6-592b04aa0bc5e-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 jquery.ilightbox.js Show response
www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 80 KB
25 KB 19ms
10ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.ilightbox.js?ver=2.2.3

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

0d60433f358a9a7bb29c32fdec48e10e33dc38783a28784cac859b21325298a8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 25140
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:05:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "140cf-592b04aa0c42e-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 jquery.mousewheel.js Show response
www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 3 KB
2 KB 21ms
12ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.mousewheel.js?ver=3.0.6

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

136859a04a16d051a3d15752d0b415a6c2c837f1278a56dbb87a0e93ba8b9601

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 1128
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:05:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "a2c-592b04aa0c42e-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 fusion-lightbox.js Show response
www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/ 6 KB
2 KB 22ms
12ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-lightbox.js?ver=1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

f82ebaedaf6959f99a1b89924070884226b0e52792f63cf53082211cb1e96a54

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 1872
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:05:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "19f4-592b04aa0a8d5-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 imagesLoaded.js Show response
www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 7 KB
3 KB 22ms
13ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/imagesLoaded.js?ver=3.1.8

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

e1ad0b4138c80c3d001287d48a3915724c963ef85787df537a8de61f906c5f8e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 2221
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:05:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1a81-592b04aa0c42e-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 isotope.js Show response
www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 34 KB
10 KB 22ms
13ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/isotope.js?ver=3.0.4

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

ed00ca0964cbfca3e3a28ff14ba988ead8846f695adc310f8d3ad796ffed28fb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 9619
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:05:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "87d5-592b04aa0c046-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 packery.js Show response
www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 13 KB
4 KB 22ms
14ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/packery.js?ver=2.0.0

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

2b01072bc605e2004b2013b56510475dba15fc901809de67475269d32fb3384d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 4124
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:05:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "359b-592b04aa0c046-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 avada-portfolio.js Show response
www.bromium.com/wp-content/plugins/fusion-core/js/min/ 13 KB
3 KB 24ms
15ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/plugins/fusion-core/js/min/avada-portfolio.js?ver=1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

71ff8a59487fa0359615241b7be46386c0c111775e9362d7a561653be9af1545

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 3034
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:08:38 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "3416-592b054d53d92-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 jquery.infinitescroll.js Show response
www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 21 KB
12 KB 24ms
16ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.infinitescroll.js?ver=2.1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

dd3683b4ac4218364a65840dfef8655020d51ec5acc7ac6bda41bbc727c90e66

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 11989
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:05:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "5209-592b04aa0c42e-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 avada-faqs.js Show response
www.bromium.com/wp-content/plugins/fusion-core/js/min/ 1 KB
914 B 25ms
16ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/plugins/fusion-core/js/min/avada-faqs.js?ver=1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

522e41becdacdc1f0a263e0b96346f7c17c1d60fe3a9094f916b0b149758f08f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 451
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:08:38 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "46b-592b054d53d92-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 Chart.js Show response
www.bromium.com/wp-content/plugins/fusion-builder/assets/js/min/library/ 153 KB
45 KB 25ms
16ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/plugins/fusion-builder/assets/js/min/library/Chart.js?ver=2.7.1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

3c8feb3e128fdac8a955b9769fd079d038ba2bedd0fdffa69008713b0acec0d1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 46028
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:08:54 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "264d2-592b055c12d14-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 fusion-chart.js Show response
www.bromium.com/wp-content/plugins/fusion-builder/assets/js/min/general/ 5 KB
2 KB 29ms
20ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-chart.js?ver=1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

b026d303f9cf5c28c00da0fa4d537b574556524e49fb50434e580530715c00b6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 1709
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:08:54 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1461-592b055c12544-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 fusion-column-bg-image.js Show response
www.bromium.com/wp-content/plugins/fusion-builder/assets/js/min/general/ 2 KB
1 KB 29ms
21ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-column-bg-image.js?ver=1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

4faf341bf92e983768d21ea0a33b13f9ca52eb688714211a3a5c4d683447db2a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 589
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:08:54 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "6c1-592b055c12544-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 cssua.js Show response
www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 3 KB
2 KB 29ms
21ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/cssua.js?ver=2.1.28

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

daf181ab9ead5372eefb6fe5d87704d7abdbfa6c09e4c79a2a2f688c6fac5ada

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 1498
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:05:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "d10-592b04aa0bc5e-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 jquery.waypoints.js Show response
www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 7 KB
3 KB 30ms
22ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.waypoints.js?ver=2.0.3

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

51f437b6f094b2af0f14ecf6cc71e51ea36f08df0fa86b740d71665f694962b5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 2415
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:05:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1d4e-592b04aa0bc5e-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 fusion-waypoints.js Show response
www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/ 474 B
730 B 30ms
22ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-waypoints.js?ver=1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

63ed555e24a73983f619230c63243f1ce2249c1cbc78028b63eea5b3c3227e6e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 268
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:05:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1da-592b04aa0a8d5-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 fusion-animations.js Show response
www.bromium.com/wp-content/plugins/fusion-builder/assets/js/min/general/ 2 KB
1 KB 30ms
22ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-animations.js?ver=1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

f51732dba5b2f97609ff8c2d180a95e0ff54d48dcf0389bf0642a2d425c2c8e8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 613
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:08:54 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "69d-592b055c1292c-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 fusion-equal-heights.js Show response
www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/ 1 KB
1 KB 31ms
23ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-equal-heights.js?ver=1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

8b4fc32fecc964aac554b5dd7ccc157d1edd7aa48737235c47b181a98fae1848

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 609
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:05:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "561-592b04aa0a4ed-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 fusion-column.js Show response
www.bromium.com/wp-content/plugins/fusion-builder/assets/js/min/general/ 4 KB
1 KB 31ms
23ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-column.js?ver=1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

f271f3bdbf331ba4b975ae28d46062968ca1623bd8306201de6b83b2b0cf3949

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 790
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:08:54 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1180-592b055c12544-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 jquery.fade.js Show response
www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 1 KB
899 B 31ms
23ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.fade.js?ver=1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

836e98f92408ccb7250927acef9b494fbacc18678ef18888f835101557bddd37

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 437
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:05:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "48a-592b04aa0c42e-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 jquery.requestAnimationFrame.js Show response
www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 695 B
799 B 31ms
24ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.requestAnimationFrame.js?ver=1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

980aba21181e373e49d5e2602223454f0bb78ccb263eabcfb850abb14ad8c904

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 337
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:05:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "2b7-592b04aa0c816-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 fusion-parallax.js Show response
www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 10 KB
3 KB 32ms
24ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/fusion-parallax.js?ver=1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

d67cc10d9aebad67032555fcea3f8b6302b21cbdbe1348a1b0d43be0feab2a80

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 2544
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:05:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "28e7-592b04aa0bc5e-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 fusion-video-bg.js Show response
www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 5 KB
2 KB 32ms
24ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/fusion-video-bg.js?ver=1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

485051dbfed6789dd50974fffe3dff1d49b19b4346dbb6aed7612d561829861a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 2002
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:05:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1596-592b04aa0bc5e-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 fusion-container.js Show response
www.bromium.com/wp-content/plugins/fusion-builder/assets/js/min/general/ 10 KB
2 KB 32ms
25ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-container.js?ver=1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

df914f3ec658ffe02311d22885c9668082387417253b228e88f601dc3f422783

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 2085
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:08:54 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "298a-592b055c12544-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 fusion-content-boxes.js Show response
www.bromium.com/wp-content/plugins/fusion-builder/assets/js/min/general/ 4 KB
1 KB 32ms
25ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-content-boxes.js?ver=1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

b4150e08f3f1a1ece02d3d26caaf38750d952fba1c5aac00b808cb3b71953d1d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 879
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:08:54 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "ff7-592b055c12544-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 jquery.countdown.js Show response
www.bromium.com/wp-content/plugins/fusion-builder/assets/js/min/library/ 3 KB
1 KB 33ms
25ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/plugins/fusion-builder/assets/js/min/library/jquery.countdown.js?ver=1.0

