www.recordedfuture.com Open in urlscan Pro
104.20.0.126 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.recordedfuture.com/exploit-kits-delivering-malware/
Submission: On January 27 via api (January 27th 2021, 3:27:45 pm UTC) from DE

Summary HTTP 191 Redirects Links 32 Behaviour Indicators

Summary

This website contacted 45 IPs in 7 countries across 37 domains to perform 191 HTTP transactions. The main IP is 104.20.0.126, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.recordedfuture.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on November 9th 2018. Valid for: 2 years.

This is the only time www.recordedfuture.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 74	104.20.0.126 104.20.0.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
9	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:ddcc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700::68... 2606:4700::6810:7eaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	185.59.220.196 185.59.220.196	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
2	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.199.110.153 185.199.110.153	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:d4cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	104.108.67.47 104.108.67.47	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	13.224.194.79 13.224.194.79	16509 (AMAZON-02) (AMAZON-02)
18	89.187.169.26 89.187.169.26	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
1	2a02:26f0:10c... 2a02:26f0:10c:58e::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	65.9.7.129 65.9.7.129	16509 (AMAZON-02) (AMAZON-02)
1	185.33.221.53 185.33.221.53	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2606:4700::68... 2606:4700::6811:46b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:15bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
1	23.21.252.4 23.21.252.4	14618 (AMAZON-AES) (AMAZON-AES)
6	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1 1	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1 2	2a05:f500:10:... 2a05:f500:10:101::b93f:9105	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	54.197.143.221 54.197.143.221	14618 (AMAZON-AES) (AMAZON-AES)
1	143.204.94.67 143.204.94.67	16509 (AMAZON-02) (AMAZON-02)
2 2	54.228.192.197 54.228.192.197	16509 (AMAZON-02) (AMAZON-02)
1 2	13.225.80.54 13.225.80.54	16509 (AMAZON-02) (AMAZON-02)
1	34.120.207.148 34.120.207.148	15169 (GOOGLE) (GOOGLE)
1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
2	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1	151.101.114.110 151.101.114.110	54113 (FASTLY) (FASTLY)
2	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
13	52.38.14.212 52.38.14.212	16509 (AMAZON-02) (AMAZON-02)
4	199.60.103.254 199.60.103.254	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
2	162.247.242.20 162.247.242.20	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
1	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:800e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
3	185.59.220.197 185.59.220.197	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
191	45

74 104.20.0.126 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.recordedfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

no-cache.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cta-service-cms2.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:ddcc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscta.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7eaf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.59.220.196 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)
PTR: unn-185-59-220-196.datapacket.com

cdn.materialdesignicons.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.199.110.153 (United States)

ASN54113 (FASTLY, US)

kenwheeler.github.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d4cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.108.67.47 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-67-47.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.194.79 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-79.fra2.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 89.187.169.26 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)
PTR: unn-89-187-169-26.cdn77.com

load.sumo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:10c:58e::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.7.129 (Seattle, United States)

ASN16509 (AMAZON-02, US)

tag.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.221.53 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:46b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:15bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.21.252.4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:234:59:254c:406:2366:268c (United States) 1 redirects

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:10:101::b93f:9105 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.197.143.221 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-197-143-221.compute-1.amazonaws.com

js.driftqa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.94.67 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-94-67.fra50.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.228.192.197 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.80.54 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-80-54.fra2.r.cloudfront.net

segments.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.207.148 (United States)

ASN15169 (GOOGLE, US)
PTR: 148.207.120.34.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 52.38.14.212 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-38-14-212.us-west-2.compute.amazonaws.com

sumo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 199.60.103.254 (Canada)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

go.recordedfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.242.20 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-8.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

clients6.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:800e:face:b00c:0:2 (Ireland)

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.59.220.197 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)

media.sumo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
78	recordedfuture.com 1 redirects www.recordedfuture.com go.recordedfuture.com	9 MB
34	sumo.com load.sumo.com sumo.com media.sumo.com	640 KB
9	hubspot.com no-cache.hubspot.com cta-service-cms2.hubspot.com track.hubspot.com	170 KB
8	google-analytics.com ssl.google-analytics.com www.google-analytics.com	71 KB
5	googleapis.com fonts.googleapis.com	4 KB
4	google.com www.google.com clients6.google.com	766 B
4	facebook.com www.facebook.com graph.facebook.com api.facebook.com	2 KB
4	6sc.co j.6sc.co c.6sc.co b.6sc.co	8 KB
3	google.de www.google.de	766 B
3	doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	3 KB
3	company-target.com 1 redirects api.company-target.com segments.company-target.com	2 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	3 KB
3	twitter.com 1 redirects platform.twitter.com analytics.twitter.com	1 KB
3	driftt.com js.driftt.com	81 KB
3	facebook.net connect.facebook.net	93 KB
3	googletagmanager.com www.googletagmanager.com	130 KB
2	nr-data.net bam.nr-data.net	464 B
2	t.co t.co	572 B
2	bidr.io 2 redirects match.prod.bidr.io	1019 B
2	ads-twitter.com static.ads-twitter.com	4 KB
2	cloudflare.com cdnjs.cloudflare.com	5 KB
2	materialdesignicons.com cdn.materialdesignicons.com	212 KB
2	unpkg.com 1 redirects unpkg.com	5 KB
1	newrelic.com js-agent.newrelic.com	11 KB
1	googleadservices.com www.googleadservices.com	13 KB
1	rlcdn.com id.rlcdn.com	66 B
1	driftqa.com js.driftqa.com	21 KB
1	gstatic.com fonts.gstatic.com	9 KB
1	ipify.org api.ipify.org	215 B
1	hs-banner.com js.hs-banner.com	14 KB
1	hs-analytics.net js.hs-analytics.net	19 KB
1	adnxs.com secure.adnxs.com	712 B
1	demandbase.com tag.demandbase.com	16 KB
1	licdn.com snap.licdn.com	2 KB
1	hs-scripts.com js.hs-scripts.com	845 B
1	github.io kenwheeler.github.io	1 KB
1	hscta.net js.hscta.net	4 KB
191	37

	Domain	Requested by
74	www.recordedfuture.com	1 redirects www.recordedfuture.com
18	load.sumo.com	www.recordedfuture.com load.sumo.com
13	sumo.com	load.sumo.com
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.recordedfuture.com
5	fonts.googleapis.com	www.recordedfuture.com
4	go.recordedfuture.com
4	cta-service-cms2.hubspot.com	js.hscta.net
3	media.sumo.com	load.sumo.com
3	track.hubspot.com
3	www.google.de	www.recordedfuture.com
3	www.google.com	www.recordedfuture.com
3	js.driftt.com	www.recordedfuture.com js.driftt.com
3	connect.facebook.net	www.recordedfuture.com connect.facebook.net
3	www.googletagmanager.com	www.recordedfuture.com www.googletagmanager.com
2	bam.nr-data.net	js-agent.newrelic.com
2	analytics.twitter.com	static.ads-twitter.com platform.twitter.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	t.co	www.recordedfuture.com
2	segments.company-target.com	1 redirects www.recordedfuture.com
2	match.prod.bidr.io	2 redirects
2	www.facebook.com	www.recordedfuture.com connect.facebook.net
2	px.ads.linkedin.com	1 redirects www.recordedfuture.com
2	b.6sc.co	www.recordedfuture.com
2	ssl.google-analytics.com	www.recordedfuture.com
2	static.ads-twitter.com	www.googletagmanager.com www.recordedfuture.com
2	cdnjs.cloudflare.com	www.recordedfuture.com
2	cdn.materialdesignicons.com	www.recordedfuture.com cdn.materialdesignicons.com
2	unpkg.com	1 redirects www.recordedfuture.com
2	no-cache.hubspot.com	www.recordedfuture.com
1	api.facebook.com	load.sumo.com
1	graph.facebook.com	load.sumo.com
1	clients6.google.com	load.sumo.com
1	js-agent.newrelic.com	www.recordedfuture.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.googletagmanager.com
1	id.rlcdn.com	www.recordedfuture.com
1	api.company-target.com	tag.demandbase.com
1	js.driftqa.com	www.recordedfuture.com
1	www.linkedin.com	1 redirects
1	platform.twitter.com	1 redirects
1	fonts.gstatic.com	fonts.googleapis.com
1	api.ipify.org	www.googletagmanager.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	secure.adnxs.com	j.6sc.co
1	c.6sc.co	j.6sc.co
1	tag.demandbase.com	www.recordedfuture.com
1	snap.licdn.com	www.recordedfuture.com
1	j.6sc.co	www.recordedfuture.com
1	js.hs-scripts.com	www.recordedfuture.com
1	kenwheeler.github.io	www.recordedfuture.com
1	js.hscta.net	www.recordedfuture.com
191	52

This site contains links to these domains. Also see Links.

Domain
support.recordedfuture.com
app.recordedfuture.com
go.recordedfuture.com
aws.amazon.com
recfut.force.com
fidelissecurity.com
blog.trendmicro.com
www.zdnet.com
blog.malwarebytes.com
www.mcafee.com
www.trendmicro.com
uk.reuters.com
unit42.paloaltonetworks.com
securityaffairs.co
securityboulevard.com
research.checkpoint.com
www.adobe.com
www.rand.org
id.recordedfuture.com
www.facebook.com
twitter.com
www.instagram.com
www.linkedin.com
www.youtube.com

Subject Issuer	Validity	Valid
*.recordedfuture.com DigiCert SHA2 Secure Server CA	`2018-11-09` - `2021-02-11`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2020-07-27` - `2021-07-27`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-04` - `2021-08-04`	a year	crt.sh
cdn.materialdesignicons.com Sectigo RSA Domain Validation Secure Server CA	`2019-06-03` - `2021-06-02`	2 years	crt.sh
www.github.com DigiCert SHA2 High Assurance Server CA	`2020-05-06` - `2022-04-14`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.6sc.co DigiCert SHA2 Secure Server CA	`2020-01-07` - `2021-04-07`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-12-22` - `2021-03-21`	3 months	crt.sh
drift.com Amazon	`2020-09-21` - `2021-10-23`	a year	crt.sh
*.sumo.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-30` - `2021-05-30`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
tag.demandbase.com Go Daddy Secure Certificate Authority - G2	`2020-10-14` - `2021-11-15`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2021-01-19` - `2022-02-19`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-01-06` - `2021-07-05`	6 months	crt.sh
driftqa.com Amazon	`2020-06-18` - `2021-07-18`	a year	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2020-10-09` - `2021-10-28`	a year	crt.sh
*.company-target.com Go Daddy Secure Certificate Authority - G2	`2019-06-19` - `2021-08-18`	2 years	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-14` - `2021-04-23`	a year	crt.sh
www.googleadservices.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
t.co DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-12-28` - `2021-05-07`	4 months	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
go.recordedfuture.com Cloudflare Inc ECC CA-3	`2020-08-16` - `2021-08-16`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh
media.sumo.com R3	`2021-01-04` - `2021-04-04`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.recordedfuture.com/exploit-kits-delivering-malware/
Frame ID: 5A50A17C9AA7F90ADE6AC12E50B23104
Requests: 197 HTTP requests in this frame

Frame: https://js.driftt.com/core?embedId=mp5rtwcnz2nd&forceShow=false&skipCampaigns=false&sessionId=76bfd8dd-79df-4221-859d-f63174282ab2&sessionStarted=1611761248&campaignRefreshToken=d92d5b38-cda4-4594-9042-79732cfc521d&pageLoadStartTime=1611761247537
Frame ID: F9F750551B67065D1E8ACEFBA4860B3A
Requests: 1 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat
Frame ID: EED26CBB963CC066B5B84EB8C128C754
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.recordedfuture.com/exploit-kits-delivering-malware HTTP 301
https://www.recordedfuture.com/exploit-kits-delivering-malware/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: $Varnish\/([\d.]+)$)?/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

191
Requests

99 %
HTTPS

51 %
IPv6

37
Domains

52
Subdomains

45
IPs

7
Countries

11245 kB
Transfer

18336 kB
Size

24
Cookies

32 Outgoing links

These are links going to different origins than the main page.

URL: http://support.recordedfuture.com/
Title: Support

Search URL Search Domain Scan URL

URL: https://app.recordedfuture.com/live/login/
Title: Sign In

Search URL Search Domain Scan URL

URL: https://go.recordedfuture.com/demo
Title: Get a Demo

Search URL Search Domain Scan URL

URL: https://aws.amazon.com/marketplace/seller-profile?id=0e798044-1f43-48fa-8621-cf2207e7e204
Title: Learn More

Search URL Search Domain Scan URL

URL: https://recfut.force.com/partnerportal
Title: Partner Portal Log In

Search URL Search Domain Scan URL

URL: https://go.recordedfuture.com/hubfs/reports/cta-2020-1210.pdf
Title: Click here

Search URL Search Domain Scan URL

URL: https://fidelissecurity.com/threatgeek/threat-intelligence/revisiting-exploit-kits-old-vulnerabilities/
Title: seen

Search URL Search Domain Scan URL

URL: https://blog.trendmicro.com/trendlabs-security-intelligence/angler-shift-ek-landscape-new-crytpo-ransomware-activity/
Title: arrest

Search URL Search Domain Scan URL

URL: https://www.zdnet.com/article/chrome-86-released-with-password-related-security-improvements/
Title: browser security

Search URL Search Domain Scan URL

URL: https://blog.malwarebytes.com/social-engineering/2020/09/malvertising-campaigns-come-back-in-full-swing/
Title: September 2020

Search URL Search Domain Scan URL

URL: https://www.mcafee.com/enterprise/en-us/threat-center/threat-landscape-dashboard/exploit-kits-details.fallout-exploit-kit.html
Title: associated

Search URL Search Domain Scan URL

URL: https://www.trendmicro.com/en_us/research/19/k/new-exploit-kit-capesand-reuses-old-and-new-public-exploits-and-tools-blockchain-ruse.html
Title: observed

Search URL Search Domain Scan URL

URL: https://uk.reuters.com/article/uk-russia-cyber-arrests-idUKKCN0YN42R
Title: suspected

Search URL Search Domain Scan URL

URL: https://unit42.paloaltonetworks.com/unit42-decline-rig-exploit-kit/
Title: favored

Search URL Search Domain Scan URL

URL: https://securityaffairs.co/wordpress/93577/malware/capesand-exploit-kit.html
Title: appears

Search URL Search Domain Scan URL

URL: https://securityboulevard.com/2019/11/maze-ransomware-exploiting-exploit-kits/
Title: dropper

Search URL Search Domain Scan URL

URL: https://research.checkpoint.com/2020/graphology-of-an-exploit-volodya/
Title: Checkpoint

Search URL Search Domain Scan URL

URL: https://go.recordedfuture.com/hubfs/reports/cta-2018-0327.pdf
Title: seven of the top 10 vulnerabilities

Search URL Search Domain Scan URL

URL: https://www.zdnet.com/article/ransomware-operators-buy-network-access-from-the-underground-to-speed-up-infection/#ftag=RSSbaffb68
Title: purchasing

Search URL Search Domain Scan URL

URL: https://www.adobe.com/products/flashplayer/end-of-life.html
Title: discontinuing support

Search URL Search Domain Scan URL

URL: https://www.rand.org/content/dam/rand/pubs/research_reports/RR1700/RR1751/RAND_RR1751.pdf
Title: report

Search URL Search Domain Scan URL

URL: https://go.recordedfuture.com/cs/c/?cta_guid=bfb042c4-2edc-4f3e-b748-d104f601ac33&signature=AAH58kGGC6fATeFKpBiGiMfBlE2I4EPoxA&placement_guid=9210833d-34a7-4597-ade0-03e16dcbc24c&click=8e59c60d-9417-4e29-b75a-360f15ba905c&hsutk=06d14af4ff51bb153f0ab662870af7c6&canon=https%3A%2F%2Fwww.recordedfuture.com%2Fexploit-kits-delivering-malware%2F&portal_id=252628&redirect_url=APefjpEtgvGyhIi-s6WMPOeMzXDGvtfgYH9fMQ3eD7XcWTLFjRL25swqaiGCLdkmoOgzGTBC9_zpEgtBVkWDpnFzPiMNXqPSjdq79d7gT99BR1Nt1Nusp81G-34ZTPNFwgYINUeM5SFfHhzVWuBqENEezX74zXO4MsKsKR6NLxgPzOow2xE3qsRXU-8vPu3Gug_B8Nu5ezYGwBkHuZHPqloW0eflMLoio--uvDep3enrVsk3g-KFuKNAG6okfT8-rNvCuyqC8hGmTu7x27xzBp0XOALQ_efDGQ&__hstc=57501621.06d14af4ff51bb153f0ab662870af7c6.1611761248788.1611761248788.1611761248788.1&__hssc=57501621.1.1611761248789&__hsfp=2978788718
Title:

Search URL Search Domain Scan URL

URL: https://go.recordedfuture.com/cs/c/?cta_guid=2e21fef8-db34-4568-83d3-81489939d16f&signature=AAH58kFCTApyCYdkBAKWiPoIefUwuPyINw&placement_guid=a7fb8b5c-b14d-4030-a76d-26dbc96ab43b&click=7915adf4-22fd-4373-a371-0d416871d413&hsutk=06d14af4ff51bb153f0ab662870af7c6&canon=https%3A%2F%2Fwww.recordedfuture.com%2Fexploit-kits-delivering-malware%2F&portal_id=252628&redirect_url=APefjpHIJ620YfeONxm6ERgynGKUNwD_pRXGZZS0zkPoPIJsVwjyNIeZ8gc9YVrVXCczPemceTvsealGX2NxxPpTre93ckaNaRwTfSKrXiFZ00osvXQ3oG2C46RRZe5jXzKngNMVg9GjUL9rApOwon1x3f0IX9DO4JC8KI6i4C68zJb-8A4jfXh3dPYRsYE2ic5XaQTN66u2LXbwF3VjcPgQqJ4pidTENjK_VSh70Z2ldF9sGHWesx35i4iiFSkEHNDGyE_E_gXnIV4_DKnegZbQwy1WImq44w&__hstc=57501621.06d14af4ff51bb153f0ab662870af7c6.1611761248788.1611761248788.1611761248788.1&__hssc=57501621.1.1611761248789&__hsfp=2978788718
Title:

Search URL Search Domain Scan URL

URL: https://go.recordedfuture.com/cyber-daily
Title: Cyber Daily

Search URL Search Domain Scan URL

URL: https://go.recordedfuture.com/book
Title: Handbook

Search URL Search Domain Scan URL

URL: https://id.recordedfuture.com/login?request_id=eyJpZCI6IjI3OTY0N2RhLWRmNDctNDJmNC1hM2FjLTM5MTM3NTQ1MmQ1NiIsImNsaWVudF9pZCI6InBvcnRhbCIsInJlc3BvbnNlX3R5cGUiOlsiY29kZSJdLCJzdGF0ZSI6IjZ3MUszdFlwNEhaNSIsInJlZGlyZWN0X3VyaSI6Imh0dHBzOi8vYXBwLnJlY29yZGVkZnV0dXJlLmNvbS9yZi9hcGkvdjEvbG9naW5fY2FsbGJhY2siLCJzY29wZSI6WyJlbWFpbCIsIm9wZW5pZCJdfQ==
Title: Sign In

Search URL Search Domain Scan URL

URL: https://support.recordedfuture.com/hc/en-us
Title: Support

Search URL Search Domain Scan URL

URL: https://www.facebook.com/RecordedFuture
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/RecordedFuture
Title:

Search URL Search Domain Scan URL

URL: https://www.instagram.com/recordedfuture/
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/recorded-future/
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/RecordedFuture
Title:

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.recordedfuture.com/exploit-kits-delivering-malware HTTP 301
https://www.recordedfuture.com/exploit-kits-delivering-malware/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

https://unpkg.com/aos@2.3.1/dist/aos.js?ver=3.4.8 HTTP 302
https://unpkg.com/aos@2.3.1/dist/aos.js

Request Chain 111

https://platform.twitter.com/oct.js HTTP 301
https://static.ads-twitter.com/oct.js

Request Chain 113

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=26800&time=1611761248022&url=https%3A%2F%2Fwww.recordedfuture.com%2Fexploit-kits-delivering-malware%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D26800%26time%3D1611761248022%26url%3Dhttps%253A%252F%252Fwww.recordedfuture.com%252Fexploit-kits-delivering-malware%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=26800&time=1611761248022&url=https%3A%2F%2Fwww.recordedfuture.com%2Fexploit-kits-delivering-malware%2F&liSync=true

Request Chain 121

https://match.prod.bidr.io/cookie-sync/demandbase HTTP 303
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1 HTTP 303
https://segments.company-target.com/log?vendor=choca&user_id=AAGbWU7AIw0AABAlMW22yA HTTP 303
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAGbWU7AIw0AABAlMW22yA&verifyHash=cd83cd0c45dfc347cebfa50497c72197601da3e3

191 HTTP transactions
13 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.recordedfuture.com/exploit-kits-delivering-malware/
Redirect Chain

https://www.recordedfuture.com/exploit-kits-delivering-malware
https://www.recordedfuture.com/exploit-kits-delivering-malware/

116 KB
32 KB

815ms
815ms

Document
text/html

104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

201c69ecbe44d71302ad988e497e3537252acc7e3d102b195edf2773e2c7c7f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.recordedfuture.com
:scheme: https
:path: /exploit-kits-delivering-malware/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=dd2cac7ba2ae784b43e6f3e59be17f7561611761245
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
content-type: text/html; charset=UTF-8
cache-control: public, max-age=60
link: <https://www.recordedfuture.com/wp-json/>; rel="https://api.w.org/" <https://www.recordedfuture.com/?p=53276>; rel=shortlink
referrer-policy: strict-origin
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-pantheon-styx-hostname: styx-fe2-b-74d5f6df88-9gdlz
x-styx-req-id: 29646178-60b4-11eb-92e5-d2fceed8a73f
x-xss-protection: 1; mode=block
x-served-by: cache-mdw17376-MDW, cache-wdc5540-WDC
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1611761247.961021,VS0,VE399
vary: Accept-Encoding, Cookie, Cookie
via: 1.1 varnish, 1.1 varnish
cf-cache-status: EXPIRED
cf-request-id: 07e60df99f00000b3fc5a55000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 61837f6f6ff50b3f-AMS
content-encoding: gzip

Redirect headers

date: Wed, 27 Jan 2021 15:27:26 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=dd2cac7ba2ae784b43e6f3e59be17f7561611761245; expires=Fri, 26-Feb-21 15:27:25 GMT; path=/; domain=.recordedfuture.com; HttpOnly; SameSite=Lax; Secure
cache-control: public, max-age=60
location: https://www.recordedfuture.com/exploit-kits-delivering-malware/
referrer-policy: strict-origin
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-pantheon-styx-hostname: styx-fe2-b-74d5f6df88-9gdlz
x-redirect-by: Polylang Pro
x-styx-req-id: 2900d60a-60b4-11eb-92e5-d2fceed8a73f
x-xss-protection: 1; mode=block
x-served-by: cache-mdw17350-MDW, cache-dca17766-DCA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1611761246.306618,VS0,VE249
vary: Cookie, Cookie, Accept-Encoding
via: 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
cf-request-id: 07e60df6f600000b3f9cad5000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 61837f6b2d760b3f-AMS

GET
H2 200 materialize.css
www.recordedfuture.com/wp-content/themes/recorded-future-2019/css/ 146 KB
29 KB 33ms
28ms Stylesheet
text/css 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/css/materialize.css

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c142f741438550d5cad8e88b6b2952f8f256efda416f35e5a84dd2f6066144d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6627
x-pantheon-styx-hostname: styx-fe2-a-86b67549cd-5s222
x-cache: MISS, HIT
vary: Accept-Encoding
content-length: 29052
cf-request-id: 07e60dfd2800000b3f0cb38000000001
x-served-by: cache-mdw17359-MDW, cache-bwi5057-BWI
last-modified: Wed, 13 Jan 2021 18:33:20 GMT
server: cloudflare
x-timer: S1611754621.635983,VS0,VE1
etag: W/"5fff3cf0-2491e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
via: 1.1 varnish, 1.1 varnish
expires: Sat, 15 Jan 2022 09:46:08 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 61837f750eb90b3f-AMS
x-styx-req-id: 53fbd561-564d-11eb-8b5e-ae7424a480af
x-cache-hits: 0, 1

GET
H2 200 alternative-loader.js Show response
www.recordedfuture.com/wp-content/plugins/nelio-ab-testing/assets/dist/js/ 6 KB
3 KB 55ms
49ms Script
application/x-javascript 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/wp-content/plugins/nelio-ab-testing/assets/dist/js/alternative-loader.js?version=f41af00f7d4e4bb18264764fc7bb20e7

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9af807e6648c8beb1c42c4a15706766cc424d646f0e128ea5650050b79e8477f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6627
x-pantheon-styx-hostname: styx-fe2-b-5f59cdbc95-vrhjs
x-cache: MISS, HIT
vary: Accept-Encoding
content-length: 2453
cf-request-id: 07e60dfd2b00000b3fa985f000000001
x-served-by: cache-mdw17320-MDW, cache-dca17772-DCA
last-modified: Thu, 21 Jan 2021 17:42:41 GMT
server: cloudflare
x-timer: S1611754620.269018,VS0,VE0
etag: W/"6009bd11-1792"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Sun, 23 Jan 2022 08:02:33 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 61837f751ed20b3f-AMS
x-styx-req-id: 2e893cf7-5c88-11eb-8f39-e26dfa30139d
x-cache-hits: 0, 2