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

866b1a107ed26667b3f3fc120b0d1889e5a78c752314cf35e2e069111480e485

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 1052
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:08:54 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "b3f-592b055c1292c-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 fusion-countdown.js Show response
www.bromium.com/wp-content/plugins/fusion-builder/assets/js/min/general/ 522 B
791 B 33ms
26ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-countdown.js?ver=1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

06c98e261a30242e0e11b786d6bcfb03ba655703f46b2a593681cb2b373000a1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 329
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:08:54 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "20a-592b055c12544-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 jquery.countTo.js Show response
www.bromium.com/wp-content/plugins/fusion-builder/assets/js/min/library/ 945 B
893 B 33ms
26ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/plugins/fusion-builder/assets/js/min/library/jquery.countTo.js?ver=1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

0c2d6aa51d3d04b3e548b51fec1d00d7e7ae1d2cced71ba4e2bb154a6871d6c7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 430
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:08:54 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "3b1-592b055c12d14-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 jquery.appear.js Show response
www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 3 KB
2 KB 33ms
26ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.appear.js?ver=1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

fa80baec432350a1a335a421479336b65432f358727c89f0e414fe11fa39cd10

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 1324
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:05:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "ba9-592b04aa0b876-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 fusion-counters-box.js Show response
www.bromium.com/wp-content/plugins/fusion-builder/assets/js/min/general/ 1 KB
979 B 34ms
27ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-counters-box.js?ver=1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

06c49df1e161d431beb0c50227884fd97c5ab52ab83373ca0ed0e1ee074034fe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 516
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:08:54 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "4fa-592b055c10dd3-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 jquery.easyPieChart.js Show response
www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 3 KB
2 KB 34ms
27ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.easyPieChart.js?ver=2.1.7

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

225978e62705950d43f151a42fe6bbee9d02a3c75cfae8121d6c42608f98e317

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 1451
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:05:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "de3-592b04aa0c046-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 fusion-counters-circle.js Show response
www.bromium.com/wp-content/plugins/fusion-builder/assets/js/min/general/ 3 KB
1 KB 34ms
27ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-counters-circle.js?ver=1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

dab841e868096db0be5a45245f3b492571b1dbddb3de113ce5b89b9394a46335

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 953
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:08:54 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "d3c-592b055c12544-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 fusion-flip-boxes.js Show response
www.bromium.com/wp-content/plugins/fusion-builder/assets/js/min/general/ 2 KB
1 KB 34ms
28ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-flip-boxes.js?ver=1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

91114d5cc5112c5a53e678c4b85378a7b18a69896ad7931aca11af02c4c19cf9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 594
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:08:54 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "928-592b055c1292c-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 fusion-gallery.js Show response
www.bromium.com/wp-content/plugins/fusion-builder/assets/js/min/general/ 2 KB
1 KB 35ms
28ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-gallery.js?ver=1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

9dde84fb275fea3f96dfdda1475b5309f0630d5c36eb2fa262d6d22fd3b802c0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 634
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:08:54 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "63b-592b055c1215c-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 jquery.fusion_maps.js Show response
www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 6 KB
2 KB 35ms
28ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.fusion_maps.js?ver=2.2.2

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

fe85251352045b1d73418f58468a6aa1344866115e8c3a3a67a9b65168aa4350

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 1932
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:05:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1643-592b04aa0c42e-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 fusion-google-map.js Show response
www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/ 325 B
681 B 35ms
29ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-google-map.js?ver=1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

487973b68f6f3fe6b671676c1d7f88605094b35079988283065b9520847bec39

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 219
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:05:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "145-592b04aa0a4ed-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 jquery.event.move.js Show response
www.bromium.com/wp-content/plugins/fusion-builder/assets/js/min/library/ 5 KB
2 KB 35ms
29ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/plugins/fusion-builder/assets/js/min/library/jquery.event.move.js?ver=2.0

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

ee89844ee9b870dc8d27d57ed1f33ece7a834c665db9f8c7eec20e0d482cf1c8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 1960
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:08:54 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "15a1-592b055c12d14-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 fusion-image-before-after.js Show response
www.bromium.com/wp-content/plugins/fusion-builder/assets/js/min/general/ 3 KB
1 KB 36ms
29ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-image-before-after.js?ver=1.0

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

739d04f8a9e5e072bc8d18cfdb327a943093b8091b4c3a4588c494606d6e930a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 1046
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:08:54 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "b8e-592b055c12544-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 bootstrap.modal.js Show response
www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 4 KB
2 KB 36ms
30ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/bootstrap.modal.js?ver=3.1.1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

9a2d11b76feb7a9e531a9d055fae88e495017645e5c823a010c818a7744b2c45

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 1301
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:05:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "f86-592b04aa0c816-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 fusion-modal.js Show response
www.bromium.com/wp-content/plugins/fusion-builder/assets/js/min/general/ 4 KB
2 KB 36ms
30ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-modal.js?ver=1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

56584aa34b480fff277fcf192b5d2b72668dbf951fb612bf516cc35d4386e6a5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 1248
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:08:54 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1179-592b055c1292c-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 fusion-progress.js Show response
www.bromium.com/wp-content/plugins/fusion-builder/assets/js/min/general/ 763 B
801 B 37ms
30ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-progress.js?ver=1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

b5bc1574c1a34e5d2e43b55bd08f5e8b96e503a47aa5ca91dea2a0afe232d15d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 338
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:08:54 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "2fb-592b055c12544-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 fusion-recent-posts.js Show response
www.bromium.com/wp-content/plugins/fusion-builder/assets/js/min/general/ 2 KB
1 KB 37ms
31ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-recent-posts.js?ver=1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

947cc9fb012ddf07f3d3ff0e307050dc048b502bd659948e2953f8be0f032a81

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 818
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:08:54 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "7a8-592b055c12544-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 fusion-syntax-highlighter.js Show response
www.bromium.com/wp-content/plugins/fusion-builder/assets/js/min/general/ 2 KB
1 KB 37ms
31ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-syntax-highlighter.js?ver=1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

0600dd41021581a95572cf76dfe6754f431bf17d1ed5d8407cbbfd41b3c18445

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 731
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:08:54 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "7a9-592b055c1215c-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 bootstrap.transition.js Show response
www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 741 B
835 B 38ms
32ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/bootstrap.transition.js?ver=3.3.6

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

bd6def1ae1509946499390f95acaa1fd39a76452c8312f165d2bc0b791c9e0ef

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 373
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:05:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "2e5-592b04aa0c046-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 bootstrap.tab.js Show response
www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 2 KB
1 KB 42ms
36ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/bootstrap.tab.js?ver=3.1.1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

33729b857c5024754aa713d7af5443f8d3ea366203cbc2df719fea37bedd358b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 767
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:05:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "695-592b04aa0bc5e-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 fusion-tabs.js Show response
www.bromium.com/wp-content/plugins/fusion-builder/assets/js/min/general/ 5 KB
2 KB 42ms
36ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-tabs.js?ver=1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

766f5c3f6aa0ed00ab4bda1548d2a72c0de0374bfe81420b98fb0ca174cca3e8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 1287
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:08:54 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1409-592b055c1215c-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 jquery.cycle.js Show response
www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 25 KB
7 KB 42ms
37ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.cycle.js?ver=3.0.3

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

9a2417fe94980c710d606030d0b1ec1f1794522a1006bc9afbcf9aef00035b4d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 7126
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:05:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "62f9-592b04aa0c046-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 fusion-testimonials.js Show response
www.bromium.com/wp-content/plugins/fusion-builder/assets/js/min/general/ 1 KB
1002 B 43ms
37ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-testimonials.js?ver=1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

2a324d3a51f059d0005f3ffaeee834c615bdcd8e6b99abfce0b19b6ed3588507

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 539
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:08:54 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "579-592b055c12544-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 fusion-title.js Show response
www.bromium.com/wp-content/plugins/fusion-builder/assets/js/min/general/ 821 B
851 B 43ms
37ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-title.js?ver=1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

4665de7378760273890dbcfd0ffd5d0f3944321840368f72682377fa70381c76

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 388
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:08:54 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "335-592b055c12544-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 bootstrap.collapse.js Show response
www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 3 KB
2 KB 43ms
38ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/bootstrap.collapse.js?ver=3.1.1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

7320f1b88beceab8c7640034d3db5012251f4823a593270f8abfdfce0b74d849

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 1173
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:05:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "d9f-592b04aa0c046-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 fusion-toggles.js Show response
www.bromium.com/wp-content/plugins/fusion-builder/assets/js/min/general/ 3 KB
1 KB 43ms
38ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-toggles.js?ver=1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

ba0981e8fbb7b50cc19479c3f0378996698359ffa2f5d8e90bef26c85cd72a39

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 892
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:08:54 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "b6a-592b055c12544-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 vimeoPlayer.js Show response
www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 16 KB
6 KB 44ms
38ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/vimeoPlayer.js?ver=2.2.1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

501c8b7edd85aa5b93a52254d40cf04d754018292b113caf7f76441701d30a0a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 5319
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:05:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "40bd-592b04aa0bc5e-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 fusion-video.js Show response
www.bromium.com/wp-content/plugins/fusion-builder/assets/js/min/general/ 1 KB
1014 B 44ms
39ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-video.js?ver=1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

7ce35e3387b4150bda77caaf4b052d417d6fe2f4e1dd52dfa556534eb5c36e2c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 551
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:08:54 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "50c-592b055c12544-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 jquery.hoverintent.js Show response
www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 1 KB
917 B 44ms
39ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.hoverintent.js?ver=1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

34e014c7d41ab0ae2996907824eda3bde337242ebd9dc29aeccd9d67078246ab

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 455
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:05:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "44a-592b04aa0c046-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 fusion-vertical-menu-widget.js Show response
www.bromium.com/wp-content/plugins/fusion-core/js/min/ 2 KB
922 B 44ms
39ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/plugins/fusion-core/js/min/fusion-vertical-menu-widget.js?ver=1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

4a7b353345f28b2f6473cf4b09bd8630b109184e31e8d999ccea5d7e741e4351

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 459
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:08:38 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "75a-592b054d53d92-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 lazysizes.js Show response
www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 7 KB
4 KB 45ms
40ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/lazysizes.js?ver=4.1.5

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

fcd6ddff5b80b53ef5e854b70b582b1e8cc693035e6b0e668eb7c5b85dccedf7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 3206
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:05:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1b86-592b04aa0c046-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 bootstrap.tooltip.js Show response
www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 11 KB
4 KB 45ms
40ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/bootstrap.tooltip.js?ver=3.3.5

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

174e244c283a29b83acfc789a88f269dd468ecf03c7768356e691b81a010e542

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 3824
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:05:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "2a55-592b04aa0c42e-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 bootstrap.popover.js Show response
www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 2 KB
1 KB 45ms
40ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/bootstrap.popover.js?ver=3.3.5

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

b5f949ee17347bdfa9456e7eedd3a0445eccc8809c33b1842551eb5c5daaabd0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 732
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:05:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "6d4-592b04aa0c046-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 jquery.carouFredSel.js Show response
www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 53 KB
14 KB 45ms
41ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.carouFredSel.js?ver=6.2.1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

fb19b647849cd037331a7a017e6d5466dc90e3ba866a69ba3c3c5d512f276f13

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 13468
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:05:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "d450-592b04aa0c816-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 jquery.flexslider.js Show response
www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 22 KB
7 KB 50ms
45ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.flexslider.js?ver=2.2.2

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

c91b0ef0c9235c53d5ea9a74036c5ec2f6f916c02b80dc344c8975cfab558ab8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 6514
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:05:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "59e0-592b04aa0c046-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 jquery.hoverflow.js Show response
www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 647 B
796 B 50ms
46ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.hoverflow.js?ver=1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

5ca946de5ba3710a3293fa8d6eb9215dc418f05330648553a75decc827844fe7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 334
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:05:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "287-592b04aa0c816-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 jquery.placeholder.js Show response
www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 2 KB
1 KB 51ms
46ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.placeholder.js?ver=2.0.7

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

fa34de993dea91eb0120c3745378192fa1177ba8ec5772e08632318d1d5e1267

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 849
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:05:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "880-592b04aa0c42e-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 jquery.touchSwipe.js Show response
www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 9 KB
4 KB 51ms
46ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.touchSwipe.js?ver=1.6.6

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

e21d3d8819243a6cd99c4ab2ed4e9518e3a239f76bf3e9481f318eb4153458e9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 3541
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:05:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "24b7-592b04aa0c42e-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 fusion-alert.js Show response
www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/ 255 B
655 B 51ms
47ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-alert.js?ver=1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

cae9d59a10b9f1b90460a886ad511e82e195e84f6e16aff8bc100672ee3f99ed

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 193
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:05:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "ff-592b04aa0a8d5-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 fusion-carousel.js Show response
www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/ 4 KB
2 KB 51ms
47ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-carousel.js?ver=1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

9429ee4c72b54cb89958d12d819964e6b5ce7395bbec1f23015954f1aeb5adc7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 1299
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:05:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1099-592b04aa0a4ed-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 1009ms
23ms Script
application/x-javascript 104.111.251.133
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.251.133 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-251-133.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 66f7eaa7a45f696c332cd450771f4be48e110f6afbe1fe7b39c7a95518aeef76

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 25 Sep 2019 17:45:26 GMT
Content-Encoding: gzip
Last-Modified: Fri, 05 Apr 2019 02:53:44 GMT
Server: Apache
ETag: "54520320df20b526337717d6d28181fc:1554432824"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 752

GET
H2 200 Bromium-404-Banner.jpg
www.bromium.com/wp-content/uploads/2019/03/ 13 KB
13 KB 43ms
29ms Image
image/jpeg 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bromium.com/wp-content/uploads/2019/03/Bromium-404-Banner.jpg

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

d9734d3878462f986f7f2361899a1eb1f31dd40331af4ce584d1fc6a56be7304

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 13321
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 05 Mar 2019 18:08:07 GMT
server: nginx
etag: "3409-5835cc14f8fc0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 Purple_DarkOrange.png
www.bromium.com/wp-content/uploads/2019/02/ 7 KB
8 KB 43ms
29ms Image
image/png 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bromium.com/wp-content/uploads/2019/02/Purple_DarkOrange.png

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

abe2ab15f04f1550b12079274e792729ff7ee425f9d5756d627878e2ed1ee182

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 7342
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 28 Feb 2019 21:21:13 GMT
server: nginx
etag: "1cae-582fadeaf0440"
x-frame-options: SAMEORIGIN
content-type: image/png
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 demo_background2019.png
www.bromium.com/wp-content/uploads/2019/03/ 523 KB
524 KB 45ms
31ms Image
image/png 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bromium.com/wp-content/uploads/2019/03/demo_background2019.png

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

23c56768f6e73fc6cc283e1a7c7378335046b20fcfc4c6d51427021cee0cc870

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 535427
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 22 Mar 2019 19:00:27 GMT
server: nginx
etag: "82b83-584b377c588c0"
x-frame-options: SAMEORIGIN
content-type: image/png
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: HIT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7g.ttf
fonts.gstatic.com/s/sourcesanspro/v13/ 39 KB
20 KB 22ms
13ms Font
font/ttf 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v13/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7g.ttf

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

ed891295d5d4f70182e68bb3fa450a2b0bf22cfc89286c420632639fb6fd3510

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
Origin: https://www.bromium.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 03 Sep 2019 23:31:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1880045
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 20810
x-xss-protection: 0
last-modified: Tue, 23 Jul 2019 03:45:49 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Sep 2020 23:31:21 GMT

GET
H2 200 Qw3FZQNVED7rKGKxtqIqX5Ec0lhte10k.ttf
fonts.gstatic.com/s/josefinsans/v14/ 36 KB
21 KB 31ms
23ms Font
font/ttf 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/josefinsans/v14/Qw3FZQNVED7rKGKxtqIqX5Ec0lhte10k.ttf

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

ad146bc68ee1de51975ba964dc4142a17bdc78621a009f814523ba9000b37811

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
Origin: https://www.bromium.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 24 Sep 2019 11:25:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 109184
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 21323
x-xss-protection: 0
last-modified: Mon, 22 Jul 2019 19:24:11 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Sep 2020 11:25:42 GMT