GET
H2 200 style.min.css
www.recordedfuture.com/wp-includes/css/dist/block-library/ 52 KB
10 KB 53ms
48ms Stylesheet
text/css 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/wp-includes/css/dist/block-library/style.min.css?ver=5.4.2

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6627
x-pantheon-styx-hostname: styx-fe2-a-86b67549cd-drwwb
x-cache: MISS, HIT
vary: Accept-Encoding
content-length: 9524
cf-request-id: 07e60dfd2800000b3f9a207000000001
x-served-by: cache-mdw17349-MDW, cache-bwi5035-BWI
last-modified: Mon, 28 Dec 2020 02:08:03 GMT
server: cloudflare
x-timer: S1611754620.302592,VS0,VE1
etag: W/"5fe93e03-d159"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
via: 1.1 varnish, 1.1 varnish
expires: Wed, 29 Dec 2021 08:47:27 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 61837f750ebc0b3f-AMS
x-styx-req-id: 50276865-48e9-11eb-8e6e-de706da08df1
x-cache-hits: 0, 1

GET
H2 200 blocks.style.build.css
www.recordedfuture.com/wp-content/plugins/cool-timeline-pro/gutenberg-instant-builder/dist/ 11 KB
2 KB 32ms
27ms Stylesheet
text/css 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/wp-content/plugins/cool-timeline-pro/gutenberg-instant-builder/dist/blocks.style.build.css?ver=5.4.2

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c60328c2a2fba270c2fc603e556bb6eb41d10cecac5941dfe54e0c071472cc78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6627
x-pantheon-styx-hostname: styx-fe2-a-6df6f6f65f-km7b7
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 1813
cf-request-id: 07e60dfd2900000b3fdf29d000000001
x-served-by: cache-mdw17376-MDW, cache-dca17758-DCA
last-modified: Wed, 20 Jan 2021 18:35:15 GMT
server: cloudflare
x-timer: S1611754620.269283,VS0,VE1
etag: W/"600877e3-2d20"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
via: 1.1 varnish, 1.1 varnish
expires: Sat, 22 Jan 2022 12:55:44 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 61837f750ebf0b3f-AMS
x-styx-req-id: f9597041-5be7-11eb-b395-0a101e2d07c1
x-cache-hits: 1, 1

GET
H2 200 svgs-attachment.css
www.recordedfuture.com/wp-content/plugins/svg-support/css/ 222 B
445 B 51ms
47ms Stylesheet
text/css 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/wp-content/plugins/svg-support/css/svgs-attachment.css?ver=5.4.2

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

756df835cdc3e6d51abfaa6f2cd0d48a3430e2bcc2c12566e06dc79f3ba4ff74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6627
x-pantheon-styx-hostname: styx-fe2-b-5f59cdbc95-7b7x6
x-cache: MISS, HIT
vary: Accept-Encoding
content-length: 112
cf-request-id: 07e60dfd2900000b3fd5005000000001
x-served-by: cache-mdw17383-MDW, cache-wdc5577-WDC
last-modified: Wed, 20 Jan 2021 17:53:57 GMT
server: cloudflare
x-timer: S1611754620.325281,VS0,VE1
etag: W/"60086e35-de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
via: 1.1 varnish, 1.1 varnish
expires: Sat, 22 Jan 2022 09:32:56 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 61837f750ec00b3f-AMS
x-styx-req-id: a4ef6a62-5bcb-11eb-a9e4-8ec5d045e8a3
x-cache-hits: 0, 1

GET
H2 200 dashicons.min.css
www.recordedfuture.com/wp-includes/css/ 46 KB
29 KB 39ms
35ms Stylesheet
text/css 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/wp-includes/css/dashicons.min.css?ver=5.4.2

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18aa66c192cbef43a61b1398c292ae5c6c1d40d679428ee998b1c6bfaf61d75a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6627
x-pantheon-styx-hostname: styx-fe2-b-787ccf59d-tdrfr
x-cache: MISS, HIT
vary: Accept-Encoding
content-length: 29797
cf-request-id: 07e60dfd2900000b3f9f1ce000000001
x-served-by: cache-mdw17377-MDW, cache-dca17721-DCA
last-modified: Tue, 19 Jan 2021 02:40:43 GMT
server: cloudflare
x-timer: S1611754620.276958,VS0,VE1
etag: W/"600646ab-b9c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
via: 1.1 varnish, 1.1 varnish
expires: Thu, 20 Jan 2022 11:16:23 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 61837f750ec30b3f-AMS
x-styx-req-id: c39310b5-5a47-11eb-be52-4e7a1b5dcd75
x-cache-hits: 0, 1

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 37ms
14ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C700&ver=5.4.2

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9c88bbf6795ced59fe226716a4b1221bdb548e874e2600e5eba42c35aac8e7fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 27 Jan 2021 14:15:05 GMT
server: ESF
date: Wed, 27 Jan 2021 15:27:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 27 Jan 2021 15:27:27 GMT

GET
H2 200 genericons.css
www.recordedfuture.com/wp-content/plugins/megamenu-pro/icons/genericons/genericons/ 27 KB
17 KB 48ms
44ms Stylesheet
text/css 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/wp-content/plugins/megamenu-pro/icons/genericons/genericons/genericons.css?ver=1.9

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98726f9632fa3f6359c2d118f2061241729bcfc9a98563ccb6cf87444d32bd88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6627
x-pantheon-styx-hostname: styx-fe2-a-86b67549cd-txvv9
x-cache: MISS, HIT
vary: Accept-Encoding
content-length: 16752
cf-request-id: 07e60dfd2a00000b3fb10f8000000001
x-served-by: cache-mdw17380-MDW, cache-dca17736-DCA
last-modified: Mon, 11 Jan 2021 20:41:31 GMT
server: cloudflare
x-timer: S1611754620.274021,VS0,VE1
etag: W/"5ffcb7fb-6b84"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
via: 1.1 varnish, 1.1 varnish
expires: Thu, 13 Jan 2022 09:26:31 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 61837f750ec50b3f-AMS
x-styx-req-id: 419caac8-54b8-11eb-b783-cee90cf511ec
x-cache-hits: 0, 1

GET
H2 200 font-awesome.min.css
www.recordedfuture.com/wp-content/plugins/megamenu-pro/icons/fontawesome/css/ 30 KB
8 KB 53ms
50ms Stylesheet
text/css 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/wp-content/plugins/megamenu-pro/icons/fontawesome/css/font-awesome.min.css?ver=1.9

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6627
x-pantheon-styx-hostname: styx-fe2-b-787ccf59d-bnv7w
x-cache: MISS, HIT
vary: Accept-Encoding
content-length: 7949
cf-request-id: 07e60dfd2a00000b3ffbbd0000000001
x-served-by: cache-mdw17335-MDW, cache-dca17725-DCA
last-modified: Sun, 17 Jan 2021 15:39:10 GMT
server: cloudflare
x-timer: S1611754620.323575,VS0,VE1
etag: W/"60045a1e-7918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
via: 1.1 varnish, 1.1 varnish
expires: Wed, 19 Jan 2022 13:49:09 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 61837f750ec70b3f-AMS
x-styx-req-id: f0b27af0-5993-11eb-99a7-12651cbb9a62
x-cache-hits: 0, 1

GET
H2 200 all.min.css
www.recordedfuture.com/wp-content/plugins/megamenu-pro/icons/fontawesome5/css/ 51 KB
12 KB 27ms
24ms Stylesheet
text/css 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/wp-content/plugins/megamenu-pro/icons/fontawesome5/css/all.min.css?ver=1.9

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84decc00a588d65b9c7ae58a79d11fa6eb4a1ae0330a0e78097ef88599482168

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6627
x-pantheon-styx-hostname: styx-fe2-a-86b67549cd-drwwb
x-cache: MISS, HIT
vary: Accept-Encoding
content-length: 12389
cf-request-id: 07e60dfd2a00000b3fd435a000000001
x-served-by: cache-mdw17326-MDW, cache-bwi5077-BWI
last-modified: Thu, 07 Jan 2021 15:58:15 GMT
server: cloudflare
x-timer: S1611754621.678225,VS0,VE1
etag: W/"5ff72f97-ca00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
via: 1.1 varnish, 1.1 varnish
expires: Sun, 09 Jan 2022 10:33:07 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 61837f750eca0b3f-AMS
x-styx-req-id: e5cd5d23-519c-11eb-8e6e-de706da08df1
x-cache-hits: 0, 1

GET
H2 200 style.css
www.recordedfuture.com/wp-content/themes/recorded-future-2019/ 610 KB
82 KB 53ms
51ms Stylesheet
text/css 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/style.css?ver=3.4.8

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc2c9a085383dfcf93ae2a711197cc7d4fd8526e0a55226b508045c9b7d51334

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6627
x-pantheon-styx-hostname: styx-fe2-b-74d5f6df88-t8j9v
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 83068
cf-request-id: 07e60dfd2b00000b3fa30f8000000001
x-served-by: cache-mdw17376-MDW, cache-wdc5527-WDC
last-modified: Mon, 25 Jan 2021 18:53:46 GMT
server: cloudflare
x-timer: S1611754621.634066,VS0,VE1
etag: W/"600f13ba-9871b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
via: 1.1 varnish, 1.1 varnish
expires: Wed, 26 Jan 2022 18:53:51 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 61837f750ecc0b3f-AMS
x-styx-req-id: aa091be8-5f3e-11eb-a045-02addd005e92
x-cache-hits: 1, 1

GET
H2 200 main.js Show response
www.recordedfuture.com/wp-content/plugins/nelio-ab-testing/assets/dist/js/ 20 KB
7 KB 47ms
28ms Script
application/x-javascript 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/wp-content/plugins/nelio-ab-testing/assets/dist/js/main.js?ver=8c8c61d8a6f09c115125a51a682a335b

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3deea8f0b9998aed490ae3243ef52212af53465e0b302936d7288ab407a1902b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6627
x-pantheon-styx-hostname: styx-fe2-a-6df6f6f65f-6msrp
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 7227
cf-request-id: 07e60dfdbe00000b3f99adf000000001
x-served-by: cache-mdw17347-MDW, cache-bwi5046-BWI
last-modified: Wed, 20 Jan 2021 17:53:57 GMT
server: cloudflare
x-timer: S1611754620.279256,VS0,VE1
etag: W/"60086e35-5150"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Sat, 22 Jan 2022 07:40:44 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 61837f75f8f30b3f-AMS
x-styx-req-id: f835ee55-5bbb-11eb-bdbb-fe0038e04dd7
x-cache-hits: 1, 1

GET
H2 200 jquery.js Show response
www.recordedfuture.com/wp-includes/js/jquery/ 95 KB
39 KB 64ms
61ms Script
application/x-javascript 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6627
x-pantheon-styx-hostname: styx-fe2-a-86b67549cd-5s222
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 39399
cf-request-id: 07e60dfd3600000b3fa9860000000001
x-served-by: cache-mdw17349-MDW, cache-bwi5051-BWI
last-modified: Wed, 30 Dec 2020 08:00:07 GMT
server: cloudflare
x-timer: S1611754620.284252,VS0,VE1
etag: W/"5fec3387-17a69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Sat, 01 Jan 2022 04:18:06 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 61837f752ef60b3f-AMS
x-styx-req-id: 2ea5adbb-4b1f-11eb-8b5e-ae7424a480af
x-cache-hits: 1, 1

GET
H2 200 jquery-migrate.min.js Show response
www.recordedfuture.com/wp-includes/js/jquery/ 10 KB
5 KB 44ms
25ms Script
application/x-javascript 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6627
x-pantheon-styx-hostname: styx-fe2-a-86b67549cd-m8bwl
x-cache: MISS, HIT
vary: Accept-Encoding
content-length: 4306
cf-request-id: 07e60dfdbe00000b3fb68f3000000001
x-served-by: cache-mdw17324-MDW, cache-dca17728-DCA
last-modified: Thu, 14 Jan 2021 19:41:58 GMT
server: cloudflare
x-timer: S1611754620.318118,VS0,VE1
etag: W/"60009e86-2748"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Sun, 16 Jan 2022 07:00:04 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 61837f75f8f40b3f-AMS
x-styx-req-id: 4b7708a8-56ff-11eb-9f72-a65c33fe9e05
x-cache-hits: 0, 1

GET
H2 200 rf-logo-2020-1.png
www.recordedfuture.com/wp-content/uploads/ 4 KB
4 KB 44ms
26ms Image
image/png 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.recordedfuture.com/wp-content/uploads/rf-logo-2020-1.png

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0940efb55fa2f1deb76f9261931ac680e0fc2429e1073e2bafaadc7a32bab6d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6627
x-pantheon-styx-hostname: styx-fe2-b-787ccf59d-bnv7w
x-cache: HIT, HIT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 4016
cf-request-id: 07e60dfdbe00000b3fd3bb0000000001
x-served-by: cache-mdw17366-MDW, cache-bwi5023-BWI
last-modified: Fri, 03 Jul 2020 11:31:31 GMT
server: cloudflare
x-timer: S1611754620.318184,VS0,VE1
etag: "5eff1713-fb0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: 705f037e-3cbc-11eb-8d5f-12651cbb9a62
expires: Mon, 13 Dec 2021 20:56:00 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 61837f75f8f50b3f-AMS
x-cache-hits: 1, 1

GET
H2 200 logo-primary-black-2020.svg
www.recordedfuture.com/wp-content/uploads/ 5 KB
2 KB 43ms
24ms Image
image/svg+xml 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.recordedfuture.com/wp-content/uploads/logo-primary-black-2020.svg

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40bcd63ab74f4ab4d6976033797595ea693379a4186ba951e8059d8f2b63c7a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6627
x-pantheon-styx-hostname: styx-fe2-a-6df6f6f65f-km7b7
x-cache: MISS, HIT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 1879
cf-request-id: 07e60dfdbe00000b3f150f7000000001
x-served-by: cache-mdw17332-MDW, cache-wdc5582-WDC
access-control-allow-origin: *
last-modified: Tue, 11 Aug 2020 17:58:16 GMT
server: cloudflare
x-timer: S1611754620.312248,VS0,VE1
etag: W/"5f32dc38-141a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 varnish, 1.1 varnish
expires: Sat, 22 Jan 2022 10:10:52 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 61837f75f8f60b3f-AMS
x-styx-req-id: f12c7264-5bd0-11eb-b395-0a101e2d07c1
x-cache-hits: 0, 1

GET
H2 200 menu-aws-1.png
www.recordedfuture.com/wp-content/uploads/ 7 KB
7 KB 46ms
28ms Image
image/png 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.recordedfuture.com/wp-content/uploads/menu-aws-1.png

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b44433b6d777aed38ed9359c5453bba1fb62c181f99f060b94cc58e457457d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6627
x-pantheon-styx-hostname: styx-fe2-b-787ccf59d-ntpxh
x-cache: HIT, HIT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 6793
cf-request-id: 07e60dfdbe00000b3fc2203000000001
x-served-by: cache-mdw17380-MDW, cache-dca17720-DCA
last-modified: Thu, 16 Jul 2020 14:51:53 GMT
server: cloudflare
x-timer: S1611754620.279557,VS0,VE1
etag: "5f106989-1a89"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: b3fbb5c8-5641-11eb-abf7-1a504ac55431
expires: Sat, 15 Jan 2022 08:22:55 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 61837f75f8f70b3f-AMS
x-cache-hits: 1, 1

GET
H2 200 solution-menu-2.png
www.recordedfuture.com/wp-content/uploads/ 42 KB
42 KB 44ms
26ms Image
image/png 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.recordedfuture.com/wp-content/uploads/solution-menu-2.png

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1cc82f513588a417cfb181cd5b2329432cc3b2bb9d1f056e432838a036851aed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6627
x-pantheon-styx-hostname: styx-fe2-b-787ccf59d-cp5zk
x-cache: MISS, HIT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 42837
cf-request-id: 07e60dfdbe00000b3fc5ac0000000001
x-served-by: cache-mdw17335-MDW, cache-bwi5024-BWI
last-modified: Wed, 02 Sep 2020 14:38:31 GMT
server: cloudflare
x-timer: S1611754620.320677,VS0,VE1
etag: "5f4fae67-a755"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: c4053b52-411f-11eb-8a62-d6342341302a
expires: Sun, 19 Dec 2021 10:57:05 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 61837f75f8f90b3f-AMS
x-cache-hits: 0, 1

GET
H2 200 insikt-group-logo-updated-3.png
www.recordedfuture.com/assets/ 32 KB
33 KB 58ms
41ms Image
image/png 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.recordedfuture.com/assets/insikt-group-logo-updated-3.png

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8fdd6c9e3e4037c2acc14556eaec13ae56b6812c43ffc61c667a347ce3ea3d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5415
x-pantheon-styx-hostname: styx-fe2-b-5f59cdbc95-zpmkp
x-cache: MISS, HIT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 33273
cf-request-id: 07e60dfdbe00000b3f10090000000001
x-served-by: cache-mdw17332-MDW, cache-bwi5079-BWI
last-modified: Thu, 16 Jul 2020 14:01:06 GMT
server: cloudflare
x-timer: S1611755832.028710,VS0,VE1
etag: "5f105da2-81f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: f948c6be-5bdb-11eb-9f30-2a3281bfa32e
expires: Sat, 22 Jan 2022 11:29:50 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 61837f75f8fa0b3f-AMS
x-cache-hits: 0, 1

GET
H2 200 exploit-kits-delivering-malware-1-1.png
www.recordedfuture.com/assets/ 33 KB
34 KB 492ms
475ms Image
image/png 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.recordedfuture.com/assets/exploit-kits-delivering-malware-1-1.png

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12792810e14458db7277846f29ccaa68bfd813bc1532acd6ea4ccfd0ab2fc539

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:28 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: MISS
x-pantheon-styx-hostname: styx-fe2-b-787ccf59d-ntpxh
x-cache: HIT, HIT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 34178
cf-request-id: 07e60dfdbf00000b3f1317f000000001
x-served-by: cache-mdw17325-MDW, cache-wdc5560-WDC
last-modified: Mon, 07 Dec 2020 15:48:17 GMT
server: cloudflare
x-timer: S1611761248.000673,VS0,VE1
etag: "5fce4ec1-8582"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: 4437d916-4052-11eb-a295-1a504ac55431
expires: Sat, 18 Dec 2021 10:26:04 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 61837f75f8fc0b3f-AMS
x-cache-hits: 1, 1

GET
H2 200 exploit-kits-delivering-malware-2-1.png
www.recordedfuture.com/assets/ 131 KB
131 KB 722ms
705ms Image
image/png 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.recordedfuture.com/assets/exploit-kits-delivering-malware-2-1.png

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c673975b162d9f1e9568bf7ce27dc1fb7c3c81f055c052c230a5b7586f873fd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:28 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: MISS
x-pantheon-styx-hostname: styx-fe2-a-86b67549cd-m8bwl
x-cache: MISS, HIT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 134185
cf-request-id: 07e60dfdbf00000b3fea17c000000001
x-served-by: cache-mdw17345-MDW, cache-bwi5046-BWI
last-modified: Mon, 07 Dec 2020 15:49:43 GMT
server: cloudflare
x-timer: S1611761248.030560,VS0,VE14
etag: "5fce4f17-20c29"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: 665b618f-568a-11eb-9f72-a65c33fe9e05
expires: Sat, 15 Jan 2022 17:03:18 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 61837f75f8fd0b3f-AMS
x-cache-hits: 0, 1

GET
H2 200 exploit-kits-delivering-malware-3-1.png
www.recordedfuture.com/assets/ 516 KB
517 KB 564ms
547ms Image
image/png 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.recordedfuture.com/assets/exploit-kits-delivering-malware-3-1.png

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

268ebac37d419d809ed9f19112da4f3a60c24710e849fa5c13499813e2bf2a9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:28 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: MISS
x-pantheon-styx-hostname: styx-fe2-a-6df6f6f65f-6msrp
x-cache: HIT, HIT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 528179
cf-request-id: 07e60dfdbf00000b3f9ba3b000000001
x-served-by: cache-mdw17349-MDW, cache-bwi5053-BWI
last-modified: Mon, 07 Dec 2020 15:54:51 GMT
server: cloudflare
x-timer: S1611761248.986979,VS0,VE1
etag: "5fce504b-80f33"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: 08e7881f-5bdd-11eb-bdbb-fe0038e04dd7
expires: Sat, 22 Jan 2022 11:37:26 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 61837f75f8fe0b3f-AMS
x-cache-hits: 1, 1

GET
H2 200 exploit-kits-delivering-malware-4-1.png
www.recordedfuture.com/assets/ 435 KB
436 KB 579ms
562ms Image
image/png 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.recordedfuture.com/assets/exploit-kits-delivering-malware-4-1.png

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be71c62688db7e5151d1761c79dcd53d442217130b8c0055879391368affa7f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:28 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-pantheon-styx-hostname: styx-fe2-b-74d5f6df88-9gdlz
x-cache: MISS, HIT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 445638
cf-request-id: 07e60dfdbf00000b3feaae1000000001
x-served-by: cache-mdw17347-MDW, cache-dca17741-DCA
last-modified: Mon, 07 Dec 2020 15:56:26 GMT
server: cloudflare
x-timer: S1611761248.003311,VS0,VE1
etag: "5fce50aa-6ccc6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: ab96a522-5f6c-11eb-92e5-d2fceed8a73f
expires: Thu, 27 Jan 2022 00:23:10 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 61837f75f9010b3f-AMS
x-cache-hits: 0, 1

GET
H2 200 exploit-kits-delivering-malware-5-1.png
www.recordedfuture.com/assets/ 3 MB
3 MB 572ms
555ms Image
image/png 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.recordedfuture.com/assets/exploit-kits-delivering-malware-5-1.png

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0cba98ac99011f651af26cfd923aaa2e6da848c56a3578eb7a8c3d06d42ec12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:28 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: MISS
x-pantheon-styx-hostname: styx-fe2-a-56484546b4-6qt8p
x-cache: MISS, HIT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 2950661
cf-request-id: 07e60dfdc000000b3f9f1dd000000001
x-served-by: cache-mdw17349-MDW, cache-dca17763-DCA
last-modified: Mon, 07 Dec 2020 16:00:24 GMT
server: cloudflare
x-timer: S1611761248.983790,VS0,VE7
etag: "5fce5198-2d0605"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: 53076090-5f2c-11eb-878d-9255484cb499
expires: Wed, 26 Jan 2022 16:42:34 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 61837f75f9020b3f-AMS
x-cache-hits: 0, 1

GET
H2 200 exploit-kits-delivering-malware-6-1.png
www.recordedfuture.com/assets/ 377 KB
378 KB 611ms
595ms Image
image/png 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.recordedfuture.com/assets/exploit-kits-delivering-malware-6-1.png

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0857d4f4f1bcb1b6ab880dd88a7c90775ad99bcd6a3cbdda5f0c47910d784d4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:28 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: MISS
x-pantheon-styx-hostname: styx-fe2-a-56484546b4-8bxbv
x-cache: MISS, HIT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 385969
cf-request-id: 07e60dfdbf00000b3ff195e000000001
x-served-by: cache-mdw17342-MDW, cache-dca17749-DCA
last-modified: Mon, 07 Dec 2020 16:01:33 GMT
server: cloudflare
x-timer: S1611761248.016506,VS0,VE3
etag: "5fce51dd-5e3b1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: 53012d58-5f2c-11eb-9271-7ed61188a04a
expires: Wed, 26 Jan 2022 16:42:34 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 61837f75f9040b3f-AMS
x-cache-hits: 0, 1

GET
H2 200 exploit-kits-delivering-malware-7-1.png
www.recordedfuture.com/assets/ 2 MB
2 MB 613ms
597ms Image
image/png 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.recordedfuture.com/assets/exploit-kits-delivering-malware-7-1.png

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb56f5fd1a0b7de8b7344bcaaf0e5c88001ebbf9c89ab9f8f27fced8ddd88b08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:28 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-pantheon-styx-hostname: styx-fe2-a-56484546b4-2l2xx
x-cache: MISS, HIT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 2014535
cf-request-id: 07e60dfdbf00000b3fc8a56000000001
x-served-by: cache-mdw17333-MDW, cache-dca17744-DCA
last-modified: Mon, 07 Dec 2020 16:03:17 GMT
server: cloudflare
x-timer: S1611761248.017530,VS0,VE6
etag: "5fce5245-1ebd47"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: aba6cd50-5f6c-11eb-a751-927f9512d15d
expires: Thu, 27 Jan 2022 00:23:10 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 61837f75f9050b3f-AMS
x-cache-hits: 0, 1

GET
H2 200 exploit-kits-delivering-malware-8-1.png
www.recordedfuture.com/assets/ 185 KB
186 KB 657ms
641ms Image
image/png 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.recordedfuture.com/assets/exploit-kits-delivering-malware-8-1.png