GET
H2 200 icomoon.woff
www.bromium.com/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/ 18 KB
11 KB 50ms
42ms Font
application/font-woff 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/icomoon.woff

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

576dbcdc2b09b0348dc8dc291c502a6b2a4fa29f9bca5f375844cdf91fb3869e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
Origin: https://www.bromium.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 11275
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: nginx
x-frame-options: SAMEORIGIN
etag: "4880-592b04aa0666c-gzip"
vary: Accept-Encoding
content-type: application/font-woff
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 Qw3FZQNVED7rKGKxtqIqX5Ectllte10k.ttf
fonts.gstatic.com/s/josefinsans/v14/ 35 KB
20 KB 22ms
14ms Font
font/ttf 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/josefinsans/v14/Qw3FZQNVED7rKGKxtqIqX5Ectllte10k.ttf

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

9809680fde3cd05513652e724c9a317abdd3efe07147d6dd375d928dd7f8e801

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
Origin: https://www.bromium.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 03 Sep 2019 22:01:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1885450
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 20523
x-xss-protection: 0
last-modified: Mon, 22 Jul 2019 19:23:58 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Sep 2020 22:01:16 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdr.ttf
fonts.gstatic.com/s/sourcesanspro/v13/ 39 KB
20 KB 32ms
23ms Font
font/ttf 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v13/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdr.ttf

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

e44186395f92ca92a743b7bfce319e95f8a16705b772ae61fc46e8c00f6842c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
Origin: https://www.bromium.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 24 Sep 2019 11:23:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 109301
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 20519
x-xss-protection: 0
last-modified: Tue, 23 Jul 2019 03:46:24 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Sep 2020 11:23:45 GMT

GET
H2 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/ 55 KB
56 KB 57ms
17ms Font
font/woff2 2001:4de0:ac19::1:b:3a
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by: Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: /
Resource Hash: aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
Origin: https://www.bromium.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:26 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:36:18 GMT
status: 200
etag: "1544639778"
vary: Accept-Encoding
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 56792

GET
H2 200 fusion-flexslider.js Show response
www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/ 5 KB
2 KB 10ms
5ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-flexslider.js?ver=1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

72dffa85a4a15a6a3735ad2e527bd5f3b00bb635eb46684fb7e538c7f71c238f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 1259
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:05:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "15a1-592b04aa0a4ed-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 fusion-popover.js Show response
www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/ 475 B
712 B 11ms
6ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-popover.js?ver=1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

f0aeeddea2ff4bf7047e8068573303ac90d47bc1476870b215ae19cb9748f929

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 250
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:05:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1db-592b04aa0a4ed-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 fusion-tooltip.js Show response
www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/ 2 KB
956 B 11ms
5ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-tooltip.js?ver=1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

ede120ea76b43913e6b04047363d64e2990e2bd2905ebd2f84eef474239e8559

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 493
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:05:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "6a6-592b04aa0a8d5-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 fusion-sharing-box.js Show response
www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/ 610 B
685 B 11ms
6ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-sharing-box.js?ver=1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

0eb948d2111a3a8f5e1f1ad8f8ece80d0a10f8f1fc5e1c0c2e214d461a49a952

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 223
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:05:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "262-592b04aa0a4ed-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 fusion-blog.js Show response
www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/ 7 KB
2 KB 12ms
6ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-blog.js?ver=1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

6079846ac0e7e7be2e12d2a47393daad546a2dcad2c7a6b4113da578ac9ad908

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 1985
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:05:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1c77-592b04aa0a8d5-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 fusion-button.js Show response
www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/ 231 B
632 B 12ms
7ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-button.js?ver=1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

d882bbd73aa836e0c9ce3c8105f0247585503ccdf6ea00bb3ac641b149e183f7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 170
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:05:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "e7-592b04aa0a8d5-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 fusion-general-global.js Show response
www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/ 483 B
707 B 13ms
7ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-general-global.js?ver=1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

599b94fef9bd0069a32e3a11877547f3fabe274312c85873cab9ce334238bc8d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 245
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:05:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1e3-592b04aa0a4ed-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 fusion.js Show response
www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/ 1 KB
1018 B 13ms
8ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion.js?ver=2.0.3

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

203130ec8a2062b3e7aa9009fa799e5d9cb655e4d882a3f5699b481d1fee133d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 555
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:05:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "571-592b04aa0a8d5-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 avada-header.js Show response
www.bromium.com/wp-content/themes/Avada/assets/min/js/general/ 33 KB
4 KB 13ms
8ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/themes/Avada/assets/min/js/general/avada-header.js?ver=6.0.3

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

50346569eae9b84537df4e0380268010069f7335b19e05c39502a7e18874a2b4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 4111
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:05:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "8237-592b04aa1a2db-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 avada-menu.js Show response
www.bromium.com/wp-content/themes/Avada/assets/min/js/general/ 36 KB
7 KB 14ms
9ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/themes/Avada/assets/min/js/general/avada-menu.js?ver=6.0.3

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

b44178e7c512a3f5f9b5795f565518de8e91b5970a10fb0cd9a43faab4db9197

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 6296
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:05:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "904c-592b04aa1aaab-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 fusion-scroll-to-anchor.js Show response
www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/ 4 KB
2 KB 14ms
9ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-scroll-to-anchor.js?ver=1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

221e4ccbe2e2b4c36be6e406a1e5b1a90ce46d9791ce18e5e1cc75c6caef9a66

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 1432
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:05:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "11c0-592b04aa0a8d5-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 fusion-responsive-typography.js Show response
www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/ 4 KB
1 KB 15ms
10ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-responsive-typography.js?ver=1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

dafbe218145b984233ef8a7a7b62472d5cad7aa03f066ec6c460d61d68bf5584

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 1024
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:05:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "10b8-592b04aa0a8d5-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 avada-skip-link-focus-fix.js Show response
www.bromium.com/wp-content/themes/Avada/assets/min/js/general/ 340 B
712 B 15ms
10ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/themes/Avada/assets/min/js/general/avada-skip-link-focus-fix.js?ver=6.0.3

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

ba3c591c841f6937122e46742b03b77527d9a086525f96ef64a5ee952f42d28d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 250
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:05:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "154-592b04aa1aaab-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 bootstrap.scrollspy.js Show response
www.bromium.com/wp-content/themes/Avada/assets/min/js/library/ 3 KB
1 KB 15ms
11ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/themes/Avada/assets/min/js/library/bootstrap.scrollspy.js?ver=3.3.2

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

b6ce2750a5429b968ac4c675acacfbd7da06ddf4638fb1e73ffb0a4553b346cb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 1060
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:05:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "a77-592b04aa1ae93-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 avada-comments.js Show response
www.bromium.com/wp-content/themes/Avada/assets/min/js/general/ 1 KB
932 B 16ms
11ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/themes/Avada/assets/min/js/general/avada-comments.js?ver=6.0.3

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

758d231942d29bdfbf2d9c4fa37ee51b88665a35e0a17928726149ed7e1ef90e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 470
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:05:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "484-592b04aa1aaab-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 avada-general-footer.js Show response
www.bromium.com/wp-content/themes/Avada/assets/min/js/general/ 992 B
826 B 16ms
11ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/themes/Avada/assets/min/js/general/avada-general-footer.js?ver=6.0.3

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

166307cd00987388de2f33b9254ad547242dcf55e88ae3cc4866e75a5d882f6e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 364
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:05:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "3e0-592b04aa1aaab-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 avada-quantity.js Show response
www.bromium.com/wp-content/themes/Avada/assets/min/js/general/ 2 KB
1 KB 16ms
11ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/themes/Avada/assets/min/js/general/avada-quantity.js?ver=6.0.3

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

65f43a688654377714ada498bc7751c83dacec52ef1b50d3b28f70bbb1b8dabe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 665
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:05:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "627-592b04aa1a6c3-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 avada-scrollspy.js Show response
www.bromium.com/wp-content/themes/Avada/assets/min/js/general/ 481 B
683 B 16ms
12ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/themes/Avada/assets/min/js/general/avada-scrollspy.js?ver=6.0.3

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

312c164cb73133f2aef50f88906924ab050188ad211e8d82ee95e34a1f0dcf04

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 221
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:05:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1e1-592b04aa1aaab-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 avada-select.js Show response
www.bromium.com/wp-content/themes/Avada/assets/min/js/general/ 501 B
693 B 16ms
12ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/themes/Avada/assets/min/js/general/avada-select.js?ver=6.0.3

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

d8c237ac23e562540132de6ced5d5a5619a6ee895b0da0298bfdb6e7bbceb7b2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 231
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:05:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1f5-592b04aa1aaab-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 avada-sidebars.js Show response
www.bromium.com/wp-content/themes/Avada/assets/min/js/general/ 3 KB
1 KB 16ms
12ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/themes/Avada/assets/min/js/general/avada-sidebars.js?ver=6.0.3

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

f4a702c61f8ad016e4d0817fd996f04ca0801b29d4980ee0ae46adf08eda7688

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 782
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:05:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "d5a-592b04aa1a6c3-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 jquery.sticky-kit.js Show response
www.bromium.com/wp-content/themes/Avada/assets/min/js/library/ 3 KB
2 KB 17ms
12ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/themes/Avada/assets/min/js/library/jquery.sticky-kit.js?ver=6.0.3

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

1b4944b5f8a439d1e7f531888ed6eb66781561f56f84336e75b218cb31bb9af9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 1208
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:05:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "aba-592b04aa1ae93-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 avada-tabs-widget.js Show response
www.bromium.com/wp-content/themes/Avada/assets/min/js/general/ 498 B
720 B 17ms
13ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/themes/Avada/assets/min/js/general/avada-tabs-widget.js?ver=6.0.3

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

518dc4e870b5f2140193cd37a5600bb913869e0a9f026bec1f1a28279676b388

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 258
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:05:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1f2-592b04aa1a2db-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 jquery.toTop.js Show response
www.bromium.com/wp-content/themes/Avada/assets/min/js/library/ 1 KB
1 KB 17ms
13ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/themes/Avada/assets/min/js/library/jquery.toTop.js?ver=1.2

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

211c0a338801bcc09e6378ad85542a9d65402051fdcf1b05227df8c65351f3e2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 582
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:05:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "49e-592b04aa1ae93-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 avada-to-top.js Show response
www.bromium.com/wp-content/themes/Avada/assets/min/js/general/ 467 B
715 B 17ms
13ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/themes/Avada/assets/min/js/general/avada-to-top.js?ver=6.0.3

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

664c2c1d41773a307b8c6e37e83091cd3549ae93322f3f2b2ccc7356ec30f1cf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 253
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:05:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1d3-592b04aa1a6c3-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 avada-drop-down.js Show response
www.bromium.com/wp-content/themes/Avada/assets/min/js/general/ 6 KB
1 KB 17ms
14ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/themes/Avada/assets/min/js/general/avada-drop-down.js?ver=6.0.3

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

af2eb72d6ea544f0cf26165bdacfd53240945d437cf9ceecc8f775de4334a094

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 1068
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:05:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1689-592b04aa1aaab-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 avada-rev-styles.js Show response
www.bromium.com/wp-content/themes/Avada/assets/min/js/general/ 3 KB
1 KB 19ms
16ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/themes/Avada/assets/min/js/general/avada-rev-styles.js?ver=6.0.3

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

b9632701332d1418c8ce8db50cc9ba68cf5d8354b7dae761d62805283aac435c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 614
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:05:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "ad1-592b04aa1aaab-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 jquery.elasticslider.js Show response
www.bromium.com/wp-content/themes/Avada/assets/min/js/library/ 4 KB
2 KB 19ms
16ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/themes/Avada/assets/min/js/library/jquery.elasticslider.js?ver=6.0.3

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

efd7b1811cef4b7c13b8ae58028f93fd15f154177f1a65df59c0f2139649b9ee

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 1622
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:05:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "11da-592b04aa1ae93-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 avada-elastic-slider.js Show response
www.bromium.com/wp-content/themes/Avada/assets/min/js/general/ 560 B
692 B 20ms
17ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/themes/Avada/assets/min/js/general/avada-elastic-slider.js?ver=6.0.3

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

0d8061eb9cc1b780cddf9d87afa463ec0b7edd5d97727fd4b3124c5c1516796f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 230
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:05:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "230-592b04aa1a6c3-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 avada-fusion-slider.js Show response
www.bromium.com/wp-content/plugins/fusion-core/js/min/ 50 KB
6 KB 20ms
17ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/plugins/fusion-core/js/min/avada-fusion-slider.js?ver=1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

5ef73e327836d23146aba8f4e1f4fe7896c5b3645923693510b378be1a9a0f13

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 5986
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Sep 2019 19:14:02 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "c860-592b06825b978-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 wp-embed.min.js Show response
www.bromium.com/wp-includes/js/ 1 KB
1 KB 21ms
17ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-includes/js/wp-embed.min.js?ver=5.2.1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 753
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 06 Feb 2019 17:49:09 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "57b-5813d57c3ef40-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 scripts.js Show response
www.bromium.com/wp-content/plugins/eu-cookie-law/js/ 3 KB
1 KB 21ms
18ms Script
application/x-javascript 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/plugins/eu-cookie-law/js/scripts.js?ver=3.0.6

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

b2777b2136591370735374104618934a186d85121cf3fc7dd8cabeaa9d19ecd8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 1055
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 14 Jun 2019 16:36:37 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "b90-58b4b400daf40-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 e-201939.js Show response
stats.wp.com/ 9 KB
3 KB 1084ms
16ms Script
application/x-javascript 192.0.76.3
Automattic

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-201939.js
Requested by: Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:27 GMT
content-encoding: gzip
server: nginx
etag: W/"5c6340e3-350a"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=31536000
expires: Sun, 06 Sep 2020 09:53:40 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-31745238-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 4768
date: Wed, 25 Sep 2019 16:25:58 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 17803
expires: Wed, 25 Sep 2019 18:25:58 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=844354871&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bromium.com%2Freawakening-of-emotet-an-analysis-of-its-javascript-downloader%2F%257C&ul=en-us&...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-31745238-1&cid=352680408.1569433526&jid=1801541846&_gid=1019575541.1569433526&gjid=1088950579&_v=j79&z=290063096
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-31745238-1&cid=352680408.1569433526&jid=1801541846&_v=j79&z=290063096
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-31745238-1&cid=352680408.1569433526&jid=1801541846&_v=j79&z=290063096&slf_rd=1&random=2107302757

42 B
109 B

32ms
32ms

Image
image/gif

2a00:1450:4001:81d::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-31745238-1&cid=352680408.1569433526&jid=1801541846&_v=j79&z=290063096&slf_rd=1&random=2107302757

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Sep 2019 17:45:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 25 Sep 2019 17:45:26 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-31745238-1&cid=352680408.1569433526&jid=1801541846&_v=j79&z=290063096&slf_rd=1&random=2107302757
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/155/ 9 KB
4 KB 23ms
23ms Script
application/x-javascript 104.111.251.133
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/155/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js?ver=1.0.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.251.133 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-251-133.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: efb6b9732bf508ee305363b10cf2a67ace474e06eb42642f2c3696b2442a5775

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 25 Sep 2019 17:45:27 GMT
Content-Encoding: gzip
Last-Modified: Fri, 30 Nov 2018 03:18:20 GMT
Server: Apache
ETag: "c67dad42946949112916578f78706df8:1543547900"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 3923
Expires: Fri, 03 Jan 2020 17:45:27 GMT

GET
H/1.1 200
OK visitWebPage Show response
497-itq-712.mktoresp.com/webevents/ 2 B
303 B 510ms
113ms XHR
text/plain 192.28.144.124
MARKETO