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42dba42246ff1f5d2b17408a00d7c3dd5b0a959571256bfa4306534103d8b0e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:28 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: MISS
x-pantheon-styx-hostname: styx-fe2-b-787ccf59d-ntpxh
x-cache: HIT, HIT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 189518
cf-request-id: 07e60dfdbf00000b3f9a217000000001
x-served-by: cache-mdw17340-MDW, cache-dca17754-DCA
last-modified: Mon, 07 Dec 2020 16:04:27 GMT
server: cloudflare
x-timer: S1611761248.998399,VS0,VE2
etag: "5fce528b-2e44e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: df3cde1b-5686-11eb-abf7-1a504ac55431
expires: Sat, 15 Jan 2022 16:38:03 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 61837f75f9070b3f-AMS
x-cache-hits: 1, 1

GET
H2 200 exploit-kits-delivering-malware-9-1.png
www.recordedfuture.com/assets/ 665 KB
666 KB 557ms
542ms Image
image/png 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.recordedfuture.com/assets/exploit-kits-delivering-malware-9-1.png

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

913dc724415e29cf3bac745a67ee897c6c2d7645c0a9be1005977d5469fe8a7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:28 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-pantheon-styx-hostname: styx-fe2-a-6df6f6f65f-5hmms
x-cache: MISS, HIT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 681370
cf-request-id: 07e60dfdc000000b3fa3106000000001
x-served-by: cache-mdw17335-MDW, cache-dca17748-DCA
last-modified: Mon, 07 Dec 2020 16:06:32 GMT
server: cloudflare
x-timer: S1611761248.983668,VS0,VE2
etag: "5fce5308-a659a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: 09c4fd16-5bdd-11eb-9348-b6ef31d06f34
expires: Sat, 22 Jan 2022 11:37:27 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 61837f75f9080b3f-AMS
x-cache-hits: 0, 1

GET
H2 200 exploit-kits-delivering-malware-10-1.png
www.recordedfuture.com/assets/ 144 KB
144 KB 698ms
683ms Image
image/png 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.recordedfuture.com/assets/exploit-kits-delivering-malware-10-1.png

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a63faa208abb098d974347fa268d9022656e07323f10f590c3fc4b7072e9cd2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:28 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: MISS
x-pantheon-styx-hostname: styx-fe2-b-787ccf59d-ntpxh
x-cache: MISS, HIT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 147240
cf-request-id: 07e60dfdc000000b3fc4a4e000000001
x-served-by: cache-mdw17333-MDW, cache-bwi5031-BWI
last-modified: Mon, 07 Dec 2020 16:07:54 GMT
server: cloudflare
x-timer: S1611761248.021398,VS0,VE1
etag: "5fce535a-23f28"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: 76220dbd-566b-11eb-abf7-1a504ac55431
expires: Sat, 15 Jan 2022 13:21:50 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 61837f75f9090b3f-AMS
x-cache-hits: 0, 1

GET
H2 200 exploit-kits-delivering-malware-11-1.png
www.recordedfuture.com/assets/ 231 KB
232 KB 619ms
604ms Image
image/png 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.recordedfuture.com/assets/exploit-kits-delivering-malware-11-1.png

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17e4bd740eb53089e4a6e949ee7d889cb020e9757a40177a122b25505e6c5e2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:28 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: MISS
x-pantheon-styx-hostname: styx-fe2-a-56484546b4-2l2xx
x-cache: HIT, HIT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 236542
cf-request-id: 07e60dfdc000000b3ff7304000000001
x-served-by: cache-mdw17340-MDW, cache-bwi5053-BWI
last-modified: Mon, 07 Dec 2020 16:10:37 GMT
server: cloudflare
x-timer: S1611761248.021797,VS0,VE1
etag: "5fce53fd-39bfe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: 0f5ce323-6008-11eb-a751-927f9512d15d
expires: Thu, 27 Jan 2022 18:55:29 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 61837f76090a0b3f-AMS
x-cache-hits: 1, 1

GET
H2 200 9210833d-34a7-4597-ade0-03e16dcbc24c.png
no-cache.hubspot.com/cta/default/252628/ 125 KB
126 KB 166ms
135ms Image
image/png 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://no-cache.hubspot.com/cta/default/252628/9210833d-34a7-4597-ade0-03e16dcbc24c.png

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55e013cc5b51558d5da65677f12067d523a200d8e29243284131733340adeecd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-request-id: 5293E82794CE98B2
x-amz-server-side-encryption: AES256
content-length: 127944
x-amz-id-2: 5ummUUvoHgs9uY/IUAbzTX5+LrCEEhuOYA8mz7Yd9rkO4moGds6Mnsbj2cefQsUwHi2409wa2Jw=
last-modified: Mon, 25 Jan 2021 18:45:34 GMT
server: cloudflare
etag: "0ae031cf99ef403dce134c7251b68ccb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ixrCdUileQaobqBIgTXrhGRggPJfy%2FWF0fvpWvwnsppNvi3ltDBGfMdJGu%2B%2FtBS%2F49DIPb%2FjvIhSOS6klQ52s%2BNbG8iv5gc9w9U9D8LpxBgy5RFcgCD%2BiVHlP%2B63R%2F3FeA%3D%3D"}]}
content-type: image/png
cache-control: no-cache, no-store
cf-request-id: 07e60dfdc6000005fdad8af000000001
accept-ranges: bytes
cf-ray: 61837f7609ef05fd-FRA

GET
H2 200 email-decode.min.js Show response
www.recordedfuture.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
851 B 22ms
21ms Script
application/javascript 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 25 Jan 2021 17:22:41 GMT
server: cloudflare
etag: W/"600efe61-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
strict-transport-security: max-age=31536000; includeSubDomains
cf-ray: 61837f75a81d0b3f-AMS
vary: Accept-Encoding
cf-request-id: 07e60dfd8b00000b3f1008b000000001
expires: Fri, 29 Jan 2021 15:27:27 GMT

GET
H2 200 current.js Show response
js.hscta.net/cta/ 9 KB
4 KB 60ms
30ms Script
application/javascript 2606:4700::6811:ddcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hscta.net/cta/current.js

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:ddcc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d537c73a183af229ef7622aff821e6989b2af4aec2ec5c94b0feb880ccf9ff43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
via: 1.1 c35f767218cbd1125d801b52fa785c8d.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
age: 530
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=cta-embed-js/static-1.13/bundles/current.js&cfRay=618372859e3e0614-IAD
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
cf-request-id: 07e60dfdb5000024886880a000000001
last-modified: Thu, 17 Dec 2020 10:02:59 UTC
server: cloudflare
etag: W/"e2b6ea57f1792d2ac9d3d00f2e4a08a0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-version-id: f35WRlnM5g3wg9pH.9BpK5UaA_5BzvJ_
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-C3
cf-ray: 61837f75ea852488-FRA
x-amz-cf-id: tmJ6uiQtRQ8rui8w9gK6FhK87ak-ScuzpG3ni_rUPITfVMUe_qaA7Q==

GET
H2 200 a7fb8b5c-b14d-4030-a76d-26dbc96ab43b.png
no-cache.hubspot.com/cta/default/252628/ 36 KB
36 KB 208ms
177ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://no-cache.hubspot.com/cta/default/252628/a7fb8b5c-b14d-4030-a76d-26dbc96ab43b.png

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c13ac28c11e551e0f2a5a75cde96400e92cec10f23e4c08b42e45ee694532b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-request-id: 2DB54F9AA9A3B00A
x-amz-server-side-encryption: AES256
content-length: 36409
x-amz-id-2: FZhFrwEl7kdoVjtB2BPWNJ1WHq6lEqdY32Glv0JJkWNJbG7+qRJ79CCeTDJuAEI4A8605tsyNBA=
last-modified: Tue, 19 Jan 2021 20:10:54 GMT
server: cloudflare
etag: "97e3ee11b243e4cc44d569cb4bfc06f2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CvYULe%2F3W3ohhskLr7bVifMLHJMgxuwzwU7I7MPR%2BDpZrLptz9mNUkdYR9Ly%2B%2B5qJvZBRGEJWNLW%2F6skzuxKeyNvjZ1eBLZtOmOvIkMbIdLftL8n9uJ4KUEqC6oIWsVj1w%3D%3D"}]}
content-type: image/gif
cache-control: no-cache, no-store
cf-request-id: 07e60dfdc7000005fdf3198000000001
accept-ranges: bytes
cf-ray: 61837f7609f605fd-FRA

GET
H2 200 opportunism-behind-cyberattacks-during-pandemic-list.jpg
www.recordedfuture.com/wp-content/uploads/ 395 KB
396 KB 92ms
77ms Image
image/jpeg 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.recordedfuture.com/wp-content/uploads/opportunism-behind-cyberattacks-during-pandemic-list.jpg

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8dc3a64dfe1f4987255d6091e5ecdd676796677818b52335637fdf7aad592b27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5415
x-pantheon-styx-hostname: styx-fe2-a-6df6f6f65f-k4xc2
x-cache: HIT, HIT
cf-bgj: h2pri
content-length: 404612
cf-request-id: 07e60dfdc000000b3fec2a5000000001
x-served-by: cache-mdw17343-MDW, cache-bwi5057-BWI
last-modified: Fri, 22 Jan 2021 14:05:29 GMT
server: cloudflare
x-timer: S1611755833.651179,VS0,VE1
etag: "600adba9-62c84"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/jpeg
x-styx-req-id: 92d08d06-5cc2-11eb-9927-22ca5cf8f54a
expires: Sun, 23 Jan 2022 15:00:32 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 61837f76090b0b3f-AMS
x-cache-hits: 1, 1

GET
H2 200 unemployment-fraud-in-criminal-underground-list.jpg
www.recordedfuture.com/wp-content/uploads/ 363 KB
364 KB 80ms
65ms Image
image/jpeg 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.recordedfuture.com/wp-content/uploads/unemployment-fraud-in-criminal-underground-list.jpg

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

995e86d44aea36569709e1892a20daec975c7f7fb4378739f58eb47bb3d06614

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5415
x-pantheon-styx-hostname: styx-fe2-b-787ccf59d-tdrfr
x-cache: HIT, HIT
cf-bgj: h2pri
content-length: 372132
cf-request-id: 07e60dfdcb00000b3f13180000000001
x-served-by: cache-mdw17382-MDW, cache-bwi5041-BWI
last-modified: Thu, 14 Jan 2021 14:44:59 GMT
server: cloudflare
x-timer: S1611755833.654870,VS0,VE1
etag: "600058eb-5ada4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/jpeg
x-styx-req-id: 3de8f7fe-5679-11eb-be52-4e7a1b5dcd75
expires: Sat, 15 Jan 2022 15:00:29 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 61837f76192b0b3f-AMS
x-cache-hits: 1, 1

GET
H2 200 bulletproof-hosting-services-list.jpg
www.recordedfuture.com/wp-content/uploads/ 353 KB
354 KB 54ms
40ms Image
image/jpeg 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.recordedfuture.com/wp-content/uploads/bulletproof-hosting-services-list.jpg

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b47f5c4a5a1d3ed16ae84c3563754421939efc12de5d414e7f1fdabdc6429fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5415
x-pantheon-styx-hostname: styx-fe2-b-787ccf59d-cp5zk
x-cache: HIT, HIT
cf-bgj: h2pri
content-length: 361818
cf-request-id: 07e60dfdcb00000b3fd4368000000001
x-served-by: cache-mdw17352-MDW, cache-wdc5557-WDC
last-modified: Tue, 12 Jan 2021 14:17:18 GMT
server: cloudflare
x-timer: S1611755833.636427,VS0,VE3
etag: "5ffdaf6e-5855a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/jpeg
x-styx-req-id: f547f83f-54e6-11eb-b49b-d6342341302a
expires: Thu, 13 Jan 2022 15:00:49 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 61837f7619300b3f-AMS
x-cache-hits: 1, 1

GET
H2 200 footer-logo.png
www.recordedfuture.com/wp-content/themes/recorded-future-2019/img/ 16 KB
16 KB 54ms
40ms Image
image/png 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/img/footer-logo.png

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f972353442840a191a5f341fb188f1afd3521ee2df82f4244a5f8baff94ed6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6627
x-pantheon-styx-hostname: styx-fe2-b-787ccf59d-ntpxh
x-cache: HIT, HIT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 16089
cf-request-id: 07e60dfdcb00000b3f9a218000000001
x-served-by: cache-mdw17334-MDW, cache-bwi5046-BWI
last-modified: Thu, 07 Jan 2021 15:58:41 GMT
server: cloudflare
x-timer: S1611754621.662641,VS0,VE1
etag: "5ff72fb1-3ed9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: b9d7cbb4-5193-11eb-abf7-1a504ac55431
expires: Sun, 09 Jan 2022 09:27:28 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 61837f7619320b3f-AMS
x-cache-hits: 1, 1

GET
H2 200 rf-logo-square-white-1.png
www.recordedfuture.com/wp-content/themes/recorded-future-2019/img/ 2 KB
3 KB 56ms
42ms Image
image/png 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/img/rf-logo-square-white-1.png

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a17254417c7cf571e6b249cceea19081e5e2c079bfe78830375a5ecee085ccd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6627
x-pantheon-styx-hostname: styx-fe2-a-86b67549cd-drwwb
x-cache: HIT, HIT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 2461
cf-request-id: 07e60dfdcb00000b3ffc074000000001
x-served-by: cache-mdw17346-MDW, cache-bwi5071-BWI
last-modified: Mon, 11 Jan 2021 20:42:11 GMT
server: cloudflare
x-timer: S1611754621.674503,VS0,VE1
etag: "5ffcb823-99d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: 1e0e3ea3-54dc-11eb-8e6e-de706da08df1
expires: Thu, 13 Jan 2022 13:43:13 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 61837f7619360b3f-AMS
x-cache-hits: 1, 1

GET
H2 404 twitterfeed.js
www.recordedfuture.com/wp-content/themes/recorded-future-2019/framework-customizations/extensions/shortcodes/shortcodes/twitterfeed/static/js/ 0
0 77ms
63ms Script
text/html 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/framework-customizations/extensions/shortcodes/shortcodes/twitterfeed/static/js/twitterfeed.js?ver=4.5.4

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 64
x-pantheon-styx-hostname: styx-fe2-b-74d5f6df88-t8j9v
x-cache: HIT, MISS
content-encoding: gzip
vary: Accept-Encoding, Cookie, Cookie
x-xss-protection: 1; mode=block
x-served-by: cache-mdw17344-MDW, cache-bwi5071-BWI
referrer-policy: strict-origin
server: cloudflare
x-timer: S1611761183.376742,VS0,VE20
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html; charset=UTF-8
x-styx-req-id: defd7982-60b3-11eb-a045-02addd005e92
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: public, max-age=60
cf-request-id: 07e60dfdcc00000b3fac23f000000001
cf-ray: 61837f76193a0b3f-AMS
link: <https://www.recordedfuture.com/wp-json/>; rel="https://api.w.org/"
x-cache-hits: 1, 0

GET
H2 200 qppr_frontend_script.min.js Show response
www.recordedfuture.com/wp-content/plugins/quick-pagepost-redirect-plugin/js/ 2 KB
882 B 76ms
62ms Script
application/x-javascript 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/wp-content/plugins/quick-pagepost-redirect-plugin/js/qppr_frontend_script.min.js?ver=5.1.9

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3fc2845d22c09928ba9dae73f657a21ede05bed89a42efafe1028bcbe4ee499b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6627
x-pantheon-styx-hostname: styx-fe2-a-6df6f6f65f-km7b7
x-cache: MISS, HIT
vary: Accept-Encoding
content-length: 568
cf-request-id: 07e60dfdcc00000b3fd9ba3000000001
x-served-by: cache-mdw17375-MDW, cache-bwi5083-BWI
last-modified: Wed, 20 Jan 2021 18:35:16 GMT
server: cloudflare
x-timer: S1611754620.338211,VS0,VE1
etag: W/"600877e4-636"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Sat, 22 Jan 2022 08:56:56 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 61837f76193c0b3f-AMS
x-styx-req-id: 9d2509f1-5bc6-11eb-b395-0a101e2d07c1
x-cache-hits: 0, 1

GET
H2 200 jquery.rwdImageMaps.min.js Show response
www.recordedfuture.com/wp-content/plugins/responsive-image-maps/ 1 KB
993 B 55ms
42ms Script
application/x-javascript 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/wp-content/plugins/responsive-image-maps/jquery.rwdImageMaps.min.js?ver=1.5

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed839d9fae4a8e722e9c408c2716a6f1eb789b99ef16722cd39ff4965749d8fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6627
x-pantheon-styx-hostname: styx-fe2-b-787ccf59d-tdrfr
x-cache: MISS, HIT
vary: Accept-Encoding
content-length: 661
cf-request-id: 07e60dfdcc00000b3fa5a03000000001
x-served-by: cache-mdw17370-MDW, cache-dca17742-DCA
last-modified: Mon, 11 Jan 2021 20:41:32 GMT
server: cloudflare
x-timer: S1611754620.318348,VS0,VE1
etag: W/"5ffcb7fc-45a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Thu, 13 Jan 2022 12:32:01 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 61837f76193d0b3f-AMS
x-styx-req-id: 2b55f3a1-54d2-11eb-be52-4e7a1b5dcd75
x-cache-hits: 0, 1

GET
H2

200

aos.js Show response
unpkg.com/aos@2.3.1/dist/
Redirect Chain

https://unpkg.com/aos@2.3.1/dist/aos.js?ver=3.4.8
https://unpkg.com/aos@2.3.1/dist/aos.js

14 KB
4 KB

81ms
81ms

Script
application/javascript

2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/aos@2.3.1/dist/aos.js

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f268612ba59ead1b24353bb77d66783bcc435aff1c22be5f93c40bac3869968e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2806194
vary: Accept-Encoding
cf-request-id: 07e60dfe8f00004ac210889000000001
last-modified: Thu, 17 May 2018 22:11:13 GMT
server: cloudflare
etag: W/"379f-cNv9OKDx/DsafZ+tq1h4ZITDTxc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: d53a08a59621050916040c4849fe0278
cache-control: public, max-age=31536000
cf-ray: 61837f7749d14ac2-FRA

Redirect headers

date: Wed, 27 Jan 2021 15:27:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
age: 64
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /aos@2.3.1/dist/aos.js
x-cloud-trace-context: b074155950eabf7d9d160564cb516802
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 61837f761cf24ac2-FRA
access-control-allow-origin: *
content-length: 44
cf-request-id: 07e60dfdcc00004ac2e21b0000000001

GET
H2 200 materialize.min.js Show response
www.recordedfuture.com/wp-content/themes/recorded-future-2019/js/ 217 KB
61 KB 62ms
49ms Script
application/x-javascript 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/js/materialize.min.js?ver=3.4.8

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9576157078dda9a522dad222249eeec6e639a856351b9f09451163cec1828ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6627
x-pantheon-styx-hostname: styx-fe2-b-74d5f6df88-4wjcp
x-cache: MISS, HIT
vary: Accept-Encoding
content-length: 61953
cf-request-id: 07e60dfdcc00000b3fb9201000000001
x-served-by: cache-mdw17328-MDW, cache-dca17725-DCA
last-modified: Mon, 25 Jan 2021 18:53:44 GMT
server: cloudflare
x-timer: S1611754621.649138,VS0,VE1
etag: W/"600f13b8-36305"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Wed, 26 Jan 2022 18:53:51 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 61837f76193e0b3f-AMS
x-styx-req-id: aa8914c9-5f3e-11eb-95d9-8e98221a8e68
x-cache-hits: 0, 1

GET
H2 200 isotope.pkgd.js Show response
www.recordedfuture.com/wp-content/themes/recorded-future-2019/js/ 89 KB
27 KB 55ms
42ms Script
application/x-javascript 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/js/isotope.pkgd.js?ver=3.4.8

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

699713f69dbd2387b7c3b57204bcdc3d86d3ac350718a7ad65a5293e0d2c53eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6627
x-pantheon-styx-hostname: styx-fe2-b-74d5f6df88-t8j9v
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 27654
cf-request-id: 07e60dfdcd00000b3fa9870000000001
x-served-by: cache-mdw17383-MDW, cache-dca17736-DCA
last-modified: Mon, 25 Jan 2021 18:53:42 GMT
server: cloudflare
x-timer: S1611754621.675304,VS0,VE1
etag: W/"600f13b6-16506"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Wed, 26 Jan 2022 18:53:52 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 61837f76193f0b3f-AMS
x-styx-req-id: aadae449-5f3e-11eb-a045-02addd005e92
x-cache-hits: 1, 1

GET
H2 200 navigation.js Show response
www.recordedfuture.com/wp-content/themes/recorded-future-2019/js/ 3 KB
1 KB 65ms
53ms Script
application/x-javascript 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/js/navigation.js?ver=3.4.8

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fbc199bf7f97061c41664b040e84616a0cb54441a2efc5801d5d401d3a049f3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6627
x-pantheon-styx-hostname: styx-fe2-b-74d5f6df88-t8j9v
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 1179
cf-request-id: 07e60dfdcd00000b3fc2204000000001
x-served-by: cache-mdw17382-MDW, cache-dca17727-DCA
last-modified: Mon, 25 Jan 2021 18:53:40 GMT
server: cloudflare
x-timer: S1611754621.677104,VS0,VE1
etag: W/"600f13b4-b97"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Wed, 26 Jan 2022 18:53:52 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 61837f7619400b3f-AMS
x-styx-req-id: ab0a46f0-5f3e-11eb-a045-02addd005e92
x-cache-hits: 1, 1

GET
H2 200 skip-link-focus-fix.js Show response
www.recordedfuture.com/wp-content/themes/recorded-future-2019/js/ 685 B
641 B 65ms
53ms Script
application/x-javascript 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/js/skip-link-focus-fix.js?ver=3.4.8

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14af47320898bd93f367026f7833c9956f14e24856976e4f9e10be31155cdcf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6627
x-pantheon-styx-hostname: styx-fe2-b-74d5f6df88-ggkp7
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 426
cf-request-id: 07e60dfdcd00000b3fd5014000000001
x-served-by: cache-mdw17370-MDW, cache-dca17739-DCA
last-modified: Mon, 25 Jan 2021 18:53:40 GMT
server: cloudflare
x-timer: S1611754621.691524,VS0,VE1
etag: W/"600f13b4-2ad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Wed, 26 Jan 2022 18:53:52 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 61837f7619420b3f-AMS
x-styx-req-id: ab1ea040-5f3e-11eb-98fa-0a5b6f840f34
x-cache-hits: 1, 1

GET
H2 200 util.min.js Show response
www.recordedfuture.com/wp-content/themes/recorded-future-2019/js/ 3 KB
2 KB 61ms
49ms Script
application/x-javascript 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/js/util.min.js?ver=3.4.8

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

773a8f6755c75e51461fb4809413075f96342df2696625580b407967292d915c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6627
x-pantheon-styx-hostname: styx-fe2-a-56484546b4-6qt8p
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 1302
cf-request-id: 07e60dfdcd00000b3fc5ac2000000001
x-served-by: cache-mdw17361-MDW, cache-dca17723-DCA
last-modified: Mon, 25 Jan 2021 18:53:42 GMT
server: cloudflare
x-timer: S1611754621.649197,VS0,VE1
etag: W/"600f13b6-d48"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Wed, 26 Jan 2022 18:53:52 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 61837f7619430b3f-AMS
x-styx-req-id: ab31ec42-5f3e-11eb-878d-9255484cb499
x-cache-hits: 1, 1

GET
H2 200 swipe-content.min.js Show response
www.recordedfuture.com/wp-content/themes/recorded-future-2019/js/ 3 KB
1 KB 82ms
70ms Script
application/x-javascript 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/js/swipe-content.min.js?ver=3.4.8

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8207ade6f639887a7838b2903d39de1b3d21a327b031310555676d120e068b47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6627
x-pantheon-styx-hostname: styx-fe2-a-56484546b4-8bxbv
x-cache: MISS, HIT
vary: Accept-Encoding
content-length: 912
cf-request-id: 07e60dfdcd00000b3fe7869000000001
x-served-by: cache-mdw17374-MDW, cache-bwi5046-BWI
last-modified: Mon, 25 Jan 2021 18:53:44 GMT
server: cloudflare
x-timer: S1611754621.690210,VS0,VE0
etag: W/"600f13b8-c29"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Wed, 26 Jan 2022 18:53:53 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 61837f7619440b3f-AMS
x-styx-req-id: ab3416d0-5f3e-11eb-9271-7ed61188a04a
x-cache-hits: 0, 2

GET
H2 200 nodelist-foreach-polyfill.js Show response
www.recordedfuture.com/wp-content/themes/recorded-future-2019/js/ 242 B
406 B 60ms
48ms Script
application/x-javascript 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/js/nodelist-foreach-polyfill.js?ver=3.4.8

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70c9b373b81d6e43a3479f52231ac50d2691fd9232042514159be5866a65e40f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6627
x-pantheon-styx-hostname: styx-fe2-a-56484546b4-4h6gg
x-cache: MISS, HIT
vary: Accept-Encoding
content-length: 174
cf-request-id: 07e60dfdce00000b3fd3bb3000000001
x-served-by: cache-mdw17365-MDW, cache-bwi5023-BWI
last-modified: Mon, 25 Jan 2021 18:53:44 GMT
server: cloudflare
x-timer: S1611754621.656304,VS0,VE0
etag: W/"600f13b8-f2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Wed, 26 Jan 2022 18:53:53 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 61837f7619450b3f-AMS
x-styx-req-id: ab34e42d-5f3e-11eb-a24c-2a90d9847436
x-cache-hits: 0, 2

GET
H2 200 smoothscroll.js Show response
www.recordedfuture.com/wp-content/themes/recorded-future-2019/js/ 11 KB
4 KB 73ms
61ms Script
application/x-javascript 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/js/smoothscroll.js?ver=3.4.8

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83e7b0edd83ba89635382f425dfdfd4e2dc0f4c43a059c41dce98cdb1048ab86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6627
x-pantheon-styx-hostname: styx-fe2-a-56484546b4-6qt8p
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 3373
cf-request-id: 07e60dfdce00000b3fcc996000000001
x-served-by: cache-mdw17327-MDW, cache-dca17735-DCA
last-modified: Mon, 25 Jan 2021 18:53:40 GMT
server: cloudflare
x-timer: S1611754621.638169,VS0,VE1
etag: W/"600f13b4-2c9b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Wed, 26 Jan 2022 18:53:52 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 61837f7619460b3f-AMS
x-styx-req-id: ab34d2d4-5f3e-11eb-878d-9255484cb499
x-cache-hits: 1, 1

GET
H2 200 slick.min.js Show response
www.recordedfuture.com/wp-content/themes/recorded-future-2019/js/ 50 KB
14 KB 59ms
48ms Script
application/x-javascript 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/js/slick.min.js?ver=3.4.8

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec3873a49c77ec8a26f8c7a6f60eff1c0a7884459b5f8d2fcef28ef0ce271792

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6627
x-pantheon-styx-hostname: styx-fe2-b-74d5f6df88-t8j9v
x-cache: MISS, HIT
vary: Accept-Encoding
content-length: 14024
cf-request-id: 07e60dfdce00000b3fec2a6000000001
x-served-by: cache-mdw17365-MDW, cache-dca17731-DCA
last-modified: Mon, 25 Jan 2021 18:53:44 GMT
server: cloudflare
x-timer: S1611754621.681415,VS0,VE0
etag: W/"600f13b8-c676"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Wed, 26 Jan 2022 18:53:53 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 61837f7619480b3f-AMS
x-styx-req-id: ab37e3ad-5f3e-11eb-a045-02addd005e92
x-cache-hits: 0, 2

GET
H2 200 jquery.matchHeight.min.js Show response
www.recordedfuture.com/wp-content/themes/recorded-future-2019/js/ 5 KB
2 KB 72ms
61ms Script
application/x-javascript 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/js/jquery.matchHeight.min.js?ver=3.4.8

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

271bc594ffc1d972db7f089f567b29b1174183bcd46c672eb7775226a404a027

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6627
x-pantheon-styx-hostname: styx-fe2-b-74d5f6df88-t8j9v
x-cache: MISS, HIT
vary: Accept-Encoding
content-length: 1694
cf-request-id: 07e60dfdce00000b3fe81c0000000001
x-served-by: cache-mdw17368-MDW, cache-dca17738-DCA
last-modified: Mon, 25 Jan 2021 18:53:42 GMT
server: cloudflare
x-timer: S1611754621.648307,VS0,VE1
etag: W/"600f13b6-12b5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Wed, 26 Jan 2022 18:53:52 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 61837f76194a0b3f-AMS
x-styx-req-id: ab35711b-5f3e-11eb-a045-02addd005e92
x-cache-hits: 0, 1

GET
H2 200 jquery.tabslet.min.js Show response
www.recordedfuture.com/wp-content/themes/recorded-future-2019/js/ 3 KB
2 KB 84ms
74ms Script
application/x-javascript 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/js/jquery.tabslet.min.js?ver=3.4.8

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5238692ecf23970cbc3bad3899f5ad4913886cd16f0883d22fda406b3324a253

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6627
x-pantheon-styx-hostname: styx-fe2-a-56484546b4-6qt8p
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 1305
cf-request-id: 07e60dfdce00000b3f988be000000001
x-served-by: cache-mdw17378-MDW, cache-wdc5544-WDC
last-modified: Mon, 25 Jan 2021 18:53:44 GMT
server: cloudflare
x-timer: S1611754621.683616,VS0,VE1
etag: W/"600f13b8-ceb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Wed, 26 Jan 2022 18:53:53 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 61837f76194c0b3f-AMS
x-styx-req-id: ab36e2ef-5f3e-11eb-878d-9255484cb499
x-cache-hits: 1, 1

GET
H2 200 vendor.js Show response
www.recordedfuture.com/wp-content/themes/recorded-future-2019/js/ 101 KB
26 KB 73ms
63ms Script
application/x-javascript 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/js/vendor.js?ver=3.4.8

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

692f218144b18d4f2c28c9d8d69385106263fb3239fd0ae2b42680202941ba0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6627
x-pantheon-styx-hostname: styx-fe2-b-74d5f6df88-7g26t
x-cache: MISS, HIT
vary: Accept-Encoding
content-length: 26112
cf-request-id: 07e60dfdcf00000b3ff202f000000001
x-served-by: cache-mdw17326-MDW, cache-dca17731-DCA
last-modified: Mon, 25 Jan 2021 18:53:40 GMT
server: cloudflare
x-timer: S1611754621.651582,VS0,VE1
etag: W/"600f13b4-19302"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Wed, 26 Jan 2022 18:53:53 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 61837f76194d0b3f-AMS
x-styx-req-id: ab39fb32-5f3e-11eb-ace0-ee78424b65bb
x-cache-hits: 0, 1

GET
H2 200 script.js Show response
www.recordedfuture.com/wp-content/themes/recorded-future-2019/js/ 10 KB
3 KB 53ms
43ms Script
application/x-javascript 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/js/script.js?ver=3.4.8

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00a9c0d47d9b0646d0d2fcb16f4c9456ecd0771e08e775e174e8c86ad1cb629a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6627
x-pantheon-styx-hostname: styx-fe2-a-56484546b4-4h6gg
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 3126
cf-request-id: 07e60dfdcf00000b3fa3108000000001
x-served-by: cache-mdw17353-MDW, cache-dca17732-DCA
last-modified: Mon, 25 Jan 2021 18:53:43 GMT
server: cloudflare
x-timer: S1611754621.642278,VS0,VE1
etag: W/"600f13b7-296e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Wed, 26 Jan 2022 18:53:53 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 61837f76194e0b3f-AMS
x-styx-req-id: ab362cc6-5f3e-11eb-a24c-2a90d9847436
x-cache-hits: 1, 1

GET
H2 200 IGLibrary.js Show response
www.recordedfuture.com/wp-content/themes/recorded-future-2019/js/ 33 KB
10 KB 72ms
62ms Script
application/x-javascript 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/js/IGLibrary.js?ver=3.4.8

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f7e6a6c895c100151dfb452658d754fba7965e3ca95359990486db344d531e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6627
x-pantheon-styx-hostname: styx-fe2-b-74d5f6df88-ggkp7
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 9789
cf-request-id: 07e60dfdcf00000b3f9f1de000000001
x-served-by: cache-mdw17343-MDW, cache-dca17721-DCA
last-modified: Mon, 25 Jan 2021 18:53:44 GMT
server: cloudflare
x-timer: S1611754621.675300,VS0,VE1
etag: W/"600f13b8-853a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Wed, 26 Jan 2022 18:53:53 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 61837f76194f0b3f-AMS
x-styx-req-id: ab375a5f-5f3e-11eb-98fa-0a5b6f840f34
x-cache-hits: 1, 1

GET
H2 200 hoverIntent.min.js Show response
www.recordedfuture.com/wp-includes/js/ 1 KB
783 B 58ms
49ms Script
application/x-javascript 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/wp-includes/js/hoverIntent.min.js?ver=1.8.1

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5036d77bc45902a3567f499ebf981076387d71995d6fab43c9be0cd0b962b230

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6627
x-pantheon-styx-hostname: styx-fe2-a-86b67549cd-5s222
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 496
cf-request-id: 07e60dfdd000000b3fa9871000000001
x-served-by: cache-mdw17333-MDW, cache-bwi5049-BWI
last-modified: Wed, 13 Jan 2021 18:33:29 GMT
server: cloudflare
x-timer: S1611754620.412007,VS0,VE1
etag: W/"5fff3cf9-46a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Sat, 15 Jan 2022 06:09:05 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 61837f7619510b3f-AMS
x-styx-req-id: 01e1b89d-562f-11eb-8b5e-ae7424a480af
x-cache-hits: 1, 1

GET
H2 200 maxmegamenu.js Show response
www.recordedfuture.com/wp-content/plugins/megamenu/js/ 29 KB
6 KB 82ms
73ms Script
application/x-javascript 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/wp-content/plugins/megamenu/js/maxmegamenu.js?ver=2.9.2

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8271756d5397dd04fee9e7b5e9bb25a40b32102998938539946d9a006a0ec737

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6627
x-pantheon-styx-hostname: styx-fe2-b-787ccf59d-ntpxh
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 6172
cf-request-id: 07e60dfdd000000b3feaae3000000001
x-served-by: cache-mdw17362-MDW, cache-bwi5069-BWI
last-modified: Thu, 07 Jan 2021 15:58:22 GMT
server: cloudflare
x-timer: S1611754620.375117,VS0,VE1
etag: W/"5ff72f9e-7583"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Sun, 09 Jan 2022 10:23:17 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 61837f7619560b3f-AMS
x-styx-req-id: 85d84f4d-519b-11eb-abf7-1a504ac55431
x-cache-hits: 1, 1

GET
H2 200 public.js Show response
www.recordedfuture.com/wp-content/plugins/megamenu-pro/assets/ 20 KB
4 KB 79ms
70ms Script
application/x-javascript 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/wp-content/plugins/megamenu-pro/assets/public.js?ver=1.9

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a24dc262ca6db1017f88a6f18786dbb088dce4d06f65ed2b4b43cfd8d0cc618b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6627
x-pantheon-styx-hostname: styx-fe2-b-787ccf59d-ntpxh
x-cache: MISS, HIT
vary: Accept-Encoding
content-length: 4080
cf-request-id: 07e60dfdd000000b3fd78e6000000001
x-served-by: cache-mdw17333-MDW, cache-dca17720-DCA
last-modified: Thu, 07 Jan 2021 15:58:15 GMT
server: cloudflare
x-timer: S1611754620.387460,VS0,VE1
etag: W/"5ff72f97-4f87"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Sun, 09 Jan 2022 14:03:26 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 61837f7619570b3f-AMS
x-styx-req-id: 471c957a-51ba-11eb-abf7-1a504ac55431
x-cache-hits: 0, 1

GET
H2 200 wp-embed.min.js Show response
www.recordedfuture.com/wp-includes/js/ 1 KB
1 KB 80ms
71ms Script
application/x-javascript 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/wp-includes/js/wp-embed.min.js?ver=5.4.2

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6627
x-pantheon-styx-hostname: styx-fe2-a-6df6f6f65f-5hmms
x-cache: MISS, HIT
vary: Accept-Encoding
content-length: 784
cf-request-id: 07e60dfdd000000b3fac240000000001
x-served-by: cache-mdw17382-MDW, cache-dca17722-DCA
last-modified: Wed, 20 Jan 2021 18:35:30 GMT
server: cloudflare
x-timer: S1611754620.413221,VS0,VE1
etag: W/"600877f2-59a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Sat, 22 Jan 2022 13:41:22 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 61837f76195c0b3f-AMS
x-styx-req-id: 592f7184-5bee-11eb-9348-b6ef31d06f34
x-cache-hits: 0, 1

GET
H2 200 materialdesignicons.min.css
cdn.materialdesignicons.com/3.5.95/css/ 151 KB
27 KB 110ms
32ms Stylesheet
text/css 185.59.220.196
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.materialdesignicons.com/3.5.95/css/materialdesignicons.min.css
Requested by: Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.196 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-185-59-220-196.datapacket.com
Software: BunnyCDN-DE1-565 /
Resource Hash: 81a0af4b719cd7130599920adcdb46c1baee5556a3bdac934cc13acab1da9d30

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
content-encoding: br
cdn-edgestorageid: 632, 617
access-control-allow-origin: *
cdn-cachedat: 2021-01-03 21:59:25
cdn-pullzone: 190968
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
last-modified: Tue, 26 Feb 2019 05:52:58 GMT
server: BunnyCDN-DE1-565
vary: Accept-Encoding
content-type: text/css
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=7776000
cdn-requestid: 8bca8b92605bee7427ce8b68a993590e
cdn-requestcountrycode: NL
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 icon
fonts.googleapis.com/ 574 B
443 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2f7d25275cf9ccb802154e572bc808e3c4533bc2004ccb65f4ccf35fc22b0a58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 27 Jan 2021 15:27:27 GMT
server: ESF
date: Wed, 27 Jan 2021 15:27:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 27 Jan 2021 15:27:27 GMT

GET
H2 200 slick.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/ 2 KB
795 B 49ms
18ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/slick.css

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 152020
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 450
cf-request-id: 07e60dfdc30000d6bd7f9f2000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-6f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LemqEsq%2FdXDHiwX24nMuGvAbyeJpPxsHiF4i2OCZdrcyabWd1c6lw8pjsQyPGKGW9Crhv6WcYe727JmVqmKPWKN2wlTgKXpGN9x8UAKe%2FbnAyGzDyf%2BbEmdDqfoHoyC7mA%3D%3D"}],"max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 61837f760b7ed6bd-FRA
expires: Mon, 17 Jan 2022 15:27:27 GMT

GET
H2 200 slick-theme.css
kenwheeler.github.io/slick/slick/ 3 KB
1 KB 70ms
18ms Stylesheet
text/css 185.199.110.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://kenwheeler.github.io/slick/slick/slick-theme.css
Requested by: Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id: c923ca675c84b818f9c3be1a6b3c36b92dbaac2d
date: Wed, 27 Jan 2021 15:27:27 GMT
content-encoding: gzip
age: 310
x-cache: HIT
content-length: 882
x-served-by: cache-ams21048-AMS
access-control-allow-origin: *
last-modified: Mon, 02 Jul 2018 12:58:42 GMT
server: GitHub.com
x-github-request-id: A3CE:8E85:B78AB:C736A:6008EC27
x-timer: S1611761248.709722,VS0,VE0
etag: W/"5b3a2182-c49"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
via: 1.1 varnish
expires: Thu, 21 Jan 2021 03:01:19 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 8

GET
H2 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.7.0/ 57 KB
4 KB 49ms
18ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.7.0/animate.min.css

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ed082521f47921ffff14d4ec1c6c3f1ea55114741bee23cc23d4ab6a3213642

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 578195
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 3541
cf-request-id: 07e60dfdc30000d6bd7b2fa000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:58 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d2a-e283"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hjJTK3cJh9jaSP4Z2f2%2B9No20dwuVx0wqREHmZyaOUcWKNi%2F%2BxCvpwrXqjRXivT75QmKQzWZ5UMTgIfX2VFYGLcrsQW37%2BxT3wUa7MfJiMLY8yzON2h4e%2BnVB6riJLIsgw%3D%3D"}],"max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 61837f760b80d6bd-FRA
expires: Mon, 17 Jan 2022 15:27:27 GMT

GET
H2 200 lity.css
www.recordedfuture.com/wp-content/themes/recorded-future-2019/css/ 3 KB
1 KB 47ms
28ms Stylesheet
text/css 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/css/lity.css

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d7638189c7137743ac6c7644ab820c6c669fcb52a79cf8f27857ddd7bcc80f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6627
x-pantheon-styx-hostname: styx-fe2-a-86b67549cd-txvv9
x-cache: MISS, HIT
vary: Accept-Encoding
content-length: 1012
cf-request-id: 07e60dfdbd00000b3ff202d000000001
x-served-by: cache-mdw17328-MDW, cache-wdc5524-WDC
last-modified: Wed, 13 Jan 2021 18:33:14 GMT
server: cloudflare
x-timer: S1611754621.688412,VS0,VE1
etag: W/"5fff3cea-cc1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
via: 1.1 varnish, 1.1 varnish
expires: Sat, 15 Jan 2022 13:40:11 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 61837f75f8ee0b3f-AMS
x-styx-req-id: 06204eb7-566e-11eb-b783-cee90cf511ec
x-cache-hits: 0, 1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
39 KB 50ms
24ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-9153858-2

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2198a2af7310236e35e29997323f246c9189ab48c2886713d2cadc4178247728

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39679
x-xss-protection: 0
last-modified: Wed, 27 Jan 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 27 Jan 2021 15:27:27 GMT

GET
H2 200 252628.js Show response
js.hs-scripts.com/ 728 B
845 B 47ms
23ms Script
application/javascript 2606:4700::6811:d4cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/252628.js
Requested by: Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:d4cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb6ea628b1e8dce64046e499cbf511207790ffa4c7515396ce98e2dd9cebd8d9

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 26
cf-polished: origSize=825
cf-request-id: 07e60dfdc600004a55ea89d000000001
cf-bgj: minify
server: cloudflare
x-trace: 2BDC0A34ADB2FD13D34E9C7542522C874E6AE54C08000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.recordedfuture.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 61837f760c454a55-FRA
expires: Wed, 27 Jan 2021 15:28:27 GMT

GET
H/1.1 200
OK 6si.min.js Show response
j.6sc.co/ 15 KB
7 KB 81ms
25ms Script
application/javascript 104.108.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://j.6sc.co/6si.min.js
Requested by: Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.67.47 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-67-47.deploy.static.akamaitechnologies.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 779651bc146d489786b9b4ab590d2784547448e4b85cf1bb9036b31e404d1a37

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 27 Jan 2021 15:27:27 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 22:09:24 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5f6d1914-3a6c"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST
Content-Type: application/javascript
Access-Control-Allow-Origin
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 6116

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 91 KB
24 KB 20ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23762
x-fb-rlafr: 0
pragma: public
x-fb-debug: MjyBGCMzwdGGnWKqu/FesEVsG5SgtIE0jgP6diI556t3hZRde7uxSKi1VC0xJpAEY9WthlSHKYOgimtR628Jzw==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Wed, 27 Jan 2021 15:27:27 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
x-xss-protection: 0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 156 KB
52 KB 21ms
20ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-539N74N

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7dc2bb5610d82601a0414021553c7a2e14376f3071e63e882c40717f37c72944

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52862
x-xss-protection: 0
last-modified: Wed, 27 Jan 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 27 Jan 2021 15:27:27 GMT

GET
H2 200 wp-emoji-release.min.js Show response
www.recordedfuture.com/wp-includes/js/ 14 KB
5 KB 85ms
76ms Script
application/x-javascript 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/wp-includes/js/wp-emoji-release.min.js?ver=5.4.2

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6626
x-pantheon-styx-hostname: styx-fe2-b-787ccf59d-ntpxh
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 5247
cf-request-id: 07e60dfdd100000b3f13182000000001
x-served-by: cache-mdw17367-MDW, cache-bwi5046-BWI
last-modified: Thu, 07 Jan 2021 15:58:21 GMT
server: cloudflare
x-timer: S1611754621.272916,VS0,VE1
etag: W/"5ff72f9d-364d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Sun, 09 Jan 2022 06:20:24 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 61837f76195f0b3f-AMS
x-styx-req-id: 97fcd2dd-5179-11eb-abf7-1a504ac55431
x-cache-hits: 1, 1

GET
H2 400 css2
fonts.googleapis.com/ 0
0 16ms
15ms Stylesheet
text/html 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.googleapis.com/css2?family=Inter:100,200,300,400,500,600,700,800,900
Requested by: Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/style.css?ver=3.4.8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 mp5rtwcnz2nd.js Show response
js.driftt.com/include/1611761400000/ 285 KB
81 KB 216ms
146ms Script
application/javascript 13.224.194.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1611761400000/mp5rtwcnz2nd.js

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.194.79 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-194-79.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

ea55115014c6525fbcd9a649af5fd6f6308ddead86156213d48048748813f033

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: XjfM7WsiuUXmRrQibUpmUEueYIYw9.rD
content-encoding: gzip
etag: W/"189c8bea49a93fcf626000b6cfe8ca40"
x-amz-cf-pop: FRA2-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 26 Jan 2021 22:46:28 GMT
server: nginx
date: Wed, 27 Jan 2021 15:27:27 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
via: 1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: LL-q-unOc01DWvWaI6uXRinTo5wEdl1CnY0piFEBap2qcycBoDssKA==

GET
DATA 200
OK truncated
/ 609 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 36cce5cae3d2e0045b2b2b6cbffdad7a0aba3e99919cc219bbf0578efdc45585

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 420 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5efce88ac7228ea159bcf7fd1cc56d73c19428394218706524bac0e9151d4c61

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 545 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 79a39793efbf8217efbbc840e1b2041fe995363a5f12f0c01dd4d1462e5eb842

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 545 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3323814006fe6739493d27057954941830b59eff37ebaac994310e17c522dd57

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 592 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6fdd24bd96b3a482bc058d5c9bcfd6f1c664d91bbd47658d65ac5d852535f7fd

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 icon-brand-protect.png
www.recordedfuture.com/wp-content/uploads/ 4 KB
4 KB 80ms
72ms Image
image/png 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.recordedfuture.com/wp-content/uploads/icon-brand-protect.png

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/style.css?ver=3.4.8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c23c7b5a64271af443cbff923966e7878bdbe67654ff666c1619e991be666775

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/style.css?ver=3.4.8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6626
x-pantheon-styx-hostname: styx-fe2-a-86b67549cd-m8bwl
x-cache: HIT, HIT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 3905
cf-request-id: 07e60dfdd400000b3f990e0000000001
x-served-by: cache-mdw17327-MDW, cache-dca17773-DCA
last-modified: Wed, 05 Feb 2020 16:09:29 GMT
server: cloudflare
x-timer: S1611754621.405726,VS0,VE1
etag: "5e3ae8b9-f41"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: aa39d234-5184-11eb-9f72-a65c33fe9e05
expires: Sun, 09 Jan 2022 07:39:39 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 61837f7619600b3f-AMS
x-cache-hits: 1, 1

GET
H2 200 icon-secops.png
www.recordedfuture.com/wp-content/uploads/ 5 KB
5 KB 71ms
64ms Image
image/png 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.recordedfuture.com/wp-content/uploads/icon-secops.png

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/style.css?ver=3.4.8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a09ca406e89e7b1d3172741824df92d81eb000aa3241559c573f1bf17bc4899

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/style.css?ver=3.4.8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6626
x-pantheon-styx-hostname: styx-fe2-a-86b67549cd-drwwb
x-cache: MISS, HIT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 4735
cf-request-id: 07e60dfdd100000b3fec2a7000000001
x-served-by: cache-mdw17352-MDW, cache-bwi5063-BWI
last-modified: Wed, 05 Feb 2020 16:09:33 GMT
server: cloudflare
x-timer: S1611754621.399025,VS0,VE0
etag: "5e3ae8bd-127f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: b8952385-5653-11eb-8e6e-de706da08df1
expires: Sat, 15 Jan 2022 10:31:54 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 61837f7619610b3f-AMS
x-cache-hits: 0, 2

GET
H2 200 icon-threat-intel.png
www.recordedfuture.com/wp-content/uploads/ 3 KB
3 KB 80ms
73ms Image
image/png 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.recordedfuture.com/wp-content/uploads/icon-threat-intel.png

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/style.css?ver=3.4.8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f76e86c6a29453f0e15e74069a1e105af353ff07abaf5b7fdbb599e7c3263741

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/style.css?ver=3.4.8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6626
x-pantheon-styx-hostname: styx-fe2-a-6df6f6f65f-6msrp
x-cache: HIT, HIT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 2590
cf-request-id: 07e60dfdd100000b3fbf92d000000001
x-served-by: cache-mdw17326-MDW, cache-wdc5563-WDC
last-modified: Wed, 05 Feb 2020 16:09:28 GMT
server: cloudflare
x-timer: S1611754621.402479,VS0,VE1
etag: "5e3ae8b8-a1e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: 67585743-5be7-11eb-bdbb-fe0038e04dd7
expires: Sat, 22 Jan 2022 12:51:39 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 61837f7619630b3f-AMS
x-cache-hits: 1, 1

GET
H2 200 icon-vuln-mgmt.png
www.recordedfuture.com/wp-content/uploads/ 5 KB
6 KB 80ms
74ms Image
image/png 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.recordedfuture.com/wp-content/uploads/icon-vuln-mgmt.png

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/style.css?ver=3.4.8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6759e1844268d4ab9f5c8a9c16c245b58c1b5cc8d8361ce751bf8902a0025293