General

Check archive.org

Show headers Download Go to

Full URL: https://497-itq-712.mktoresp.com/webevents/visitWebPage?_mchNc=1569433527021&_mchCn=&_mchId=497-ITQ-712&_mchTk=_mch-bromium.com-1569433527021-36957&_mchHo=www.bromium.com&_mchPo=&_mchRu=%2Freawakening-of-emotet-an-analysis-of-its-javascript-downloader%2F%7C&_mchPc=https%3A&_mchVr=155&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/155/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.28.144.124 , United States, ASN53580 (MARKETO - MARKETO, Inc., US),
Reverse DNS
Software: akka-http/10.1.7 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 25 Sep 2019 17:45:27 GMT
Content-Encoding: gzip
Server: akka-http/10.1.7
Transfer-Encoding: chunked
X-Request-Id: f2af0563-b9bb-4b81-9b1e-7a3ea19cede4
Content-Type: text/plain; charset=UTF-8

GET
H2 200 sw-icon-font.woff
www.bromium.com/wp-content/plugins/social-warfare/assets/fonts/ 5 KB
5 KB 39ms
6ms Font
application/font-woff 2a02:fe80:1010::17:8
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bromium.com/wp-content/plugins/social-warfare/assets/fonts/sw-icon-font.woff?ver=3.6.1

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::17:8 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

Software

nginx /

Resource Hash

e35e7086118397db7576d4558becf44ba2749b14619e0bc716386123f0c254b8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
Origin: https://www.bromium.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: b7440e60b07ee7b8044761568fab26e8
content-length: 4893
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: nginx
x-frame-options: SAMEORIGIN
etag: "1324-58b4b4059fa80-gzip"
vary: Accept-Encoding
content-type: application/font-woff
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ 14 KB
14 KB 7ms
5ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: www.bromium.com
URL: https://www.bromium.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Lato:100,300,regular,700,900%7COpen+Sans:300%7CIndie+Flower:regular%7COswald:300,regular,700&subset=latin%2Clatin-ext
Origin: https://www.bromium.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 24 Sep 2019 11:23:49 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:55 GMT
server: sffe
age: 109298
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 14044
x-xss-protection: 0
expires: Wed, 23 Sep 2020 11:23:49 GMT

GET
H2 200 ipv
cdn.bizible.com/m/ 43 B
322 B 17ms
16ms Image
image/gif 93.184.220.178
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizible.com/m/ipv?_biz_r=&_biz_h=-1906410348&_biz_u=e5a17bce529d464ca9231cb8ea7f8c99&_biz_s=7df241&_biz_l=https%3A%2F%2Fwww.bromium.com%2Freawakening-of-emotet-an-analysis-of-its-javascript-downloader%2F%257C&_biz_t=1569433527265&_biz_i=Page%20Not%20Found%20-%20Bromium&_biz_n=0&rnd=30979&cdn_o=a&_biz_z=1569433527267
Requested by: Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.178 London, United Kingdom, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (amb/6B75) / ASP.NET
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Sep 2019 17:45:27 GMT
x-aspnetmvc-version: 4.0
last-modified: Fri, 20 Sep 2019 01:10:25 GMT
server: ECS (amb/6B75)
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status: 200
cache-control: no-cache, no-store
accept-ranges: bytes
content-type: Image/GIF
content-length: 43
expires: -1

GET
H2 200 g.gif
pixel.wp.com/ 50 B
92 B 16ms
15ms Image
image/gif 192.0.76.3
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A7.7.1&blog=149279503&post=0&tz=-7&srv=www.bromium.com&host=www.bromium.com&ref=&fcp=2163&rand=0.13330900257716238
Requested by: Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Wed, 25 Sep 2019 17:45:27 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 BizibleAcct.js Show response
cdn.bizible.com/ 378 B
550 B 128ms
127ms Script
text/javascript 93.184.220.178
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bizible.com/BizibleAcct.js?_biz_u=e5a17bce529d464ca9231cb8ea7f8c99&_biz_h=-1906410348&cdn_o=a&jsVer=4.19.08.20
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.178 London, United Kingdom, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8262031420e6721fa69252adead8d86edd8f1a33c6768de9bdd1d0a0e95f51fb

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 17:45:26 GMT
content-encoding: gzip
etag: 92365932
x-aspnetmvc-version: 5.2
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status: 200
cache-control: private, must-revalidate, max-age=21600
content-type: text/javascript; charset=utf-8
content-length: 325

GET
H2 200 u
cdn.bizible.com/m/ 43 B
117 B 18ms
17ms Image
image/gif 93.184.220.178
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizible.com/m/u?mapType=mkto&mapValue=id%3A497-ITQ-712%26token%3A_mch-bromium.com-1569433527021-36957&_biz_u=e5a17bce529d464ca9231cb8ea7f8c99&_biz_s=7df241&_biz_l=https%3A%2F%2Fwww.bromium.com%2Freawakening-of-emotet-an-analysis-of-its-javascript-downloader%2F%257C&_biz_t=1569433527269&_biz_i=Page%20Not%20Found%20-%20Bromium&_biz_n=1&rnd=823803&cdn_o=a&_biz_z=1569433527370
Requested by: Host: www.bromium.com
URL: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.178 London, United Kingdom, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (amb/6BBE) / ASP.NET
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.bromium.com/reawakening-of-emotet-an-analysis-of-its-javascript-downloader/%7C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Sep 2019 17:45:27 GMT
x-aspnetmvc-version: 4.0
last-modified: Thu, 19 Sep 2019 23:57:18 GMT
server: ECS (amb/6BBE)
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status: 200
cache-control: no-cache, no-store
accept-ranges: bytes
content-type: Image/GIF
content-length: 43
expires: -1

Verdicts & Comments Add Verdict or Comment

270 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bromium.com/	1970-01-19 12:42:49	Name: _biz_flagsA Value: %7B%22Version%22%3A1%2C%22Mkto%22%3A%221%22%2C%22XDomain%22%3A%221%22%7D
.bromium.com/	1970-01-19 12:42:49	Name: _biz_pendingA Value: %5B%5D
.bromium.com/	1970-01-19 12:42:49	Name: _biz_nA Value: 2
.bromium.com/	1970-01-19 03:57:15	Name: _biz_sid Value: 7df241
.bromium.com/	1970-01-19 03:58:39	Name: _gid Value: GA1.2.1019575541.1569433526
.bromium.com/	1970-01-19 12:42:49	Name: _biz_uid Value: e5a17bce529d464ca9231cb8ea7f8c99
.bromium.com/	1970-01-19 21:28:25	Name: _mkto_trk Value: id:497-ITQ-712&token:_mch-bromium.com-1569433527021-36957
.bromium.com/	1970-01-19 03:57:13	Name: _gat_gtag_UA_31745238_1 Value: 1
.bromium.com/	1970-01-19 21:28:25	Name: _ga Value: GA1.2.352680408.1569433526

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.bromium.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

497-itq-712.mktoresp.com
cdn.bizible.com
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
munchkin.marketo.net
pixel.wp.com
s0.wp.com
stats.g.doubleclick.net
stats.wp.com
www.bromium.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
104.111.251.133
192.0.76.3
192.0.77.32
192.28.144.124
2001:4de0:ac19::1:b:3a
2a00:1450:4001:800::2004
2a00:1450:4001:815::200e
2a00:1450:4001:817::200a
2a00:1450:4001:81a::2008
2a00:1450:4001:81d::2003
2a00:1450:4001:825::2003
2a00:1450:400c:c00::9d
2a02:fe80:1010::17:8
93.184.220.178
0035720fc5883c540c438849f0cd10659229c9d41f0a4ea6dc8fd369aa1e644b
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
0600dd41021581a95572cf76dfe6754f431bf17d1ed5d8407cbbfd41b3c18445
06c49df1e161d431beb0c50227884fd97c5ab52ab83373ca0ed0e1ee074034fe
06c98e261a30242e0e11b786d6bcfb03ba655703f46b2a593681cb2b373000a1
0c2d6aa51d3d04b3e548b51fec1d00d7e7ae1d2cced71ba4e2bb154a6871d6c7
0d60433f358a9a7bb29c32fdec48e10e33dc38783a28784cac859b21325298a8
0d8061eb9cc1b780cddf9d87afa463ec0b7edd5d97727fd4b3124c5c1516796f
0eb948d2111a3a8f5e1f1ad8f8ece80d0a10f8f1fc5e1c0c2e214d461a49a952
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
136859a04a16d051a3d15752d0b415a6c2c837f1278a56dbb87a0e93ba8b9601
166307cd00987388de2f33b9254ad547242dcf55e88ae3cc4866e75a5d882f6e
174e244c283a29b83acfc789a88f269dd468ecf03c7768356e691b81a010e542
1b4944b5f8a439d1e7f531888ed6eb66781561f56f84336e75b218cb31bb9af9
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
200aa81263dd5ac5a353e5dd0dab49ada16d846e5129854fb7924e0c3c26bbc6
203130ec8a2062b3e7aa9009fa799e5d9cb655e4d882a3f5699b481d1fee133d
211c0a338801bcc09e6378ad85542a9d65402051fdcf1b05227df8c65351f3e2
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7
221e4ccbe2e2b4c36be6e406a1e5b1a90ce46d9791ce18e5e1cc75c6caef9a66
225978e62705950d43f151a42fe6bbee9d02a3c75cfae8121d6c42608f98e317
233cb2b905dec5df68df039e52e26980f674880fee51a8f6b7f75486760f1f3e
23bd7e5fac741d9a4b7cd4572ab0df7556b4dd610c67e3dfaa852d28812b4250
23c56768f6e73fc6cc283e1a7c7378335046b20fcfc4c6d51427021cee0cc870
245dba3be6a1b10208f628f21377fc998b5384dc303bdef6954df3910e4f36b5
2a324d3a51f059d0005f3ffaeee834c615bdcd8e6b99abfce0b19b6ed3588507
2b01072bc605e2004b2013b56510475dba15fc901809de67475269d32fb3384d
312c164cb73133f2aef50f88906924ab050188ad211e8d82ee95e34a1f0dcf04
318c82030733c1cff75b713ed1efd26385fdfe3ee7704fd1322cb21b03a7773d
33729b857c5024754aa713d7af5443f8d3ea366203cbc2df719fea37bedd358b
34e014c7d41ab0ae2996907824eda3bde337242ebd9dc29aeccd9d67078246ab
386642ab1368fac97c760cf61e9d4f8009e9d439edd08f1c68d67a2823ec6739
38e2357a7e1247afb1475fd6294b7fb8fe8d085a662bc7fc14659bbf852bcd14
39eadd1cbab3247462a6e2c98e375d19e3e6e9b7a52bcf5996f396b83e82fc85
3c8feb3e128fdac8a955b9769fd079d038ba2bedd0fdffa69008713b0acec0d1
3ef8e11864cb4fe830ee71e98447368b0255a360f27efcf9201ed9418f328313
4463996b808a043a2091ce400b56adcdb7407264272e6d2e389075e143e1c901
45012f93c4cbd739c51f4043a3a1d3c8377272ef606dd39e51a6a81e02dad594
45489ffcf01ef61169bda340908095cfc2c0ddcfa78a6cad71a2d1b636feccdf
4665de7378760273890dbcfd0ffd5d0f3944321840368f72682377fa70381c76
485051dbfed6789dd50974fffe3dff1d49b19b4346dbb6aed7612d561829861a
487973b68f6f3fe6b671676c1d7f88605094b35079988283065b9520847bec39
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4a7b353345f28b2f6473cf4b09bd8630b109184e31e8d999ccea5d7e741e4351
4faf341bf92e983768d21ea0a33b13f9ca52eb688714211a3a5c4d683447db2a
501c8b7edd85aa5b93a52254d40cf04d754018292b113caf7f76441701d30a0a
50346569eae9b84537df4e0380268010069f7335b19e05c39502a7e18874a2b4
518dc4e870b5f2140193cd37a5600bb913869e0a9f026bec1f1a28279676b388
51e3bcc3ac62c35390092bef9784cfc44241c9abb5d931ccdfbb199ebf2b822e
51f437b6f094b2af0f14ecf6cc71e51ea36f08df0fa86b740d71665f694962b5
522e41becdacdc1f0a263e0b96346f7c17c1d60fe3a9094f916b0b149758f08f
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56584aa34b480fff277fcf192b5d2b72668dbf951fb612bf516cc35d4386e6a5
576dbcdc2b09b0348dc8dc291c502a6b2a4fa29f9bca5f375844cdf91fb3869e
578332cd14c1c8f1c9ea7cc966ca50ae73945b7de3055e07f06dc099d4feeee0
582278063c6f97f70b739bc1530060e16e176bb7b792ec5bd542d2083ed6b21c
599b94fef9bd0069a32e3a11877547f3fabe274312c85873cab9ce334238bc8d
5ca946de5ba3710a3293fa8d6eb9215dc418f05330648553a75decc827844fe7
5ef73e327836d23146aba8f4e1f4fe7896c5b3645923693510b378be1a9a0f13
6079846ac0e7e7be2e12d2a47393daad546a2dcad2c7a6b4113da578ac9ad908
6116ae66bf197d1ddf9de2dbf754de1ff86b2874f383a574b35ffa21b2a1f714
62855a25508bf218a96a1179788320756ce0ae0346a586cca1fc5a6b5e7a4668
63ed555e24a73983f619230c63243f1ce2249c1cbc78028b63eea5b3c3227e6e
65f43a688654377714ada498bc7751c83dacec52ef1b50d3b28f70bbb1b8dabe
664c2c1d41773a307b8c6e37e83091cd3549ae93322f3f2b2ccc7356ec30f1cf
66f7eaa7a45f696c332cd450771f4be48e110f6afbe1fe7b39c7a95518aeef76
71ff8a59487fa0359615241b7be46386c0c111775e9362d7a561653be9af1545
72dffa85a4a15a6a3735ad2e527bd5f3b00bb635eb46684fb7e538c7f71c238f
7320f1b88beceab8c7640034d3db5012251f4823a593270f8abfdfce0b74d849
739d04f8a9e5e072bc8d18cfdb327a943093b8091b4c3a4588c494606d6e930a
756df835cdc3e6d51abfaa6f2cd0d48a3430e2bcc2c12566e06dc79f3ba4ff74
758d231942d29bdfbf2d9c4fa37ee51b88665a35e0a17928726149ed7e1ef90e
766f5c3f6aa0ed00ab4bda1548d2a72c0de0374bfe81420b98fb0ca174cca3e8
7a109bbaf31b60ea0c1182758f73e7e2050aeabc9d37913ebc0c72030a48cf23
7ce35e3387b4150bda77caaf4b052d417d6fe2f4e1dd52dfa556534eb5c36e2c
8262031420e6721fa69252adead8d86edd8f1a33c6768de9bdd1d0a0e95f51fb
836e98f92408ccb7250927acef9b494fbacc18678ef18888f835101557bddd37
866b1a107ed26667b3f3fc120b0d1889e5a78c752314cf35e2e069111480e485
86f306efe3ec56b97723e20997d0eeb2b0bf6f1ccd62822dc3c89f62330b12de
88a7e4cccc0b6c41c2083d7ab0ee74767320246b2ce97fa78339068b15fbb854
8ab9d49b143033d0ac3b4b6f72e52e99dd2fb7327a22c734e85462d2938ddb72
8b4fc32fecc964aac554b5dd7ccc157d1edd7aa48737235c47b181a98fae1848