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/style.css?ver=3.4.8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6626
x-pantheon-styx-hostname: styx-fe2-a-86b67549cd-drwwb
x-cache: MISS, HIT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 5398
cf-request-id: 07e60dfdd200000b3f99ae1000000001
x-served-by: cache-mdw17379-MDW, cache-dca17728-DCA
last-modified: Wed, 05 Feb 2020 16:09:32 GMT
server: cloudflare
x-timer: S1611754621.151492,VS0,VE1
etag: "5e3ae8bc-1516"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: 47895939-54b7-11eb-8e6e-de706da08df1
expires: Thu, 13 Jan 2022 09:19:32 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 61837f7619650b3f-AMS
x-cache-hits: 0, 1

GET
H2 200 icon-third-party.png
www.recordedfuture.com/wp-content/uploads/ 5 KB
5 KB 71ms
64ms Image
image/png 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.recordedfuture.com/wp-content/uploads/icon-third-party.png

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/style.css?ver=3.4.8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7223c0b2ffaafe54a5aa7784420e711a847bde036b3e8050c319e815a4b1aa33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/style.css?ver=3.4.8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6626
x-pantheon-styx-hostname: styx-fe2-b-787ccf59d-tdrfr
x-cache: MISS, HIT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 5241
cf-request-id: 07e60dfdd200000b3fc2205000000001
x-served-by: cache-mdw17359-MDW, cache-bwi5062-BWI
last-modified: Wed, 05 Feb 2020 16:09:31 GMT
server: cloudflare
x-timer: S1611754621.364265,VS0,VE1
etag: "5e3ae8bb-1479"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: 373932f3-524b-11eb-be52-4e7a1b5dcd75
expires: Mon, 10 Jan 2022 07:20:56 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 61837f7619660b3f-AMS
x-cache-hits: 0, 1

GET
H2 200 icon-geopoli.png
www.recordedfuture.com/wp-content/uploads/ 5 KB
5 KB 70ms
64ms Image
image/png 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.recordedfuture.com/wp-content/uploads/icon-geopoli.png

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/style.css?ver=3.4.8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7915f988d90a47aff5003835c6e0255c3cb35247762ff36f005e7f94d5e8fbbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/style.css?ver=3.4.8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6626
x-pantheon-styx-hostname: styx-fe2-a-86b67549cd-5s222
x-cache: HIT, HIT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 4916
cf-request-id: 07e60dfdd200000b3fd5015000000001
x-served-by: cache-mdw17335-MDW, cache-bwi5020-BWI
last-modified: Wed, 05 Feb 2020 16:09:30 GMT
server: cloudflare
x-timer: S1611754621.402723,VS0,VE1
etag: "5e3ae8ba-1334"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: 8154fb6c-5189-11eb-8b5e-ae7424a480af
expires: Sun, 09 Jan 2022 08:14:18 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 61837f7619680b3f-AMS
x-cache-hits: 1, 1

GET
H2 200 icon-overview.png
www.recordedfuture.com/wp-content/uploads/ 790 B
1 KB 77ms
71ms Image
image/png 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.recordedfuture.com/wp-content/uploads/icon-overview.png

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/style.css?ver=3.4.8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

593f56bb9b00b639f6aadc57954f46080ce233d1bc01ef50f85720df619029f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/style.css?ver=3.4.8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6626
x-pantheon-styx-hostname: styx-fe2-b-787ccf59d-bnv7w
x-cache: HIT, HIT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 790
cf-request-id: 07e60dfdd200000b3fe786a000000001
x-served-by: cache-mdw17343-MDW, cache-bwi5076-BWI
last-modified: Tue, 17 Dec 2019 15:13:34 GMT
server: cloudflare
x-timer: S1611754621.398245,VS0,VE1
etag: "5df8f09e-316"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: e839902f-54bf-11eb-99a7-12651cbb9a62
expires: Thu, 13 Jan 2022 10:21:17 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 61837f76196a0b3f-AMS
x-cache-hits: 1, 1

GET
H2 200 icon-portal.png
www.recordedfuture.com/wp-content/uploads/ 521 B
809 B 77ms
71ms Image
image/png 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.recordedfuture.com/wp-content/uploads/icon-portal.png

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/style.css?ver=3.4.8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

613c27d45e0551e5862b4bbbf3c6f5241f73bc472ff15e84492f9b4f6579c58b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/style.css?ver=3.4.8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6626
x-pantheon-styx-hostname: styx-fe2-b-787ccf59d-tdrfr
x-cache: HIT, HIT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 521
cf-request-id: 07e60dfdd200000b3f9f1df000000001
x-served-by: cache-mdw17321-MDW, cache-bwi5054-BWI
last-modified: Tue, 17 Dec 2019 15:13:47 GMT
server: cloudflare
x-timer: S1611754621.416932,VS0,VE0
etag: "5df8f0ab-209"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: 00f0c73b-51a2-11eb-be52-4e7a1b5dcd75
expires: Sun, 09 Jan 2022 11:09:40 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 61837f76196c0b3f-AMS
x-cache-hits: 1, 2

GET
H2 200 menu-integrations-1-36x36.png
www.recordedfuture.com/wp-content/uploads/ 966 B
1 KB 77ms
72ms Image
image/png 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.recordedfuture.com/wp-content/uploads/menu-integrations-1-36x36.png

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/style.css?ver=3.4.8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ec19e731a605af29732582f00be3657470562ad2c1059ce01e58feda8f8d141

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/style.css?ver=3.4.8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6626
x-pantheon-styx-hostname: styx-fe2-b-787ccf59d-tdrfr
x-cache: MISS, HIT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 966
cf-request-id: 07e60dfdd300000b3fea180000000001
x-served-by: cache-mdw17359-MDW, cache-wdc5573-WDC
last-modified: Sun, 15 Dec 2019 22:09:35 GMT
server: cloudflare
x-timer: S1611754621.400038,VS0,VE1
etag: "5df6af1f-3c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: b166a0d1-51a1-11eb-be52-4e7a1b5dcd75
expires: Sun, 09 Jan 2022 11:07:27 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 61837f76196f0b3f-AMS
x-cache-hits: 0, 1

GET
H2 200 icon-services.png
www.recordedfuture.com/wp-content/uploads/ 5 KB
5 KB 76ms
71ms Image
image/png 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.recordedfuture.com/wp-content/uploads/icon-services.png

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/style.css?ver=3.4.8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1026d9fb308f7ae9af4b10ee43618382be1a6313656b395da90681d6a10b1988

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/style.css?ver=3.4.8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6626
x-pantheon-styx-hostname: styx-fe2-b-787ccf59d-ntpxh
x-cache: HIT, HIT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 4639
cf-request-id: 07e60dfdd300000b3fd9ba4000000001
x-served-by: cache-mdw17324-MDW, cache-dca17742-DCA
last-modified: Mon, 16 Dec 2019 20:33:19 GMT
server: cloudflare
x-timer: S1611754621.369493,VS0,VE1
etag: "5df7ea0f-121f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: ab683d82-519a-11eb-abf7-1a504ac55431
expires: Sun, 09 Jan 2022 10:17:10 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 61837f7619700b3f-AMS
x-cache-hits: 1, 1

GET
H2 200 icon-license.png
www.recordedfuture.com/wp-content/uploads/ 872 B
1 KB 75ms
70ms Image
image/png 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.recordedfuture.com/wp-content/uploads/icon-license.png

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/style.css?ver=3.4.8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db2af24bfef6358a1c62eb490dcef92470cfd816b84f7fac5c50ae79b1397f81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/style.css?ver=3.4.8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6626
x-pantheon-styx-hostname: styx-fe2-b-787ccf59d-tdrfr
x-cache: HIT, HIT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 872
cf-request-id: 07e60dfdd300000b3f9b1c7000000001
x-served-by: cache-mdw17337-MDW, cache-dca17727-DCA
last-modified: Tue, 17 Dec 2019 15:13:28 GMT
server: cloudflare
x-timer: S1611754621.377839,VS0,VE1
etag: "5df8f098-368"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: 58df2032-566f-11eb-be52-4e7a1b5dcd75
expires: Sat, 15 Jan 2022 13:49:39 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 61837f7619710b3f-AMS
x-cache-hits: 1, 1

GET
H2 200 exploit-kits-delivering-malware.jpg
www.recordedfuture.com/wp-content/uploads/ 388 KB
389 KB 666ms
662ms Image
image/jpeg 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.recordedfuture.com/wp-content/uploads/exploit-kits-delivering-malware.jpg

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45c2f8087bd6390d1a8b55d1e151b36dcd1371bdca1d02be42911d24ddccdf06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:28 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: MISS
x-pantheon-styx-hostname: styx-fe2-b-787ccf59d-cp5zk
x-cache: MISS, HIT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 397403
cf-request-id: 07e60dfdd300000b3f10092000000001
x-served-by: cache-mdw17325-MDW, cache-bwi5052-BWI
last-modified: Wed, 09 Dec 2020 22:29:27 GMT
server: cloudflare
x-timer: S1611761248.007729,VS0,VE3
etag: "5fd14fc7-6105b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
x-styx-req-id: b25c399c-5942-11eb-b49b-d6342341302a
expires: Wed, 19 Jan 2022 04:07:36 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 61837f7619720b3f-AMS
x-cache-hits: 0, 1

GET
DATA 200
OK truncated
/ 25 KB
25 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d5e4b2256e6c1a6e0d31f393d0422ad333d5e71e69c0d907cd85863cbffcdf28

Request headers

Origin: https://www.recordedfuture.com
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 footer-icons.png
www.recordedfuture.com/wp-content/themes/recorded-future-2019/img/ 1 KB
2 KB 23ms
23ms Image
image/png 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/img/footer-icons.png

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/style.css?ver=3.4.8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb54e94c545f03932d631cd985aff128d39396abed2de7cbb522b535493d0262

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/style.css?ver=3.4.8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6626
x-pantheon-styx-hostname: styx-fe2-b-787ccf59d-ntpxh
x-cache: HIT, HIT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 1293
cf-request-id: 07e60dfe7900000b3f0cb58000000001
x-served-by: cache-mdw17362-MDW, cache-bwi5024-BWI
last-modified: Mon, 11 Jan 2021 20:41:26 GMT
server: cloudflare
x-timer: S1611754621.397540,VS0,VE0
etag: "5ffcb7f6-50d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: 83753718-54de-11eb-abf7-1a504ac55431
expires: Thu, 13 Jan 2022 14:00:22 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 61837f772be10b3f-AMS
x-cache-hits: 1, 2

GET
H2 200 / Show response
load.sumo.com/ 2 KB
2 KB 92ms
23ms Script
text/javascript 89.187.169.26
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/
Requested by: Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.26 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-89-187-169-26.cdn77.com
Software: BunnyCDN-DE1-657 /
Resource Hash: 0c30678ce61936db0d9405256fc6d328eb49d38614d1650a3678a32ebb3b943c

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
content-encoding: br
cdn-edgestorageid: 657
x-amz-request-id: CF826736A7F13AED
cdn-cachedat: 2020-12-22 19:52:52
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: 7HfQjZ7KDwlfg1uPrxeGrWK5P5ihi8z4Ls0YUmeIhzY9hcF5dbxh1CgK5CJIvt5PVYZbJWSgrzM=
access-control-allow-origin: *
last-modified: Tue, 22 Dec 2020 17:48:07 GMT
server: BunnyCDN-DE1-657
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=600
cdn-requestid: 2dfcf0bda6374fe9cc813fc76d98e91d
cdn-requestcountrycode: NL
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 404 twitterfeed.js
www.recordedfuture.com/wp-content/themes/recorded-future-2019/framework-customizations/extensions/shortcodes/shortcodes/twitterfeed/static/js/ 0
0 30ms
30ms Script
text/html 104.20.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/framework-customizations/extensions/shortcodes/shortcodes/twitterfeed/static/js/twitterfeed.js?ver=4.5.4

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 64
x-pantheon-styx-hostname: styx-fe2-b-74d5f6df88-t8j9v
x-cache: HIT, MISS
content-encoding: gzip
vary: Accept-Encoding, Cookie, Cookie
x-xss-protection: 1; mode=block
x-served-by: cache-mdw17344-MDW, cache-bwi5071-BWI
referrer-policy: strict-origin
server: cloudflare
x-timer: S1611761183.376742,VS0,VE20
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html; charset=UTF-8
x-styx-req-id: defd7982-60b3-11eb-a045-02addd005e92
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: public, max-age=60
cf-request-id: 07e60dfe9600000b3fc4a60000000001
cf-ray: 61837f775c360b3f-AMS
link: <https://www.recordedfuture.com/wp-json/>; rel="https://api.w.org/"
x-cache-hits: 1, 0

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 32ms
9ms Script
application/x-javascript 2a02:26f0:10c:58e::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:58e::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 27 Jan 2021 15:27:27 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Jan 2021 22:14:03 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=65861
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1855

GET
H2 200 ecdebafc.min.js Show response
tag.demandbase.com/ 58 KB
16 KB 110ms
28ms Script
application/javascript 65.9.7.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.demandbase.com/ecdebafc.min.js
Requested by: Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.7.129 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 16c25ccdc13096c0fe269d07f04dcccf888e05875bc871a19e4dfeaf0bb128a1

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 5E2egzqs8IMWJd3kDYohilb15T03WiIM
content-encoding: gzip
last-modified: Tue, 08 Dec 2020 23:30:52 GMT
server: AmazonS3
age: 2002
etag: W/"1e51ce4f5b2c74ba17734b808338f270"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
date: Wed, 27 Jan 2021 14:54:06 GMT
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: LHoKgHpk9FicKgV48vYm-hywfgQraF2cmuhK8-N10WNWcU6GoUzvrg==

GET
H2 200 194163687656043 Show response
connect.facebook.net/signals/config/ 241 KB
70 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/194163687656043?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

57bcda2a9d92a692f9c1edccd79a4796bbf0b332a3db8efb74cb0cb0942a838a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 70593
x-fb-rlafr: 0
pragma: public
x-fb-debug: q8LtLEMql4C5NwQkNWOhfiKl+RpPDgtE6nkhBFKZQ2rsehx2pZSxoZ6EpalwSakoPWXhK93ZskulV1AfaU76Og==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 27 Jan 2021 15:27:27 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 1290015534
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK / Show response
c.6sc.co/ 47 B
378 B 72ms
23ms XHR
text/plain 104.108.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.67.47 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-67-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7df9f6033cb3c95840dc9a2c61de4d7c333a29fa6dd0758cb7f744b196be0157

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 27 Jan 2021 15:27:27 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.recordedfuture.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 47

GET
H/1.1 200
OK getuidj Show response
secure.adnxs.com/ 11 B
712 B 67ms
29ms XHR
application/json 185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/getuidj

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Jan 2021 15:27:27 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.185:80
AN-X-Request-Uuid: 6acf3b5a-c810-4ed2-a72d-b76e69839ff3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.recordedfuture.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 252628.js Show response
js.hs-analytics.net/analytics/1611761100000/ 61 KB
19 KB 37ms
21ms Script
text/javascript 2606:4700::6811:46b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1611761100000/252628.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/252628.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:46b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5a00d86a6bf225bb3acdafa45e61eb222f5f7070bfef2c36ac7d8e169ec0767

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
content-encoding: br
cf-cache-status: HIT
age: 92
x-amz-server-side-encryption: AES256
x-amz-request-id: 0F234B6FD94210B8
x-amz-id-2: X+5ncxN5zIwDzELmAAAXa2aFKcjZz1t0v4I5kIT9TthP5Z8nhACNYo/N0wjzXiEGI8pi4NhgzEE=
last-modified: Tue, 19 Jan 2021 20:10:47 GMT
server: cloudflare
etag: W/"8ce363eaef58b9a8901b876cb18af34a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=300, public
access-control-allow-credentials: false
x-amz-version-id: null
cf-request-id: 07e60dfec9000016ea92292000000001
cf-ray: 61837f77aec716ea-FRA
expires: Wed, 27 Jan 2021 15:30:55 GMT

GET
H2 200 252628.js Show response
js.hs-banner.com/ 55 KB
14 KB 41ms
25ms Script
text/javascript 2606:4700::6812:15bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/252628.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/252628.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19df1a5475b48c52eda2833b5914f418d54481f8750243fc0ba0a1068e33f757

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=aSBTYg==, md5=8TdtSsTLujJsjNZIbEB1bQ==
date: Wed, 27 Jan 2021 15:27:27 GMT
content-encoding: br
cf-cache-status: HIT
age: 26
x-guploader-uploadid: ABg5-Uz3mdTYCNULSCIb76jFpGyh8vxB3PHhEpWH2-rpOQx14xBVCUnP-_KvhgtAazGOnDzagW7C8yv4768Cbiki_XLZ-JlK8g
x-goog-storage-class: STANDARD
access-control-max-age: 604800
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: text/javascript; charset=UTF-8
cf-request-id: 07e60dfece00000610a1967000000001
timing-allow-origin: *
last-modified: Tue, 19 Jan 2021 20:10:48 GMT
server: cloudflare
etag: W/"f1376d4ac4cbba326c8cd6486c40756d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-goog-generation: 1611087048151773
access-control-allow-origin: https://therecord.media
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
x-goog-stored-content-length: 56138
cf-ray: 61837f77ae5b0610-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Wed, 27 Jan 2021 15:32:01 GMT

GET
H2 200 materialdesignicons-webfont.woff2
cdn.materialdesignicons.com/3.5.95/fonts/ 184 KB
185 KB 104ms
35ms Font
font/woff2 185.59.220.196
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.materialdesignicons.com/3.5.95/fonts/materialdesignicons-webfont.woff2?v=3.5.95
Requested by: Host: cdn.materialdesignicons.com
URL: https://cdn.materialdesignicons.com/3.5.95/css/materialdesignicons.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.196 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-185-59-220-196.datapacket.com
Software: BunnyCDN-DE1-565 /
Resource Hash: 7201c12b0e82cd05a60c412f53f98f37cfec9616ef61f6e34d7d3a5293e440a5

Request headers

Origin: https://www.recordedfuture.com
Referer: https://cdn.materialdesignicons.com/3.5.95/css/materialdesignicons.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:28 GMT
cdn-edgestorageid: 565, 617
access-control-allow-origin: *
cdn-cachedat: 2021-01-03 22:00:57
cdn-pullzone: 190968
content-length: 188316
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
last-modified: Tue, 26 Feb 2019 05:52:58 GMT
server: BunnyCDN-DE1-565
content-type: font/woff2
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=7776000
cdn-requestid: eefc1d2ff0c02bb5e87884068b04bff3
accept-ranges: bytes
cdn-requestcountrycode: NL
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 73ms
24ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-539N74N
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:28 GMT
via: 1.1 varnish
last-modified: Fri, 04 Dec 2020 00:21:46 GMT
age: 55728
etag: "cbc512946c8abb461c6215ed5b454e5f+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1957
x-timer: S1611761248.017491,VS0,VE0
x-served-by: cache-fra19154-FRA

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 3288
date: Wed, 27 Jan 2021 14:32:39 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Wed, 27 Jan 2021 16:32:39 GMT

GET
H/1.1 200
OK / Show response
api.ipify.org/ 31 B
215 B 412ms
107ms Script
application/javascript 23.21.252.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=jsonp&callback=getIP
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-539N74N
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.21.252.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 31241a45c6a9dbc6a58e7529b551f11961accb16deacb7afa0cbf81ab97c635f

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 27 Jan 2021 15:27:28 GMT
Via: 1.1 vegur
Server: Cowboy
Connection: keep-alive
Content-Length: 31
Vary: Origin
Content-Type: application/javascript

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-9153858-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 3668
date: Wed, 27 Jan 2021 14:26:19 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Wed, 27 Jan 2021 16:26:19 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
39 KB 39ms
26ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1003136084&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-9153858-2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e20b0c0a2c1878b2a7a1806042a995bf0f84313444c19e223fc313a7100b3a99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:27 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39642
x-xss-protection: 0
last-modified: Wed, 27 Jan 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 27 Jan 2021 15:27:27 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 28ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C700&ver=5.4.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.recordedfuture.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C700&ver=5.4.2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 16:25:01 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 169347
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Tue, 25 Jan 2022 16:25:01 GMT

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 247ms
196ms Image
image/gif 104.108.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=&visitor=6cd15308-558b-450e-87f4-2a0849d158a8&session=5d34cd76-66f3-4b04-8b05-14f01681e8a4&event=click&q=%7B%22event_id%22%3A%22%22%2C%22event_value%22%3A%22%22%7D&isIframe=false&m=%7B%22description%22%3A%22Over%20the%20last%20two%20years%2C%20operators%20of%20exploit%20kits%20have%20modified%20their%20kits%20to%20include%20first-stage%20malware%20being%20used%20to%20deploy%20ransomware.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Exploit%20Kits%2C%20Though%20in%20Decline%2C%20Remain%20Powerful%20Tool%20for%20Delivering%20Malware%22%7D&cb=61248008&r=&thirdParty=%7B%7D&pageURL=https%3A%2F%2Fwww.recordedfuture.com%2Fexploit-kits-delivering-malware%2F

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.108.67.47 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-108-67-47.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 27 Jan 2021 15:27:28 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Fri, 21 Feb 2020 19:02:58 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5e502962-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

oct.js Show response
static.ads-twitter.com/
Redirect Chain

https://platform.twitter.com/oct.js
https://static.ads-twitter.com/oct.js

5 KB
2 KB

23ms
23ms

Script
application/javascript

151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/oct.js
Requested by: Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:28 GMT
via: 1.1 varnish
last-modified: Fri, 04 Dec 2020 00:21:46 GMT
age: 54060
etag: "cbc512946c8abb461c6215ed5b454e5f+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1957
x-timer: S1611761248.124769,VS0,VE0
x-served-by: cache-fra19154-FRA

Redirect headers

x-tw-cdn: VZ
Date: Wed, 27 Jan 2021 15:27:28 GMT
Server: ECS (amb/6BBE)
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Location: https://static.ads-twitter.com/oct.js
Content-Length: 0

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 287ms
238ms Image
image/gif 104.108.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=&visitor=6cd15308-558b-450e-87f4-2a0849d158a8&session=5d34cd76-66f3-4b04-8b05-14f01681e8a4&event=a_pageload&q=%7B%7D&isIframe=false&m=%7B%22description%22%3A%22Over%20the%20last%20two%20years%2C%20operators%20of%20exploit%20kits%20have%20modified%20their%20kits%20to%20include%20first-stage%20malware%20being%20used%20to%20deploy%20ransomware.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Exploit%20Kits%2C%20Though%20in%20Decline%2C%20Remain%20Powerful%20Tool%20for%20Delivering%20Malware%22%7D&cb=61248018&r=&thirdParty=%7B%7D&pageURL=https%3A%2F%2Fwww.recordedfuture.com%2Fexploit-kits-delivering-malware%2F

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.108.67.47 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-108-67-47.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 27 Jan 2021 15:27:28 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Fri, 21 Feb 2020 18:51:25 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5e5026ad-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=26800&time=1611761248022&url=https%3A%2F%2Fwww.recordedfuture.com%2Fexploit-kits-delivering-malware%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D26800%26time%3D1611761248022%26url%3Dhttps%253A%252F%252Fwww.recordedfuture.com%2...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=26800&time=1611761248022&url=https%3A%2F%2Fwww.recordedfuture.com%2Fexploit-kits-delivering-malware%2F&liSync=true

0
57 B

114ms
113ms

Image
application/javascript

2a05:f500:10:101::b93f:9105
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=26800&time=1611761248022&url=https%3A%2F%2Fwww.recordedfuture.com%2Fexploit-kits-delivering-malware%2F&liSync=true
Requested by: Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:10:101::b93f:9105 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:28 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-proto: http/2
x-li-pop: prod-efr5
content-type: application/javascript
content-length: 0
x-li-uuid: vM9P3FAgXhagI/VsRisAAA==

Redirect headers

content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-content-type-options: nosniff
linkedin-action: 1
content-length: 0
x-li-uuid: Jycx2FAgXhagjrKeaisAAA==
pragma: no-cache
x-li-pop: afd-prod-lva1
x-msedge-ref: Ref A: 3A2269A3CF964374B87E38132B5ECDB6 Ref B: FRAEDGE1416 Ref C: 2021-01-27T15:27:28Z
x-frame-options: sameorigin
date: Wed, 27 Jan 2021 15:27:27 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security: max-age=31536000
x-li-fabric: prod-lva1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=26800&time=1611761248022&url=https%3A%2F%2Fwww.recordedfuture.com%2Fexploit-kits-delivering-malware%2F&liSync=true
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
410 B 21ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=194163687656043&ev=PageView&dl=https%3A%2F%2Fwww.recordedfuture.com%2Fexploit-kits-delivering-malware%2F&rl=&if=false&ts=1611761248034&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1611761248033.705320363&it=1611761247905&coo=false&rqm=GET

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:28 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 27 Jan 2021 15:27:28 GMT