8df538914fba722850077131e0945dce3dc057ddad54441557115bf3ee6a0355
91114d5cc5112c5a53e678c4b85378a7b18a69896ad7931aca11af02c4c19cf9
9429ee4c72b54cb89958d12d819964e6b5ce7395bbec1f23015954f1aeb5adc7
947cc9fb012ddf07f3d3ff0e307050dc048b502bd659948e2953f8be0f032a81
95577ab82ae6298380cdbd69ecc41d5b6895cbc107b7b996e03a96673e3470ae
9809680fde3cd05513652e724c9a317abdd3efe07147d6dd375d928dd7f8e801
980aba21181e373e49d5e2602223454f0bb78ccb263eabcfb850abb14ad8c904
9a2417fe94980c710d606030d0b1ec1f1794522a1006bc9afbcf9aef00035b4d
9a2d11b76feb7a9e531a9d055fae88e495017645e5c823a010c818a7744b2c45
9dde84fb275fea3f96dfdda1475b5309f0630d5c36eb2fa262d6d22fd3b802c0
a45c2a1c33343ab850988816a434cdc49b5d3e97974b8359319e701872dff437
a89c958f3a4bde414ee9c20002614d2a48ea28614e300c641a710a685c173197
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
abe2ab15f04f1550b12079274e792729ff7ee425f9d5756d627878e2ed1ee182
ad146bc68ee1de51975ba964dc4142a17bdc78621a009f814523ba9000b37811
af2eb72d6ea544f0cf26165bdacfd53240945d437cf9ceecc8f775de4334a094
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b026d303f9cf5c28c00da0fa4d537b574556524e49fb50434e580530715c00b6
b2777b2136591370735374104618934a186d85121cf3fc7dd8cabeaa9d19ecd8
b4150e08f3f1a1ece02d3d26caaf38750d952fba1c5aac00b808cb3b71953d1d
b42989a0f2a1fb6d69e72c4f548ef2e73c4d3089d53649f5ed75e45c7b91cffb
b44178e7c512a3f5f9b5795f565518de8e91b5970a10fb0cd9a43faab4db9197
b5bc1574c1a34e5d2e43b55bd08f5e8b96e503a47aa5ca91dea2a0afe232d15d
b5f949ee17347bdfa9456e7eedd3a0445eccc8809c33b1842551eb5c5daaabd0
b6ce2750a5429b968ac4c675acacfbd7da06ddf4638fb1e73ffb0a4553b346cb
b9632701332d1418c8ce8db50cc9ba68cf5d8354b7dae761d62805283aac435c
ba0981e8fbb7b50cc19479c3f0378996698359ffa2f5d8e90bef26c85cd72a39
ba3c591c841f6937122e46742b03b77527d9a086525f96ef64a5ee952f42d28d
bd6def1ae1509946499390f95acaa1fd39a76452c8312f165d2bc0b791c9e0ef
c3ef28a4f156c353239b74328046126175c702be2d89b9a24c8527a8b53ee0e4
c8717a5a7b2fe5da16e8a80bd6977acf54577b77be875dcac744ac031d25f4d4
c91b0ef0c9235c53d5ea9a74036c5ec2f6f916c02b80dc344c8975cfab558ab8
cae9d59a10b9f1b90460a886ad511e82e195e84f6e16aff8bc100672ee3f99ed
cc5b7e9d50341b678822a5768ded2b87098a89ca6e96a453ddec9d51ca87bbe8
d14332dbfda395a1a0b849313089e74bb68cd16cce76aead3e0b70d1f99a573d
d63fa35ad0ec42110f7779d3825e3bcf079bf7fe188c7e7909494002194d694d
d67cc10d9aebad67032555fcea3f8b6302b21cbdbe1348a1b0d43be0feab2a80
d882bbd73aa836e0c9ce3c8105f0247585503ccdf6ea00bb3ac641b149e183f7
d8c237ac23e562540132de6ced5d5a5619a6ee895b0da0298bfdb6e7bbceb7b2
d9734d3878462f986f7f2361899a1eb1f31dd40331af4ce584d1fc6a56be7304
dab841e868096db0be5a45245f3b492571b1dbddb3de113ce5b89b9394a46335
daf181ab9ead5372eefb6fe5d87704d7abdbfa6c09e4c79a2a2f688c6fac5ada
dafbe218145b984233ef8a7a7b62472d5cad7aa03f066ec6c460d61d68bf5584
dbabf1b2b74046794682055598b1989a3e72e80f711bd6b1762c5688f3385a4f
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dd3683b4ac4218364a65840dfef8655020d51ec5acc7ac6bda41bbc727c90e66
de5ba330570616401d1840de0075059a65e62280b8d2524334be84290f43a4d7
df914f3ec658ffe02311d22885c9668082387417253b228e88f601dc3f422783
dfc519eb2d0e5ac0e8cdbe86fef355135280c643df14fa9a8e6abd5820d01159
e1ad0b4138c80c3d001287d48a3915724c963ef85787df537a8de61f906c5f8e
e21d3d8819243a6cd99c4ab2ed4e9518e3a239f76bf3e9481f318eb4153458e9
e35e7086118397db7576d4558becf44ba2749b14619e0bc716386123f0c254b8
e44186395f92ca92a743b7bfce319e95f8a16705b772ae61fc46e8c00f6842c4
e4d95c8c18f88a5e9fb28ebabb034f88f48a439bf512d0bdff78161efd302811
e60fbf0bdc14cbc9e44557e622bdd1864f5556b72b7d9f46e0f039aed2f4840a
e7a2dfad0d259b4b0a3fb9fc96b807545d991c4fa2197f1c1a7ef42eb202cf0f
eaefd1c3002cf49da68fdd41696a1f9460449dee5a2ba4946fc813eeb5c6d292
ed00ca0964cbfca3e3a28ff14ba988ead8846f695adc310f8d3ad796ffed28fb
ed891295d5d4f70182e68bb3fa450a2b0bf22cfc89286c420632639fb6fd3510
ede120ea76b43913e6b04047363d64e2990e2bd2905ebd2f84eef474239e8559
ee89844ee9b870dc8d27d57ed1f33ece7a834c665db9f8c7eec20e0d482cf1c8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb6b9732bf508ee305363b10cf2a67ace474e06eb42642f2c3696b2442a5775
efd7b1811cef4b7c13b8ae58028f93fd15f154177f1a65df59c0f2139649b9ee
f0aeeddea2ff4bf7047e8068573303ac90d47bc1476870b215ae19cb9748f929
f21de765b65c579280cb9915be3ff45c473cbae011a13a67e2a4ea4d898bf06b
f271f3bdbf331ba4b975ae28d46062968ca1623bd8306201de6b83b2b0cf3949
f32d41f2099a0be20e6b57c5e0d1b71c079d3e1345827b0f5c5b97c6e5e3f78d
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f4a702c61f8ad016e4d0817fd996f04ca0801b29d4980ee0ae46adf08eda7688
f51732dba5b2f97609ff8c2d180a95e0ff54d48dcf0389bf0642a2d425c2c8e8
f60c29fe691d2e86ac7912268faf0f341a4dbdb28346fa04bc4b0b13568b83c7
f65f3aeed46b79940849fa2022f2cbdf368288de9046f2b3da075c42f9dde8f6
f82ebaedaf6959f99a1b89924070884226b0e52792f63cf53082211cb1e96a54
fa34de993dea91eb0120c3745378192fa1177ba8ec5772e08632318d1d5e1267
fa80baec432350a1a335a421479336b65432f358727c89f0e414fe11fa39cd10
fb19b647849cd037331a7a017e6d5466dc90e3ba866a69ba3c3c5d512f276f13
fcd6ddff5b80b53ef5e854b70b582b1e8cc693035e6b0e668eb7c5b85dccedf7
fe85251352045b1d73418f58468a6aa1344866115e8c3a3a67a9b65168aa4350
ffa31f5802b20d64a10c71ad93394c1e2b4b16f33e2f479d8274fd02ce0a594f

www.bromium.com Open in urlscan Pro 2a02:fe80:1010::17:8 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

164 Requests

100 %HTTPS

64 %IPv6

13 Domains

15 Subdomains

12 IPs

5 Countries

1712 kBTransfer

4928 kBSize

9 Cookies

7 Outgoing links

Redirected requests

164 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.bromium.com Open in urlscan Pro
2a02:fe80:1010::17:8 Public Scan

Screenshot
Live screenshot

Full Image

164
Requests

100 %
HTTPS

64 %
IPv6

13
Domains

15
Subdomains

12
IPs

5
Countries

1712 kB
Transfer

4928 kB
Size

9
Cookies

164 HTTP transactions
0 data transactions