GET
H2 200 error
connect.facebook.net//log/ 0
0 27ms
26ms Image
text/html 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://connect.facebook.net//log/error?p=pixel&v=2.9.33&e=Error%3A%20Duplicate%20Pixel%20ID%3A%20194163687656043.&s=Error%3A%20Duplicate%20Pixel%20ID%3A%20194163687656043.%0A%20%20%20%20at%20E%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A23%3A39985)%0A%20%20%20%20at%20Function.Y%20%5Bas%20init%5D%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A26%3A7728)%0A%20%20%20%20at%20Function.X%20%5Bas%20callMethod%5D%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A26%3A3530)%0A%20%20%20%20at%20qa%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A26%3A10435)%0A%20%20%20%20at%20https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A26%3A10471%0A%20%20%20%20at%20https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A23%3A29520%0A%20%20%20%20at%20v%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A23%3A65139)%0A%20%20%20%20at%20each%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A23%3A66675)%0A%20%20%20%20at%20a.value%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A23%3A29483)%0A%20%20%20%20at%20a.value%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A23%3A29891)&ue=1&rs=stable&rqm=FGET
Requested by: Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 206 notification.d46d7db1.mp3
js.driftqa.com/conductor/assets/media/ 20 KB
21 KB 320ms
113ms Media
audio/mpeg 54.197.143.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftqa.com/conductor/assets/media/notification.d46d7db1.mp3

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.197.143.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-197-143-221.compute-1.amazonaws.com

Software

nginx /

Resource Hash

ad80ac33ed04b4e6d78167b4162ecd3d2e8c29d17b43eb3df1f35b216b2ac5c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.recordedfuture.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 27 Jan 2021 15:27:28 GMT
last-modified: Wed, 27 Jan 2021 14:53:20 GMT
server: nginx
access-control-allow-origin: *
etag: "d46d7db110874da77e094dcbc4bec8e6"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
content-type: audio/mpeg
Content-Range: bytes 0-20896/20897
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 20897

GET
H2 200 72.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 131 KB
43 KB 31ms
30ms Script
text/javascript 89.187.169.26
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/72.7e831236a32d6086ab3e.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.26 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-89-187-169-26.cdn77.com
Software: BunnyCDN-DE1-657 /
Resource Hash: 73c748a03b271d7a4d7c1ed120f668653c1d7ed4632748920048ddcde2e6d759

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:28 GMT
content-encoding: br
cdn-edgestorageid: 657
x-amz-request-id: ACD98A2C1988597B
cdn-cachedat: 2020-12-22 23:03:24
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: 7b4CAJzd92+SVKJpwoWNMLS1vqAgBcHT3wihXvlu8xhZgoaWCkd1wVF+H0YyynNX8hXdJPitxkA=
access-control-allow-origin: *
last-modified: Tue, 22 Dec 2020 17:47:44 GMT
server: BunnyCDN-DE1-657
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: c2923120e677d4978b67551c14ef642a
cdn-requestcountrycode: NL
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 73.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 289 KB
99 KB 31ms
31ms Script
text/javascript 89.187.169.26
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/73.7e831236a32d6086ab3e.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.26 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-89-187-169-26.cdn77.com
Software: BunnyCDN-DE1-657 /
Resource Hash: f452c0a329f17acfb74497d9ddef4a0d5af4166d43da2a3824387fc71205cd4f

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:28 GMT
content-encoding: br
cdn-edgestorageid: 657
x-amz-request-id: E0D7D7E410A9A5A7
cdn-cachedat: 2020-12-22 23:03:24
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: NwShDyOkTr1aby66liWIw24gl6gpTkaO25BrNZVs5/wvZGRVz1u04k3FNW1kIhHmQ5YyoderVZ4=
access-control-allow-origin: *
last-modified: Tue, 22 Dec 2020 17:47:45 GMT
server: BunnyCDN-DE1-657
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: fbf4e56b30ab7deb3eadfe87c4caf9de
cdn-requestcountrycode: NL
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H3-Q050 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
378 B 44ms
28ms Image
image/gif 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1623359160&utmhn=www.recordedfuture.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Exploit%20Kits%2C%20Though%20in%20Decline%2C%20Remain%20Powerful%20Tool%20for%20Delivering%20Malware&utmhid=587030371&utmr=-&utmp=%2Fexploit-kits-delivering-malware%2F&utmht=1611761248088&utmac=UA-XXXYYYZZZ-1&utmcc=__utma%3D93161374.1939048049.1611761248.1611761248.1611761248.1%3B%2B__utmz%3D93161374.1611761248.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=508590746&utmredir=1&utmu=qhAgAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jan 2021 15:27:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ip.json Show response
api.company-target.com/api/v2/ 438 B
945 B 119ms
69ms XHR
application/json 143.204.94.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fwww.recordedfuture.com%2Fexploit-kits-delivering-malware%2F&page_title=Exploit%20Kits%2C%20Though%20in%20Decline%2C%20Remain%20Powerful%20Tool%20for%20Delivering%20Malware&src=tag&key=1ffddc5849b5c09c5dcfcdacfdce34a5
Requested by: Host: tag.demandbase.com
URL: https://tag.demandbase.com/ecdebafc.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.94.67 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-94-67.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 61a2d2d9e72b541b52b029da2febf1203b443126b6cccbc4fa23a8718af52a3a

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:28 GMT
identification-source: CENTRAL
vary: Accept-Encoding, Origin
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
request-id: eebd341d-d84b-4a27-8f77-ca1d24e0f14b
content-encoding: gzip
pragma: no-cache
access-control-allow-origin: https://www.recordedfuture.com
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
access-control-expose-headers
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: C_9--m6ymFveQbzzgUOufqznKse6BE_piH1eTKiL1QV11i2r1CJ4aQ==
expires: Tue, 26 Jan 2021 15:27:28 GMT

GET
H/1.1

200
OK

validateCookie
segments.company-target.com/
Redirect Chain

https://match.prod.bidr.io/cookie-sync/demandbase
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1
https://segments.company-target.com/log?vendor=choca&user_id=AAGbWU7AIw0AABAlMW22yA
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAGbWU7AIw0AABAlMW22yA&verifyHash=cd83cd0c45dfc347cebfa50497c72197601da3e3

26 B
408 B

121ms
121ms

Image
image/gif

13.225.80.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAGbWU7AIw0AABAlMW22yA&verifyHash=cd83cd0c45dfc347cebfa50497c72197601da3e3
Requested by: Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.80.54 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-80-54.fra2.r.cloudfront.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 27 Jan 2021 15:27:28 GMT
Via: 1.1 d9bf8acc1da383db4531789bbb03ac07.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C2
Vary: Origin
X-Cache: Miss from cloudfront
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
trace-id: a86f121cc1398391
X-Amz-Cf-Id: QvtfDK3iphtcNdMh1tklv1f9FlNlv2pH_iz4cQIQCOj9uBSYaqTEQw==

Redirect headers

Date: Wed, 27 Jan 2021 15:27:28 GMT
Via: 1.1 d9bf8acc1da383db4531789bbb03ac07.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C2
Vary: Origin
X-Cache: Miss from cloudfront
Location: /validateCookie?vendor=choca&user_id=AAGbWU7AIw0AABAlMW22yA&verifyHash=cd83cd0c45dfc347cebfa50497c72197601da3e3
Connection: keep-alive
trace-id: fd2671b4a95b04c5
Content-Length: 0
X-Amz-Cf-Id: 0hrp3YEQ26_olJOI2mJSvaG-kkRtUj5ql3T9vEgOkybY1we04e886A==

GET
H2 451 464526.gif
id.rlcdn.com/ 0
66 B 58ms
22ms Image
text/plain 34.120.207.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/464526.gif
Requested by: Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.207.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 148.207.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:28 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H3-Q050 200 js Show response
www.google-analytics.com/gtm/ 87 KB
35 KB 48ms
33ms Script
application/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-MV8X7B7&t=gtag_UA_9153858_2&cid=1939048049.1611761248

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

17669012e2d124bbea502e3e35fd7751b2acb3674f4148f9ef5b25e1a79c9bc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:28 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35089
x-xss-protection: 0
last-modified: Wed, 27 Jan 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 27 Jan 2021 15:27:28 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 30 KB
13 KB 105ms
50ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1003136084&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

34fcae3cf94e02d46c230a5b7dd3827d612587164e048dcfe146518da1cb4ab0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 12189
x-xss-protection: 0
server: cafe
etag: 8926089356025331971
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 27 Jan 2021 15:27:28 GMT

GET
H2 200 adsct
t.co/i/ 43 B
125 B 188ms
139ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=nv0r6&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fwww.recordedfuture.com%2Fexploit-kits-delivering-malware%2F

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 116
pragma: no-cache
last-modified: Wed, 27 Jan 2021 15:27:28 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 3c09b0aebdc91a045aa07b707c255761
x-transaction: 00e3144f005889da
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
447 B 173ms
134ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=nv0r6&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fwww.recordedfuture.com%2Fexploit-kits-delivering-malware%2F

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 112
pragma: no-cache
last-modified: Wed, 27 Jan 2021 15:27:28 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 3c09b0aebdc91a045aa07b707c255761
x-transaction: 00bbd02a00574723
expires: Tue, 31 Mar 1981 05:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
172 B 13ms
13ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=587030371&t=pageview&_s=1&dl=https%3A%2F%2Fwww.recordedfuture.com%2Fexploit-kits-delivering-malware%2F&ul=en-us&de=UTF-8&dt=Exploit%20Kits%2C%20Though%20in%20Decline%2C%20Remain%20Powerful%20Tool%20for%20Delivering%20Malware&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=93161374.1939048049.1611761248.1611761248.1611761248.1&_utmz=93161374.1611761248.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1611761248190&_u=KSBCAUADQAAAAC~&jid=1543372441&gjid=2098742917&cid=1939048049.1611761248&tid=UA-9153858-2&_gid=1323827654.1611761248&_r=1&gtm=2ou1d0&z=978726078

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 27 Jan 2021 15:27:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.recordedfuture.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
451 B 40ms
13ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-9153858-2&cid=1939048049.1611761248&jid=1543372441&gjid=2098742917&_gid=1323827654.1611761248&_u=KSBCAUACQAAAAC~&z=318154088

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 27 Jan 2021 15:27:28 GMT
content-type: text/plain
access-control-allow-origin: https://www.recordedfuture.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
25 B 13ms
13ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=587030371&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.recordedfuture.com%2Fexploit-kits-delivering-malware%2F&ul=en-us&de=UTF-8&dt=Exploit%20Kits%2C%20Though%20in%20Decline%2C%20Remain%20Powerful%20Tool%20for%20Delivering%20Malware&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Demandbase&ea=API%20Resolution&el=IP%20API&_utma=93161374.1939048049.1611761248.1611761248.1611761248.1&_utmz=93161374.1611761248.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1611761248216&_u=aTBCAUADQAAAAC~&jid=&gjid=&cid=1939048049.1611761248&tid=UA-9153858-2&_gid=1323827654.1611761248&_slc=1&cd1=(Non-Company%20Visitor)&cd2=(Non-Company%20Visitor)&cd3=(Non-Company%20Visitor)&cd4=(Non-Company%20Visitor)&cd5=(Non-Company%20Visitor)&cd6=(Non-Company%20Visitor)&cd7=Bot&cd8=(Non-Company%20Visitor)&cd9=(Non-Company%20Visitor)&cd10=Amsterdam&cd11=NH&cd12=Netherlands&cd13=(Non-Company%20Visitor)&cd14=(Non-Company%20Visitor)&cd15=(Non-Company%20Visitor)&cd16=(Non-Company%20Visitor)&z=1676990832

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 27 Jan 2021 15:27:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.recordedfuture.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
25 B 13ms
13ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=587030371&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.recordedfuture.com%2Fexploit-kits-delivering-malware%2F&ul=en-us&de=UTF-8&dt=Exploit%20Kits%2C%20Though%20in%20Decline%2C%20Remain%20Powerful%20Tool%20for%20Delivering%20Malware&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Blog%20Tracking&ea=Post%20Type%20Blog%20Tracking&el=Blog%20Tracking%20%7C%7C%20https%3A%2F%2Fwww.recordedfuture.com%2Fexploit-kits-delivering-malware%2F&_utma=93161374.1939048049.1611761248.1611761248.1611761248.1&_utmz=93161374.1611761248.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1611761248232&_u=aTDCAUADQAAAAC~&jid=741671118&gjid=1438462083&cid=1939048049.1611761248&tid=UA-9153858-2&_gid=1323827654.1611761248&_r=1&gtm=2wg1d0539N74N&z=2041283607

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 27 Jan 2021 15:27:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.recordedfuture.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1003136084/ 2 KB
2 KB 50ms
29ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1003136084/?random=1611761248242&cv=9&fst=1611761248242&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa1d0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.recordedfuture.com%2Fexploit-kits-delivering-malware%2F&tiba=Exploit%20Kits%2C%20Though%20in%20Decline%2C%20Remain%20Powerful%20Tool%20for%20Delivering%20Malware&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16b29500b0d4632ac05a1999c97fc3f78a22a6a99f34f9d8778532400fdbfe2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jan 2021 15:27:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1089
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
429 B 40ms
13ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-9153858-2&cid=1939048049.1611761248&jid=741671118&gjid=1438462083&_gid=1323827654.1611761248&_u=aTDCAUADQAAAAC~&z=1500159041

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 27 Jan 2021 15:27:28 GMT
content-type: text/plain
access-control-allow-origin: https://www.recordedfuture.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
505 B 49ms
30ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-9153858-2&cid=1939048049.1611761248&jid=1543372441&_u=KSBCAUACQAAAAC~&z=191052233

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jan 2021 15:27:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
505 B 48ms
29ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-9153858-2&cid=1939048049.1611761248&jid=1543372441&_u=KSBCAUACQAAAAC~&z=191052233

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jan 2021 15:27:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 31ms
31ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-9153858-2&cid=1939048049.1611761248&jid=741671118&_u=aTDCAUADQAAAAC~&z=2091441376

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jan 2021 15:27:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 29ms
29ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-9153858-2&cid=1939048049.1611761248&jid=741671118&_u=aTDCAUADQAAAAC~&z=2091441376

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jan 2021 15:27:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1003136084/ 42 B
154 B 24ms
23ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1003136084/?random=1611761248242&cv=9&fst=1611759600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa1d0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.recordedfuture.com%2Fexploit-kits-delivering-malware%2F&tiba=Exploit%20Kits%2C%20Though%20in%20Decline%2C%20Remain%20Powerful%20Tool%20for%20Delivering%20Malware&async=1&fmt=3&is_vtc=1&random=3142535133&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jan 2021 15:27:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1003136084/ 42 B
154 B 21ms
20ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1003136084/?random=1611761248242&cv=9&fst=1611759600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa1d0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.recordedfuture.com%2Fexploit-kits-delivering-malware%2F&tiba=Exploit%20Kits%2C%20Though%20in%20Decline%2C%20Remain%20Powerful%20Tool%20for%20Delivering%20Malware&async=1&fmt=3&is_vtc=1&random=3142535133&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jan 2021 15:27:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
120 B 7ms
6ms Image
image/gif 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=587030371&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.recordedfuture.com%2Fexploit-kits-delivering-malware%2F&ul=en-us&de=UTF-8&dt=Exploit%20Kits%2C%20Though%20in%20Decline%2C%20Remain%20Powerful%20Tool%20for%20Delivering%20Malware&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=IP&ea=Sent&_utma=93161374.1939048049.1611761248.1611761248.1611761248.1&_utmz=93161374.1611761248.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1611761248382&_u=aTDCAUADQAAAAC~&jid=&gjid=&cid=1939048049.1611761248&tid=UA-9153858-2&_gid=1323827654.1611761248&gtm=2wg1d0539N74N&cd17=185.212.171.67&z=2010249599

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jan 2021 06:46:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 31243
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 /
www.facebook.com/tr/ 0
89 B 6ms
6ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryHkYtsjNS8OJO0kxC

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Wed, 27 Jan 2021 15:27:28 GMT
content-type: text/plain
access-control-allow-origin: https://www.recordedfuture.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H2 200 core
js.driftt.com/ Frame F9F7 0
0 41ms
41ms Document
text/html 13.224.194.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?embedId=mp5rtwcnz2nd&forceShow=false&skipCampaigns=false&sessionId=76bfd8dd-79df-4221-859d-f63174282ab2&sessionStarted=1611761248&campaignRefreshToken=d92d5b38-cda4-4594-9042-79732cfc521d&pageLoadStartTime=1611761247537

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1611761400000/mp5rtwcnz2nd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.194.79 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-194-79.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: js.driftt.com
:scheme: https
:path: /core?embedId=mp5rtwcnz2nd&forceShow=false&skipCampaigns=false&sessionId=76bfd8dd-79df-4221-859d-f63174282ab2&sessionStarted=1611761248&campaignRefreshToken=d92d5b38-cda4-4594-9042-79732cfc521d&pageLoadStartTime=1611761247537
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.recordedfuture.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.recordedfuture.com/

Response headers

content-type: text/html; charset=utf-8
server: nginx
last-modified: Tue, 26 Jan 2021 22:46:22 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: 8P2oyjatpvwYN2ZbvdABLOqfp9r.RPRo
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Wed, 27 Jan 2021 15:27:28 GMT
cache-control: no-cache
etag: W/"3733cdb087027fe5ed9e9531f2b7ec30"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: NZFw6_2wPEWuwKnx1-pP5L_ZO24d7NgxZjibbZHjMG6mM_OBqcq1dg==

GET
H2 200 chat
js.driftt.com/core/ Frame EED2 0
0 35ms
35ms Document
text/html 13.224.194.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1611761400000/mp5rtwcnz2nd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.194.79 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-194-79.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: js.driftt.com
:scheme: https
:path: /core/chat
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.recordedfuture.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.recordedfuture.com/

Response headers

content-type: text/html; charset=utf-8
server: nginx
last-modified: Tue, 26 Jan 2021 22:46:22 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: 8P2oyjatpvwYN2ZbvdABLOqfp9r.RPRo
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Wed, 27 Jan 2021 15:27:28 GMT
cache-control: no-cache
etag: W/"3733cdb087027fe5ed9e9531f2b7ec30"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: bZdHAwXY_QezK0hY9xioLjS9y7mvJ-HL5T-EKReCsK4i_KB5PctiTA==

GET
H2 200 nr-1194.min.js Show response
js-agent.newrelic.com/ 27 KB
11 KB 79ms
23ms Script
application/javascript 151.101.114.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1194.min.js
Requested by: Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 04446c6509e4513c239c7803cf8a8c3727e8cef843c8537e48d5e05e1fa723cd

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:28 GMT
content-encoding: gzip
x-amz-request-id: 68D2702B1B1EE73B
x-cache: HIT
content-length: 10625
x-amz-id-2: 9oyQbEkprcwib4d82Y4NKXXqMpIfI9WwmhGg4zKHf7A66Ie1EiBa+52W3blMTdZkaSL1gYyz7m4=
x-served-by: cache-hhn4067-HHN
last-modified: Wed, 06 Jan 2021 22:25:50 GMT
server: AmazonS3
x-timer: S1611761249.842882,VS0,VE0
etag: "4f5c23cba20072ede6a543efb2f986c3"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 27365

GET
H2 200 loader-v2.js Show response
cta-service-cms2.hubspot.com/ctas/v2/public/cs/ 6 KB
3 KB 37ms
35ms Script
text/javascript 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/ctas/v2/public/cs/loader-v2.js?__hsfp=2978788718&__hssc=57501621.1.1611761248789&__hstc=57501621.06d14af4ff51bb153f0ab662870af7c6.1611761248788.1611761248788.1611761248788.1&canon=https%3A%2F%2Fwww.recordedfuture.com%2Fexploit-kits-delivering-malware%2F&hsutk=06d14af4ff51bb153f0ab662870af7c6&pg=9210833d-34a7-4597-ade0-03e16dcbc24c&pid=252628&sv=cta-embed-js-static-1.13&lag=943&rdy=1&df=a

Requested by

Host: js.hscta.net
URL: https://js.hscta.net/cta/current.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8735e4e8367f3114cc5979b4dc8dc2a40d6ca15be9532be0461ac8364a0359fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:28 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
content-disposition: attachment; name="loaderJS" filename="loader-v2.js"
content-length: 2231
cf-request-id: 07e60e0217000005fdf7119000000001
x-robots-tag: noindex, follow
server: cloudflare
x-trace: 2B245816D59633B5554D08501C6B1EB8707E84C3E9000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WOO0NQ8Iu6jXtQTYs5IJ6ueYf8jW0O4vBaM93C8DiMgb%2FcqByM7czFcLqfMLWno5x5iR5U7T2IQZooBuvSmr1j1kjv7gkFqPlqESS9p%2BPv2WHtiAZrczsR4kncQGDjSZTzQh6ybd5yv3"}]}
content-type: text/javascript
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
cf-ray: 61837f7cf85c05fd-FRA

GET
H2 200 loader-v2.js Show response
cta-service-cms2.hubspot.com/ctas/v2/public/cs/ 7 KB
3 KB 29ms
28ms Script
text/javascript 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/ctas/v2/public/cs/loader-v2.js?__hsfp=2978788718&__hssc=57501621.1.1611761248789&__hstc=57501621.06d14af4ff51bb153f0ab662870af7c6.1611761248788.1611761248788.1611761248788.1&canon=https%3A%2F%2Fwww.recordedfuture.com%2Fexploit-kits-delivering-malware%2F&hsutk=06d14af4ff51bb153f0ab662870af7c6&pg=a7fb8b5c-b14d-4030-a76d-26dbc96ab43b&pid=252628&sv=cta-embed-js-static-1.13&lag=941&rdy=1&df=a

Requested by

Host: js.hscta.net
URL: https://js.hscta.net/cta/current.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52b8da4e014ba69828d62e8463bc95432418d40d2350fe26a82d08081c6b1f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:28 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
content-disposition: attachment; name="loaderJS" filename="loader-v2.js"
content-length: 2497
cf-request-id: 07e60e0218000005fd82b8a000000001
x-robots-tag: noindex, follow
server: cloudflare
x-trace: 2B24B114B3D7B9B76DDC82C30CE42E5B449C0C3338000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ba%2FDo0mACHxB6vVLWGQefeQxWpDktFbOpuzTqwdoDXBq34dFj4V7yG6HBxnzWCpgic2PnsZtvatpAorqaAtINcHsWcjKqyGo0aOmts3H8HDagE9Vsy2xQWzwXVY7BVCZDrfxlrfnMZ4w"}]}
content-type: text/javascript
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
cf-ray: 61837f7cf85e05fd-FRA

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
401 B 42ms
39ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2978788718&v=1.1&a=252628&rcu=https%3A%2F%2Fwww.recordedfuture.com%2Fexploit-kits-delivering-malware%2F&pu=https%3A%2F%2Fwww.recordedfuture.com%2Fexploit-kits-delivering-malware%2F&t=Exploit+Kits%2C+Though+in+Decline%2C+Remain+Powerful+Tool+for+Delivering+Malware&cts=1611761248793&vi=06d14af4ff51bb153f0ab662870af7c6&nc=true&u=57501621.06d14af4ff51bb153f0ab662870af7c6.1611761248788.1611761248788.1611761248788.1&b=57501621.1.1611761248789

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:28 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 61837f7d08b705fd-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
content-length: 45
cf-request-id: 07e60e0224000005fdb1bb8000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=liogeREtmwNyGtiTdnbyFx5ueTsMg%2B7G43WzYCWXJ%2FOCwhzykSz8m0Ur8mjNXLv2MMzlc9%2BLIp56Aju4CN9henQbCaB96%2BhuY3IRvP2rmwiBx86tYrrUi3TlO90h8w%3D%3D"}]}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
238 B 185ms
136ms Script
application/javascript 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=nv0r6&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.recordedfuture.com%2Fexploit-kits-delivering-malware%2F

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 109
pragma: no-cache
last-modified: Wed, 27 Jan 2021 15:27:28 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: f98b8030c73306965bfe9bdf06000f37
x-transaction: 00d1e2d700d068ba
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
652 B 185ms
135ms Script
application/javascript 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=nv0r6&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.recordedfuture.com%2Fexploit-kits-delivering-malware%2F

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/oct.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 108
pragma: no-cache
last-modified: Wed, 27 Jan 2021 15:27:28 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: f98b8030c73306965bfe9bdf06000f37
x-transaction: 00558f9800c8858e
expires: Tue, 31 Mar 1981 05:00:00 GMT

POST
H2 200 / Show response
sumo.com/api/load/ 964 B
1 KB 1106ms
428ms XHR
application/json 52.38.14.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumo.com/api/load/

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/73.7e831236a32d6086ab3e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.38.14.212 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-38-14-212.us-west-2.compute.amazonaws.com

Software

nginx/1.14.1 /

Resource Hash

025c46126acdda0157b9a69f0fbd5e7eacdfa4c44aab8af89d09977643083397

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 27 Jan 2021 15:27:29 GMT
vary: Origin, Accept-Encoding
server: nginx/1.14.1
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.recordedfuture.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
content-length: 964

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
373 B 30ms
29ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=12&aij=%5B%22a7fb8b5c-b14d-4030-a76d-26dbc96ab43b%22%2C%222e21fef8-db34-4568-83d3-81489939d16f%22%5D&rfc=8&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2978788718&v=1.1&a=252628&rcu=https%3A%2F%2Fwww.recordedfuture.com%2Fexploit-kits-delivering-malware%2F&pu=https%3A%2F%2Fwww.recordedfuture.com%2Fexploit-kits-delivering-malware%2F&t=Exploit+Kits%2C+Though+in+Decline%2C+Remain+Powerful+Tool+for+Delivering+Malware&cts=1611761248835&vi=06d14af4ff51bb153f0ab662870af7c6&nc=true&u=57501621.06d14af4ff51bb153f0ab662870af7c6.1611761248788.1611761248788.1611761248788.1&b=57501621.1.1611761248789

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:28 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 61837f7d39aa05fd-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
content-length: 45
cf-request-id: 07e60e0242000005fd770a1000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9PdOhZvUVcIDimCLzmh4CnxYyIcFGONFO7fMooBs4wJw2zjeB4nHuWDgcMSAeyj745nbl9op0SIQ2E6pT04Yo3Zy3i0GGif96qOSd1KABFdKfOu3V7Qppg%2FkA0%2BVMA%3D%3D"}]}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
469 B 27ms
27ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=12&aij=%5B%229210833d-34a7-4597-ade0-03e16dcbc24c%22%2C%22bfb042c4-2edc-4f3e-b748-d104f601ac33%22%5D&rfc=8&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2978788718&v=1.1&a=252628&rcu=https%3A%2F%2Fwww.recordedfuture.com%2Fexploit-kits-delivering-malware%2F&pu=https%3A%2F%2Fwww.recordedfuture.com%2Fexploit-kits-delivering-malware%2F&t=Exploit+Kits%2C+Though+in+Decline%2C+Remain+Powerful+Tool+for+Delivering+Malware&cts=1611761248837&vi=06d14af4ff51bb153f0ab662870af7c6&nc=true&u=57501621.06d14af4ff51bb153f0ab662870af7c6.1611761248788.1611761248788.1611761248788.1&b=57501621.1.1611761248789

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:28 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 61837f7d39c405fd-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
content-length: 45
cf-request-id: 07e60e0248000005fde88d5000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jiu1RIlNRZbJyFUGjo4Q32iGDbFkOkkNnnPj0sGiKeW%2F6U2vPZbo9A0KFaAl629Gw7ShSYfiGCoNuw4juqZ9Vg7lY45CL1DeWTdLhF4ctvvDWyAN8PRC5FSAs11wrg%3D%3D"}]}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 cta-loaded.js Show response
cta-service-cms2.hubspot.com/ctas/v2/public/cs/ 0
372 B 33ms
33ms Script
text/plain 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/ctas/v2/public/cs/cta-loaded.js?pid=252628&pg=a7fb8b5c-b14d-4030-a76d-26dbc96ab43b&lt=1611761247851&dt=1611761248792&at=1611761248845&ae=1&sl=1&an=1

Requested by

Host: js.hscta.net
URL: https://js.hscta.net/cta/current.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:28 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
x-trace: 2BF0E5621C34FAEAE57813FEDFF5436788E049E493000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IZN3P5hxg%2Fdbu5equS4bOXIPBtU%2Fw3Dbsajd62sU%2BgASoX6ynVwFviKs9Lufs%2FV%2BxMcR%2FJip3hTwGeojumxo%2Bugzn2PgDryi6E4U6UJk8Fn45%2Fvu4uJ5yL9n%2BQEV%2Fehxdc6MnmhFgfjJ"}]}
cache-control: no-cache, no-store, no-transform, max-age=0
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 61837f7d4a0d05fd-FRA
cf-request-id: 07e60e0251000005fdc697d000000001
x-robots-tag: noindex, follow

GET
H2 206 Download%20Our%20Free%20Browser%20Extension%20-%20350x300.mp4
go.recordedfuture.com/hubfs/video/ 302 KB
0 153ms
104ms Media
video/mp4 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://go.recordedfuture.com/hubfs/video/Download%20Our%20Free%20Browser%20Extension%20-%20350x300.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.254 , Canada, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.recordedfuture.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 27 Jan 2021 15:27:28 GMT
via: 1.1 630336d6cdf08cf266841fd503dc03d0.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-meta-cache-tag: F-40627856511,FD-40644989410,P-252628,FLS-ALL
age: 672265
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
cf-ray: 61837f7daa329c09-AMS
edge-cache-tag: F-40627856511,FD-40644989410,P-252628,FLS-ALL
x-amz-meta-index-tag: all
x-amz-replication-status: COMPLETED
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
x-amz-request-id: BQ2R5G0NEQ8G0XAP
cf-request-id: 07e60e028600009c090e9c7000000001
Content-Range: bytes 0-4269036/4269037
last-modified: Tue, 12 Jan 2021 21:06:09 GMT
server: cloudflare
etag: "00a848b44bdd5610587cef8a45019e4e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-meta-created-unix-time-millis: 1610485568833
content-type: video/mp4
x-amz-id-2: SnbTxVOOYXk76j98Lt5qrRPCVkamOOldYQVNRe+zaxi8pXh92eMKXFCGlfIDwlwwS4xTI+DsnbI=
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: 79LGqSd8FimGTolASEfBxka7OKPTvU04
x-amz-cf-pop: AMS54-C1
Content-Length: 4269037
x-robots-tag: all
x-amz-cf-id: _MGfK2c4p_KOu-Op_wKBpbXMEz3bLKcOlZqP6WzAV6s0ngWpUFzneA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11

GET
H2 200 cta-loaded.js Show response
cta-service-cms2.hubspot.com/ctas/v2/public/cs/ 0
472 B 30ms
30ms Script
text/plain 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/ctas/v2/public/cs/cta-loaded.js?pid=252628&pg=9210833d-34a7-4597-ade0-03e16dcbc24c&lt=1611761247848&dt=1611761248791&at=1611761248849&ae=1&sl=1&an=1

Requested by

Host: js.hscta.net
URL: https://js.hscta.net/cta/current.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:28 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
x-trace: 2B792B051C2DBE476623F63DC6192F542A7DE9FF6B000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hlkdQQ9Zu7z9ZIi0mS676HLmz%2BbGq9Vobw8ZUAExq%2Bq0Z4nTCWDKefHMHn84KP2od%2BDB8zeWmNPRKpiD8jDxjwNspzB7gtctkWyKWNRZJ0KVpsxRWD0es%2Be4ecdW1FPAPtqbsGRLuKuN"}]}
cache-control: no-cache, no-store, no-transform, max-age=0
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 61837f7d4a1105fd-FRA
cf-request-id: 07e60e0252000005fdd101d000000001
x-robots-tag: noindex, follow

GET
H2 206 Be%20In%20The%20Know%20-%201000x150.mp4
go.recordedfuture.com/hubfs/video/ 339 KB
0 101ms
53ms Media
video/mp4 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://go.recordedfuture.com/hubfs/video/Be%20In%20The%20Know%20-%201000x150.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.254 , Canada, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.recordedfuture.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 27 Jan 2021 15:27:28 GMT
via: 1.1 2e0227ef3f0af98f7b4e1f8452f59f84.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-meta-cache-tag: F-40645593741,FD-40644989410,P-252628,FLS-ALL
age: 672265
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
cf-ray: 61837f7daa339c09-AMS
edge-cache-tag: F-40645593741,FD-40644989410,P-252628,FLS-ALL
x-amz-meta-index-tag: all
x-amz-replication-status: COMPLETED
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
x-amz-request-id: 8D494E7296990CA5
cf-request-id: 07e60e028600009c0910a9b000000001
Content-Range: bytes 0-4182721/4182722
last-modified: Tue, 12 Jan 2021 21:56:20 GMT
server: cloudflare
etag: "7e96f071cd2d83e5b7ed23b469d79a6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-meta-created-unix-time-millis: 1610488579540
content-type: video/mp4
x-amz-id-2: 7ECKbsHlQSWX5zl4q+sXLi0r9phG0AvyxlahXDCsauObU8BVoglgNoWzHT7Tmi8gGk3Ju4W0T0A=
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: csscr0TOmaPgfBrU9ZjgdZG283D4s.x.
x-amz-cf-pop: AMS54-C1
Content-Length: 4182722
x-robots-tag: all
x-amz-cf-id: mba0zHmNzxQy9QcIczEnPr9o00-wTHJCodTtpVwO2Oe1Xm3aPi2IoQ==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11

GET
H/1.1 200
OK da2b64f2d4 Show response
bam.nr-data.net/1/ 57 B
275 B 699ms
338ms Script
text/javascript 162.247.242.20
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/da2b64f2d4?a=155511080&v=1194.94d5a62&to=ZVxUY0UAD0AEAENQClwWd1RDCA5dShBeVwJeXA%3D%3D&rst=2972&ck=1&ref=https://www.recordedfuture.com/exploit-kits-delivering-malware/&ap=357&be=1629&fe=2886&dc=2095&perf=%7B%22timing%22:%7B%22of%22:1611761245894,%22n%22:0,%22r%22:0,%22re%22:722,%22f%22:722,%22dn%22:722,%22dne%22:722,%22c%22:722,%22ce%22:722,%22rq%22:723,%22rp%22:1538,%22rpe%22:1643,%22dl%22:1541,%22di%22:2002,%22ds%22:2094,%22de%22:2122,%22dc%22:2879,%22l%22:2885,%22le%22:2909%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fp=1935&fcp=2328&at=SRtXFQ0aHE4%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1194.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.20 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-8.nr-data.net
Software: /
Resource Hash: f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 57
Content-Type: text/javascript;charset=ISO-8859-1

GET
H2 206 Download%20Our%20Free%20Browser%20Extension%20-%20350x300.mp4
go.recordedfuture.com/hubfs/video/ 290 KB
0 290ms
289ms Media
video/mp4 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://go.recordedfuture.com/hubfs/video/Download%20Our%20Free%20Browser%20Extension%20-%20350x300.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.254 , Canada, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.recordedfuture.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=294912-

Response headers

date: Wed, 27 Jan 2021 15:27:29 GMT
via: 1.1 630336d6cdf08cf266841fd503dc03d0.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-meta-cache-tag: F-40627856511,FD-40644989410,P-252628,FLS-ALL
age: 672266
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
cf-ray: 61837f802c1c9c09-AMS
edge-cache-tag: F-40627856511,FD-40644989410,P-252628,FLS-ALL
x-amz-meta-index-tag: all
x-amz-replication-status: COMPLETED
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
x-amz-request-id: BQ2R5G0NEQ8G0XAP
cf-request-id: 07e60e041e00009c091c38f000000001
Content-Range: bytes 294912-4269036/4269037
last-modified: Tue, 12 Jan 2021 21:06:09 GMT
server: cloudflare
etag: "00a848b44bdd5610587cef8a45019e4e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-meta-created-unix-time-millis: 1610485568833
content-type: video/mp4
x-amz-id-2: SnbTxVOOYXk76j98Lt5qrRPCVkamOOldYQVNRe+zaxi8pXh92eMKXFCGlfIDwlwwS4xTI+DsnbI=
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: 79LGqSd8FimGTolASEfBxka7OKPTvU04
x-amz-cf-pop: AMS54-C1
Content-Length: 3974125
x-robots-tag: all
x-amz-cf-id: _MGfK2c4p_KOu-Op_wKBpbXMEz3bLKcOlZqP6WzAV6s0ngWpUFzneA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11

GET
H2 206 Download%20Our%20Free%20Browser%20Extension%20-%20350x300.mp4
go.recordedfuture.com/hubfs/video/ 606 KB
0 74ms
73ms Media
video/mp4 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://go.recordedfuture.com/hubfs/video/Download%20Our%20Free%20Browser%20Extension%20-%20350x300.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.254 , Canada, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.recordedfuture.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=589824-

Response headers

date: Wed, 27 Jan 2021 15:27:29 GMT
via: 1.1 630336d6cdf08cf266841fd503dc03d0.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-meta-cache-tag: F-40627856511,FD-40644989410,P-252628,FLS-ALL
age: 672266
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
cf-ray: 61837f80ac759c09-AMS
edge-cache-tag: F-40627856511,FD-40644989410,P-252628,FLS-ALL
x-amz-meta-index-tag: all
x-amz-replication-status: COMPLETED
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
x-amz-request-id: BQ2R5G0NEQ8G0XAP
cf-request-id: 07e60e046b00009c09128fa000000001
Content-Range: bytes 589824-4269036/4269037
last-modified: Tue, 12 Jan 2021 21:06:09 GMT
server: cloudflare
etag: "00a848b44bdd5610587cef8a45019e4e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-meta-created-unix-time-millis: 1610485568833
content-type: video/mp4
x-amz-id-2: SnbTxVOOYXk76j98Lt5qrRPCVkamOOldYQVNRe+zaxi8pXh92eMKXFCGlfIDwlwwS4xTI+DsnbI=
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: 79LGqSd8FimGTolASEfBxka7OKPTvU04
x-amz-cf-pop: AMS54-C1
Content-Length: 3679213
x-robots-tag: all
x-amz-cf-id: _MGfK2c4p_KOu-Op_wKBpbXMEz3bLKcOlZqP6WzAV6s0ngWpUFzneA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11

POST
H2 200 services Show response
sumo.com/ 83 KB
10 KB 216ms
216ms XHR
application/json 52.38.14.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumo.com/services

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/73.7e831236a32d6086ab3e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.38.14.212 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-38-14-212.us-west-2.compute.amazonaws.com

Software

nginx/1.14.1 /

Resource Hash

24131969a1406fd00e47b4c1654440ee1bb1ce2196057454f044d2d3f9e40aae

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
X-Sumo-Auth: SRyo59eHkt89UsqHicRJsuDp
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 27 Jan 2021 15:27:30 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
server: nginx/1.14.1
x-frame-options: SAMEORIGIN
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: https://www.recordedfuture.com
access-control-allow-credentials: true
content-type: application/json; charset=utf-8

OPTIONS
H2 204 services
sumo.com/ Frame 0
0 198ms
198ms Other 52.38.14.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sumo.com/services
Protocol: H2
Server: 52.38.14.212 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-38-14-212.us-west-2.compute.amazonaws.com
Software: nginx/1.14.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-sumo-auth
Origin: https://www.recordedfuture.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx/1.14.1
date: Wed, 27 Jan 2021 15:27:30 GMT
access-control-allow-origin: https://www.recordedfuture.com
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-headers: pragma, x-requested-with, accept, x-sumo-auth, x-sumo-token, content-type
access-control-max-age: 2592000

GET
H2 200 7.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 97 KB
33 KB 25ms
23ms Script
text/javascript 89.187.169.26
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/7.7e831236a32d6086ab3e.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.26 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-89-187-169-26.cdn77.com
Software: BunnyCDN-DE1-657 /
Resource Hash: c60b93effcbac344d2c30270e0d97323af0f64f43f3ac4d8abd486a875477169

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:30 GMT
content-encoding: br
cdn-edgestorageid: 657
x-amz-request-id: F859691E9ED263A9
cdn-cachedat: 2020-12-22 23:03:31
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: K3hEOy6Cd9jfQtS2pZFV+4mBPBd8UQ1UUOc4yiJappI92uerYl6g1C/IZPo6sjP+kNbvd1ef5gs=
access-control-allow-origin: *
last-modified: Tue, 22 Dec 2020 17:47:42 GMT
server: BunnyCDN-DE1-657
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 89fd1fd89c69ba6d121cb41bef34eaea
cdn-requestcountrycode: NL
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 4.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 5 KB
3 KB 41ms
39ms Script
text/javascript 89.187.169.26
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/4.7e831236a32d6086ab3e.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.26 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-89-187-169-26.cdn77.com
Software: BunnyCDN-DE1-657 /
Resource Hash: 3f351eef4b0a3ccd70ff9d4239851252a0a6eba79471e530f9deec0b3421d132

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:30 GMT
content-encoding: br
cdn-edgestorageid: 657
x-amz-request-id: A167BF33C4CF7698
cdn-cachedat: 2020-12-22 23:03:31
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: 5Qkpj+Nhoh2vhF03qLt+77b+0wbiJuuuWExP2cfeuOPdm6UOoxKYF426P62xpROkteITMmulIYE=
access-control-allow-origin: *
last-modified: Tue, 22 Dec 2020 17:47:19 GMT
server: BunnyCDN-DE1-657
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 48879631a1d4b28ae946a124f3ede247
cdn-requestcountrycode: NL
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 2.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 3 KB
2 KB 32ms
30ms Script
text/javascript 89.187.169.26
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/2.7e831236a32d6086ab3e.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.26 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-89-187-169-26.cdn77.com
Software: BunnyCDN-DE1-657 /
Resource Hash: 5dc9d61931a73fa03b59af510868b7e89e4523df5a53935212ca8a9b31af0b8d

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:30 GMT
content-encoding: br
cdn-edgestorageid: 657
x-amz-request-id: 5F004457B2949818
cdn-cachedat: 2020-12-22 23:03:31
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: tuWHJga/a8FAL3lDFr6lqMuy3SgWIqbsven3JinQAoLO65QlBhXRQz1PZIl4N2dyzWUlzF0dLG4=
access-control-allow-origin: *
last-modified: Tue, 22 Dec 2020 17:47:03 GMT
server: BunnyCDN-DE1-657
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 460fd4548369f803add20fab6f0a74e3
cdn-requestcountrycode: NL
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 10.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 11 KB
5 KB 33ms
31ms Script
text/javascript 89.187.169.26
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/10.7e831236a32d6086ab3e.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.26 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-89-187-169-26.cdn77.com
Software: BunnyCDN-DE1-657 /
Resource Hash: 4b6753aef2f81a4813434523b259d9d19f368ae41cd40162bf0897bc4e334cb9

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:30 GMT
content-encoding: br
cdn-edgestorageid: 657
x-amz-request-id: 54F9DA9DBF1BD656
cdn-cachedat: 2020-12-22 23:03:31
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: byRUIINRoXZMfoA8QTKRiZGHyeVN3xmDMkPGDY4HrQlo7OKnIwaIIL1NfqyUTbVmCLVizyxODDc=
access-control-allow-origin: *
last-modified: Tue, 22 Dec 2020 17:46:49 GMT
server: BunnyCDN-DE1-657
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 49a6eaaab3aaa2157b64c571dba49497
cdn-requestcountrycode: NL
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 22.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 92 KB
24 KB 39ms
38ms Script
text/javascript 89.187.169.26
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/22.7e831236a32d6086ab3e.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.26 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-89-187-169-26.cdn77.com
Software: BunnyCDN-DE1-657 /
Resource Hash: 4c2a0a41bdbc55f5d0f74f367110639cb7fe35122a7a140846d1395d21609a6d

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:30 GMT
content-encoding: br
cdn-edgestorageid: 657
x-amz-request-id: 061B55E118875C52
cdn-cachedat: 2020-12-22 23:03:31
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: /tl2HYu879eYW2AQI7viC+K8iaXjjGh58pxFFzzH/g/Q/U7OA9rK3B0n59zaf6IjDPJRlDA1Gno=
access-control-allow-origin: *
last-modified: Tue, 22 Dec 2020 17:47:05 GMT
server: BunnyCDN-DE1-657
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 013cc1d97bfd43c0744fef23d88d09de
cdn-requestcountrycode: NL
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 23.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 329 KB
93 KB 33ms
31ms Script
text/javascript 89.187.169.26
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/23.7e831236a32d6086ab3e.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.26 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-89-187-169-26.cdn77.com
Software: BunnyCDN-DE1-657 /
Resource Hash: 36aecd4542cf4c62f3d0b0517e0e560aabd649e4efcfce254a95c5adeb388a5c

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:30 GMT
content-encoding: br
cdn-edgestorageid: 657
x-amz-request-id: 09C8D4CB2C7D67A8
cdn-cachedat: 2020-12-22 23:03:31
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: OqMt0W3a74yhLBacIBaicxZcshfHGGQWL9K1zLs5ICBeW606s0N8u+11XBGQtA/yeUyASlmrwao=
access-control-allow-origin: *
last-modified: Tue, 22 Dec 2020 17:47:05 GMT
server: BunnyCDN-DE1-657
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 7d533251bd6853ddaa87c3b38502b714
cdn-requestcountrycode: NL
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 21.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 179 KB
50 KB 23ms
23ms Script
text/javascript 89.187.169.26
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/21.7e831236a32d6086ab3e.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.26 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-89-187-169-26.cdn77.com
Software: BunnyCDN-DE1-657 /
Resource Hash: 967ff48c41053bf7c36f819b71ee6b509bd9971857397d74b41c75acc5bd27ae

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:30 GMT
content-encoding: br
cdn-edgestorageid: 657
x-amz-request-id: 307ADBB7294B2DFE
cdn-cachedat: 2020-12-22 23:03:31
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: bMWCX5Q9MOJK17BPX1aY1wYhEC5qF5oxQvZAnknr5F9ZXzdeKvste1bQcME22lNFiC5fxJxDWY4=
access-control-allow-origin: *
last-modified: Tue, 22 Dec 2020 17:47:04 GMT
server: BunnyCDN-DE1-657
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: e4f95c5635f42800f65606aef8e6c07f
cdn-requestcountrycode: NL
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 64.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 1 KB
1 KB 23ms
22ms Script
text/javascript 89.187.169.26
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/64.7e831236a32d6086ab3e.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.26 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-89-187-169-26.cdn77.com
Software: BunnyCDN-DE1-657 /
Resource Hash: fe39eced72c33ae4c1b3bdd9843bc853265b9909040d41555faa02f62cb29ef2

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:30 GMT
content-encoding: br
cdn-edgestorageid: 657
x-amz-request-id: 10FCD35043852836
cdn-cachedat: 2020-12-22 23:03:31
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: /oyWHWckBd3/HqvDzeIIp+TdJI+YMAwlB//tifC3xbYs1Vuj24SDuEKBDERKSUwqzvSsmuMLcvE=
access-control-allow-origin: *
last-modified: Tue, 22 Dec 2020 17:47:39 GMT
server: BunnyCDN-DE1-657
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: d5228f7f31e498949cb88390bcf053d4
cdn-requestcountrycode: NL
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 0.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 5 KB
3 KB 25ms
23ms Script
text/javascript 89.187.169.26
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/0.7e831236a32d6086ab3e.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.26 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-89-187-169-26.cdn77.com
Software: BunnyCDN-DE1-657 /
Resource Hash: dd9c85c873b9b644468988e8165e079b0e747a550ce13fa3f7d0c1839b0fd503

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:30 GMT
content-encoding: br
cdn-edgestorageid: 657
x-amz-request-id: 6A8B733FA9B1B493
cdn-cachedat: 2020-12-22 23:03:34
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: Hqsu7TN6fMrKPsD1E9zf16KHsG/w3o/R72vgND8BTVgIdBhIwbO7/LzDO5s/ULgvLyj48W+Mqc4=
access-control-allow-origin: *
last-modified: Tue, 22 Dec 2020 17:46:48 GMT
server: BunnyCDN-DE1-657
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 7de7a58559d8c7decbf267712ac46e07
cdn-requestcountrycode: NL
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 1.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 1 KB
2 KB 24ms
23ms Script
text/javascript 89.187.169.26
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/1.7e831236a32d6086ab3e.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.26 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-89-187-169-26.cdn77.com
Software: BunnyCDN-DE1-657 /
Resource Hash: b5d439b0a1670a4a56384b0b48fcdfabef6e8a5124683f32c6913d1fe22e9563

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:30 GMT
content-encoding: br
cdn-edgestorageid: 657
x-amz-request-id: A6B81DA68A588696
cdn-cachedat: 2020-12-23 09:44:06
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: K7HQ+cH+l5ehF0xjoKFEAaNZkzoKLUN+5sFrF3amdeJ1AHr0EGErtIvOD3+skWnUw1KbgZ2HNEI=
access-control-allow-origin: *
last-modified: Tue, 22 Dec 2020 17:46:49 GMT
server: BunnyCDN-DE1-657
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 1f157fa280d130375911e7a1c097ece9
cdn-requestcountrycode: NL
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 3.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 5 KB
2 KB 25ms
24ms Script
text/javascript 89.187.169.26
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/3.7e831236a32d6086ab3e.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.26 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-89-187-169-26.cdn77.com
Software: BunnyCDN-DE1-657 /
Resource Hash: 9b9b439612eecd459a6edf2abfcf4ae252710e0069772b1b78c4970b3c0f1830

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:30 GMT
content-encoding: br
cdn-edgestorageid: 657
x-amz-request-id: 25661F930117147D
cdn-cachedat: 2020-12-23 09:44:06
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: dohOlXjTzyAZCekFsYDC5JgPoKuuG2cwC0lu715IbdYT33kzFxINoprA4tTj9edIzPXdH6QiI/U=
access-control-allow-origin: *
last-modified: Tue, 22 Dec 2020 17:47:11 GMT
server: BunnyCDN-DE1-657
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 056f30008d311bf447471de543e0529f
cdn-requestcountrycode: NL
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 11.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 438 KB
128 KB 25ms
24ms Script
text/javascript 89.187.169.26
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/11.7e831236a32d6086ab3e.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.26 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-89-187-169-26.cdn77.com
Software: BunnyCDN-DE1-657 /
Resource Hash: a73a98563485541039998520eaa3f1b8475e8da1f9ae414a74c73df0d5f24f8a

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:30 GMT
content-encoding: br
cdn-edgestorageid: 657
x-amz-request-id: A72818638DD6FBEE
cdn-cachedat: 2020-12-23 09:44:06
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: b31DEDUzXTR1K7UAcb4r7jkpr0XyZeCLUvFL8R8fP1I2KDQ7i+brRAjjxpuknEhv4RlkHxQjwHM=
access-control-allow-origin: *
last-modified: Tue, 22 Dec 2020 17:46:55 GMT
server: BunnyCDN-DE1-657
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: f106850380c597622bc770ed5cb17500
cdn-requestcountrycode: NL
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 15.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 711 KB
52 KB 31ms
30ms Script
text/javascript 89.187.169.26
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/15.7e831236a32d6086ab3e.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.26 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-89-187-169-26.cdn77.com
Software: BunnyCDN-DE1-657 /
Resource Hash: e146694637c659ec76a75f2f92253956460decf38696b9f77d825dde8308efaa

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:30 GMT
content-encoding: br
cdn-edgestorageid: 657
x-amz-request-id: AE5E7C512FD3407D
cdn-cachedat: 2020-12-23 09:44:06
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: 7iN5zZ3cRNjaeStCRnsn3uPWcQmlNvnJOjB+5fBY8dcwWCXFvCVrci4mVPdGuSgaQ3/kpTzdAr8=
access-control-allow-origin: *
last-modified: Tue, 22 Dec 2020 17:46:59 GMT
server: BunnyCDN-DE1-657
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 6cd7267bf215537617fd4bd17be8e774
cdn-requestcountrycode: NL
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 96.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 1 MB
77 KB 33ms
32ms Script
text/javascript 89.187.169.26
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/96.7e831236a32d6086ab3e.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.26 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-89-187-169-26.cdn77.com
Software: BunnyCDN-DE1-657 /
Resource Hash: 535f84cffe4a18de721d24bd0f6a46f059068d48daf2327d143e0397431cbb14

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:30 GMT
content-encoding: br
cdn-edgestorageid: 657
x-amz-request-id: 9C4B81F5FC377875
cdn-cachedat: 2020-12-22 23:03:34
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: 5ILfVuMPlNuenXZVTGQ1husa7vQ1S6lKZQ8WK7uP+E3WniEXMdhcmDJdPnbtLUvsBVMAAEzqAwg=
access-control-allow-origin: *
last-modified: Tue, 22 Dec 2020 17:48:03 GMT
server: BunnyCDN-DE1-657
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 61b866eb841bd3b15d282991331482a1
cdn-requestcountrycode: NL
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 97.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 221 B
877 B 33ms
31ms Script
text/javascript 89.187.169.26
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/97.7e831236a32d6086ab3e.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.26 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-89-187-169-26.cdn77.com
Software: BunnyCDN-DE1-657 /
Resource Hash: 71b3e9761dec1834f8152f030e564ed3ccee88e6f133764557faadbebf869c2d

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:30 GMT
content-encoding: br
cdn-edgestorageid: 657
x-amz-request-id: 54FD9AD96143FD9B
cdn-cachedat: 2020-12-22 23:03:34
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: QicD+MLio5kuU2UPUl0g1uaf/PZM85gnKfBZWfCRELLys/OX2LFf0YRy8zCBPdBCqY7id8qG2Rg=
access-control-allow-origin: *
last-modified: Tue, 22 Dec 2020 17:48:04 GMT
server: BunnyCDN-DE1-657
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 48674fa964134e9563f13fd9c982f5b1
cdn-requestcountrycode: NL
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 css
fonts.googleapis.com/ 21 KB
1 KB 16ms
16ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,200,300,400,500,600,700,800

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4956068b2f2c2f14c6dd7fb409b7e5a22ab4a41b45c9ad683bc0f77c5853ffba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 27 Jan 2021 15:06:12 GMT
server: ESF
date: Wed, 27 Jan 2021 15:27:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 27 Jan 2021 15:27:30 GMT

OPTIONS
H2 200 rpc
clients6.google.com/ Frame 0
0 35ms
15ms Other
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://clients6.google.com/rpc?key=AIzaSyCKSbrvQasunBoV16zDH9R33D88CeLr9gQ

Protocol

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.recordedfuture.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://www.recordedfuture.com
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,PATCH,POST,PUT
access-control-max-age: 3600
access-control-allow-headers: content-type
content-type: text/plain; charset=UTF-8
vary: Origin X-Origin
date: Wed, 27 Jan 2021 15:27:30 GMT
expires: Wed, 27 Jan 2021 15:27:30 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 0
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 / Show response
graph.facebook.com/ 251 B
634 B 40ms
27ms Script
text/javascript 2a03:2880:f01c:800e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?id=https%3A%2F%2Fwww.recfut.com%2Fexploit-kits-delivering-malware%2F&callback=jQuery110200778350297692727_1611761248168&_=1611761248169

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/73.7e831236a32d6086ab3e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:800e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9fdc75d9b87e9b08d1e74e5b8394bce92d3afff32c6b34b337f3120860e548ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
www-authenticate: OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
x-fb-rev: 1003227938
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 191
pragma: no-cache
x-fb-debug: K0fFoCd7uIE13633e6Lbs0aBfM10WmYFdjXCHW3ZJ5tVAL406MvL7W1lbucAr7Re2PyCVidFPTzKBtx+1voMgA==
x-fb-trace-id: DKhZ4oIecBu
date: Wed, 27 Jan 2021 15:27:30 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: ArMeQARtkOJakbP6pXdu_yt
cache-control: no-store
facebook-api-version: v3.2
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 links.getStats Show response
api.facebook.com/method/ 420 B
618 B 37ms
23ms Script
text/javascript 2a03:2880:f01c:800e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://api.facebook.com/method/links.getStats?urls=https%3A%2F%2Fwww.recfut.com%2Fexploit-kits-delivering-malware%2F&format=json&callback=jQuery110200778350297692727_1611761248170&_=1611761248171

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/73.7e831236a32d6086ab3e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:800e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3efda3e9de70e536aaa4491c806a108e13e381be23f673888fb74573e5aa3e93

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
x-fb-debug: tmv/RX1OSDj/HDFbRTF2wDY7QaGLIxrVhYc/VPUDbtbGVcAFHA/sqjxedcy89gJ8IEbh2wgfa+fQd1r1blgGEA==
content-encoding: br
vary: Accept-Encoding
x-fb-trace-id: BIp4ET/wKQp
date: Wed, 27 Jan 2021 15:27:30 GMT
strict-transport-security: max-age=15552000; preload
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
x-fb-request-id: AxI1mGhfAHVbE1SqksigmWY
cache-control: private, no-cache, no-store, must-revalidate
x-fb-rev: 1003227938
facebook-api-version: v3.2
content-length: 256
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST rpc
clients6.google.com/ 0
0

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c36eb9f49a231993fa4ead31474f6ba49fbba5b2b8630a6d0abb64b3740226c1

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13e9741d8619b07a7e0779171ec4a35d0ee8dad0592a65088f9d3f31af274d43

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c40f13cd1c3c7338bab7aa23cd5d7b197c79a9cd96ccca801f8937767f67642

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 css
fonts.googleapis.com/ 21 KB
1 KB 15ms
15ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,200,300,400,500,600,700,800

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4956068b2f2c2f14c6dd7fb409b7e5a22ab4a41b45c9ad683bc0f77c5853ffba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 27 Jan 2021 14:28:14 GMT
server: ESF
date: Wed, 27 Jan 2021 15:27:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 27 Jan 2021 15:27:30 GMT

OPTIONS
H2 204 features
sumo.com/api/site/2133ca9a16479c4dd1535bd17a570d58daffb34f52c68550c9ac43651c6e101c/ Frame 0
0 190ms
189ms Other 52.38.14.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sumo.com/api/site/2133ca9a16479c4dd1535bd17a570d58daffb34f52c68550c9ac43651c6e101c/features?site_id=2133ca9a16479c4dd1535bd17a570d58daffb34f52c68550c9ac43651c6e101c
Protocol: H2
Server: 52.38.14.212 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-38-14-212.us-west-2.compute.amazonaws.com
Software: nginx/1.14.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-sumo-auth
Origin: https://www.recordedfuture.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx/1.14.1
date: Wed, 27 Jan 2021 15:27:30 GMT
access-control-allow-origin: https://www.recordedfuture.com
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-headers: pragma, x-requested-with, accept, x-sumo-auth, x-sumo-token, content-type
access-control-max-age: 2592000

OPTIONS
H2 204 features
sumo.com/api/site/2133ca9a16479c4dd1535bd17a570d58daffb34f52c68550c9ac43651c6e101c/ Frame 0
0 190ms
189ms Other 52.38.14.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sumo.com/api/site/2133ca9a16479c4dd1535bd17a570d58daffb34f52c68550c9ac43651c6e101c/features?site_id=2133ca9a16479c4dd1535bd17a570d58daffb34f52c68550c9ac43651c6e101c
Protocol: H2
Server: 52.38.14.212 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-38-14-212.us-west-2.compute.amazonaws.com
Software: nginx/1.14.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-sumo-auth
Origin: https://www.recordedfuture.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx/1.14.1
date: Wed, 27 Jan 2021 15:27:30 GMT
access-control-allow-origin: https://www.recordedfuture.com
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-headers: pragma, x-requested-with, accept, x-sumo-auth, x-sumo-token, content-type
access-control-max-age: 2592000

GET
H2 200 features Show response
sumo.com/api/site/2133ca9a16479c4dd1535bd17a570d58daffb34f52c68550c9ac43651c6e101c/ 3 KB
1 KB 195ms
194ms XHR
application/json 52.38.14.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumo.com/api/site/2133ca9a16479c4dd1535bd17a570d58daffb34f52c68550c9ac43651c6e101c/features?site_id=2133ca9a16479c4dd1535bd17a570d58daffb34f52c68550c9ac43651c6e101c

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/73.7e831236a32d6086ab3e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.38.14.212 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-38-14-212.us-west-2.compute.amazonaws.com

Software

nginx/1.14.1 /

Resource Hash

48ed0b05d91e59d7ac7cbc6543cd30b2b3e2aa7bac9b06f3b0f261c9db69a266

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-Sumo-Auth: undefined

Response headers

date: Wed, 27 Jan 2021 15:27:30 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
server: nginx/1.14.1
etag: "-1529360806"
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.recordedfuture.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow

GET
H2 200 features Show response
sumo.com/api/site/2133ca9a16479c4dd1535bd17a570d58daffb34f52c68550c9ac43651c6e101c/ 3 KB
1 KB 194ms
193ms XHR
application/json 52.38.14.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumo.com/api/site/2133ca9a16479c4dd1535bd17a570d58daffb34f52c68550c9ac43651c6e101c/features?site_id=2133ca9a16479c4dd1535bd17a570d58daffb34f52c68550c9ac43651c6e101c

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/73.7e831236a32d6086ab3e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.38.14.212 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-38-14-212.us-west-2.compute.amazonaws.com

Software

nginx/1.14.1 /

Resource Hash

48ed0b05d91e59d7ac7cbc6543cd30b2b3e2aa7bac9b06f3b0f261c9db69a266

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-Sumo-Auth: undefined

Response headers

date: Wed, 27 Jan 2021 15:27:30 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
server: nginx/1.14.1
etag: "-1529360806"
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.recordedfuture.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow

GET
H2 200 features Show response
sumo.com/api/site/2133ca9a16479c4dd1535bd17a570d58daffb34f52c68550c9ac43651c6e101c/ 3 KB
1 KB 201ms
200ms XHR
application/json 52.38.14.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumo.com/api/site/2133ca9a16479c4dd1535bd17a570d58daffb34f52c68550c9ac43651c6e101c/features?site_id=2133ca9a16479c4dd1535bd17a570d58daffb34f52c68550c9ac43651c6e101c

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/73.7e831236a32d6086ab3e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.38.14.212 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-38-14-212.us-west-2.compute.amazonaws.com

Software

nginx/1.14.1 /

Resource Hash

48ed0b05d91e59d7ac7cbc6543cd30b2b3e2aa7bac9b06f3b0f261c9db69a266

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-Sumo-Auth: undefined

Response headers

date: Wed, 27 Jan 2021 15:27:30 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
server: nginx/1.14.1
etag: "-1529360806"
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.recordedfuture.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow

OPTIONS
H2 204 features
sumo.com/api/site/2133ca9a16479c4dd1535bd17a570d58daffb34f52c68550c9ac43651c6e101c/ Frame 0
0 190ms
190ms Other 52.38.14.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sumo.com/api/site/2133ca9a16479c4dd1535bd17a570d58daffb34f52c68550c9ac43651c6e101c/features?site_id=2133ca9a16479c4dd1535bd17a570d58daffb34f52c68550c9ac43651c6e101c
Protocol: H2
Server: 52.38.14.212 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-38-14-212.us-west-2.compute.amazonaws.com
Software: nginx/1.14.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-sumo-auth
Origin: https://www.recordedfuture.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx/1.14.1
date: Wed, 27 Jan 2021 15:27:30 GMT
access-control-allow-origin: https://www.recordedfuture.com
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-headers: pragma, x-requested-with, accept, x-sumo-auth, x-sumo-token, content-type
access-control-max-age: 2592000

GET
H2 200 /
sumo.com/api/event/ 2 B
151 B 555ms
182ms Image
text/plain 52.38.14.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sumo.com/api/event/?site_id=2133ca9a16479c4dd1535bd17a570d58daffb34f52c68550c9ac43651c6e101c&app_id=156085c5-0017-4150-b225-a731ad248f38&shortcut_id=&visitor_id=c7728320e77092670bc2005722bcbb9ccdd839c9b3054eb81d1d40c7511f1ffe&event=popup&href=https%3A%2F%2Fwww.recordedfuture.com%2Fexploit-kits-delivering-malware%2F&ref=&cache=0.9306001625458891

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.38.14.212 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-38-14-212.us-west-2.compute.amazonaws.com

Software

nginx/1.14.1 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:31 GMT
vary: Accept-Encoding
server: nginx/1.14.1
etag: "-684271315"
x-frame-options: SAMEORIGIN
content-type: text/plain
x-robots-tag: noindex, nofollow
content-length: 2

GET
H2 200 /
sumo.com/api/event/ 2 B
150 B 556ms
183ms Image
text/plain 52.38.14.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sumo.com/api/event/?site_id=2133ca9a16479c4dd1535bd17a570d58daffb34f52c68550c9ac43651c6e101c&app_id=156085c5-0017-4150-b225-a731ad248f38.6d5fa3dda5baf5bbc1954aef22323df7598fd7f5cece3b8aaf20ed0fb8da65cd&shortcut_id=&visitor_id=c7728320e77092670bc2005722bcbb9ccdd839c9b3054eb81d1d40c7511f1ffe&event=popup&href=https%3A%2F%2Fwww.recordedfuture.com%2Fexploit-kits-delivering-malware%2F&ref=&cache=0.014846286905177086

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.38.14.212 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-38-14-212.us-west-2.compute.amazonaws.com

Software

nginx/1.14.1 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:31 GMT
vary: Accept-Encoding
server: nginx/1.14.1
etag: "-684271315"
x-frame-options: SAMEORIGIN
content-type: text/plain
x-robots-tag: noindex, nofollow
content-length: 2

GET
H2 200 /
sumo.com/api/event/ 2 B
150 B 555ms
183ms Image
text/plain 52.38.14.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sumo.com/api/event/?site_id=2133ca9a16479c4dd1535bd17a570d58daffb34f52c68550c9ac43651c6e101c&app_id=156085c5-0017-4150-b225-a731ad248f38.22209524b0515a91def4fb7a305b566298f654b2c285faef86db943f543f98d6&shortcut_id=&visitor_id=c7728320e77092670bc2005722bcbb9ccdd839c9b3054eb81d1d40c7511f1ffe&event=popup&href=https%3A%2F%2Fwww.recordedfuture.com%2Fexploit-kits-delivering-malware%2F&ref=&cache=0.0632934559920506

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.38.14.212 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-38-14-212.us-west-2.compute.amazonaws.com

Software

nginx/1.14.1 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:31 GMT
vary: Accept-Encoding
server: nginx/1.14.1
etag: "-684271315"
x-frame-options: SAMEORIGIN
content-type: text/plain
x-robots-tag: noindex, nofollow
content-length: 2

GET
H2 200 /
sumo.com/api/event/ 2 B
150 B 556ms
183ms Image
text/plain 52.38.14.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sumo.com/api/event/?site_id=2133ca9a16479c4dd1535bd17a570d58daffb34f52c68550c9ac43651c6e101c&app_id=156085c5-0017-4150-b225-a731ad248f38.6d5fa3dda5baf5bbc1954aef22323df7598fd7f5cece3b8aaf20ed0fb8da65cd.22209524b0515a91def4fb7a305b566298f654b2c285faef86db943f543f98d6&shortcut_id=&visitor_id=c7728320e77092670bc2005722bcbb9ccdd839c9b3054eb81d1d40c7511f1ffe&event=popup&href=https%3A%2F%2Fwww.recordedfuture.com%2Fexploit-kits-delivering-malware%2F&ref=&cache=0.5628870147745342

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.38.14.212 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-38-14-212.us-west-2.compute.amazonaws.com

Software

nginx/1.14.1 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:31 GMT
vary: Accept-Encoding
server: nginx/1.14.1
etag: "-684271315"
x-frame-options: SAMEORIGIN
content-type: text/plain
x-robots-tag: noindex, nofollow
content-length: 2

GET
DATA 200
OK truncated
/ 44 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 90 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 38 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 4720b373859b04afd757651cd6d7fb201973415db9d188b41026f6b394d52c88
media.sumo.com/ 586 B
1 KB 83ms
25ms Image
image/svg+xml 185.59.220.197
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.sumo.com/4720b373859b04afd757651cd6d7fb201973415db9d188b41026f6b394d52c88
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.197 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: BunnyCDN-DE1-487 /
Resource Hash: d8282c6a4c6ca3d158d75674d00345a50cee1cef971be4017cf4d15be8428f1c

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:31 GMT
content-encoding: br
cdn-edgestorageid: 487
x-amz-request-id: 97BCA3BEC88AB3BD
cdn-cachedat: 2020-12-08 17:27:11
cdn-pullzone: 50990
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: 35T7au+9KTOaZDx6d+liaA15TFwA4ET2eGpuPOXeTu9zSmcBMNVd0lO5XWKRHJxg8wXIB8YXH1o=
access-control-allow-origin: *
last-modified: Thu, 11 Aug 2016 16:48:17 GMT
server: BunnyCDN-DE1-487
vary: Accept-Encoding
content-type: image/svg+xml
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: public, max-age=2592000
cdn-requestid: e443163fab14d19dafcec75061a1680a
cdn-requestcountrycode: NL
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 4720b373859b04afd757651cd6d7fb201973415db9d188b41026f6b394d52c88 Show response
media.sumo.com/ 586 B
1 KB 82ms
22ms XHR
image/svg+xml 185.59.220.197
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://media.sumo.com/4720b373859b04afd757651cd6d7fb201973415db9d188b41026f6b394d52c88
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/73.7e831236a32d6086ab3e.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.197 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: BunnyCDN-DE1-487 /
Resource Hash: d8282c6a4c6ca3d158d75674d00345a50cee1cef971be4017cf4d15be8428f1c

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:31 GMT
content-encoding: br
cdn-edgestorageid: 487
x-amz-request-id: 97BCA3BEC88AB3BD
cdn-cachedat: 2020-12-08 17:27:11
cdn-pullzone: 50990
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: 35T7au+9KTOaZDx6d+liaA15TFwA4ET2eGpuPOXeTu9zSmcBMNVd0lO5XWKRHJxg8wXIB8YXH1o=
access-control-allow-origin: *
last-modified: Thu, 11 Aug 2016 16:48:17 GMT
server: BunnyCDN-DE1-487
vary: Accept-Encoding
content-type: image/svg+xml
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: public, max-age=2592000
cdn-requestid: b2d55bc57946a98ffe25689538a6b52f
cdn-requestcountrycode: NL
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 4720b373859b04afd757651cd6d7fb201973415db9d188b41026f6b394d52c88
media.sumo.com/ 586 B
1 KB 79ms
25ms Image
image/svg+xml 185.59.220.197
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.sumo.com/4720b373859b04afd757651cd6d7fb201973415db9d188b41026f6b394d52c88
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.197 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: BunnyCDN-DE1-487 /
Resource Hash: d8282c6a4c6ca3d158d75674d00345a50cee1cef971be4017cf4d15be8428f1c

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:27:31 GMT
content-encoding: br
cdn-edgestorageid: 487
x-amz-request-id: 97BCA3BEC88AB3BD
cdn-cachedat: 2020-12-08 17:27:11
cdn-pullzone: 50990
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: 35T7au+9KTOaZDx6d+liaA15TFwA4ET2eGpuPOXeTu9zSmcBMNVd0lO5XWKRHJxg8wXIB8YXH1o=
access-control-allow-origin: *
last-modified: Thu, 11 Aug 2016 16:48:17 GMT
server: BunnyCDN-DE1-487
vary: Accept-Encoding
content-type: image/svg+xml
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: public, max-age=2592000
cdn-requestid: 85ac8ebbcb670eee7fb24347ae8bdf29
cdn-requestcountrycode: NL
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

POST
H/1.1 200
OK da2b64f2d4 Show response
bam.nr-data.net/events/1/ 24 B
189 B 119ms
118ms XHR
image/gif 162.247.242.20
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/da2b64f2d4?a=155511080&v=1194.94d5a62&to=ZVxUY0UAD0AEAENQClwWd1RDCA5dShBeVwJeXA%3D%3D&rst=12973&ck=1&ref=https://www.recordedfuture.com/exploit-kits-delivering-malware/
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1194.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.20 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-8.nr-data.net
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.recordedfuture.com
Access-Control-Allow-Credentials: true
Content-Length: 24
Content-Type: image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: clients6.google.com
URL: https://clients6.google.com/rpc?key=AIzaSyCKSbrvQasunBoV16zDH9R33D88CeLr9gQ

Verdicts & Comments Add Verdict or Comment

149 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.recordedfuture.com/	1970-01-19 15:42:43	Name: __hssc Value: 57501621.1.1611761248789
www.recordedfuture.com/	1970-01-19 18:35:29	Name: nabParticipation Value: true%2C100
.recordedfuture.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.recordedfuture.com/	1970-01-20 01:04:17	Name: hubspotutk Value: 06d14af4ff51bb153f0ab662870af7c6
.recordedfuture.com/	1970-01-20 01:04:17	Name: __hstc Value: 57501621.06d14af4ff51bb153f0ab662870af7c6.1611761248788.1611761248788.1611761248788.1
.recordedfuture.com/	1970-01-19 15:42:41	Name: _gat_gtag_UA_9153858_2 Value: 1
www.recordedfuture.com/	1970-01-19 18:35:29	Name: nabExperimentsWithPageViews Value: %7B%7D
.recordedfuture.com/	1970-01-19 15:42:41	Name: _gat_UA-9153858-2 Value: 1
.recordedfuture.com/	1970-01-19 15:42:43	Name: __utmb Value: 93161374.1.10.1611761248
.recordedfuture.com/	1970-01-19 15:42:41	Name: __utmt_sfga Value: 1
.recordedfuture.com/	1970-01-19 20:05:29	Name: __utmz Value: 93161374.1611761248.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
www.recordedfuture.com/	1970-01-20 09:13:53	Name: _gd_svisitor Value: 56b3f7488d7a00005f861160fd02000032710000
.recordedfuture.com/	1970-01-19 17:52:17	Name: _fbp Value: fb.1.1611761248033.705320363
.recordedfuture.com/	1970-01-20 09:13:53	Name: _ga Value: GA1.2.1939048049.1611761248
www.recordedfuture.com/	1970-01-19 15:42:55	Name: _gd_session Value: 5d34cd76-66f3-4b04-8b05-14f01681e8a4
www.recordedfuture.com/	1970-01-20 09:13:53	Name: _gd_visitor Value: 6cd15308-558b-450e-87f4-2a0849d158a8
www.recordedfuture.com/	1970-01-19 15:52:46	Name: _an_uid Value: 0
www.recordedfuture.com/	1970-01-19 15:42:43	Name: drift_campaign_refresh Value: d92d5b38-cda4-4594-9042-79732cfc521d
.recordedfuture.com/	1970-01-19 16:25:53	Name: __cfduid Value: dd2cac7ba2ae784b43e6f3e59be17f7561611761245
www.recordedfuture.com/exploit-kits-delivering-malware	1970-01-19 16:25:53	Name: __smVID Value: c7728320e77092670bc2005722bcbb9ccdd839c9b3054eb81d1d40c7511f1ffe
www.recordedfuture.com/	1970-01-19 18:35:29	Name: nabAlternative Value: 23
.recordedfuture.com/	1969-12-31 23:59:59	Name: __utmc Value: 93161374
.recordedfuture.com/	1970-01-19 15:44:07	Name: _gid Value: GA1.2.1323827654.1611761248
.recordedfuture.com/	1970-01-20 09:13:53	Name: __utma Value: 93161374.1939048049.1611761248.1611761248.1611761248.1

19 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.recordedfuture.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1
console-api	warning	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: [Facebook Pixel] - Duplicate Pixel ID: 194163687656043.
console-api	log	URL: https://www.recordedfuture.com/exploit-kits-delivering-malware/(Line 886) Message: Tracking twitter
console-api	log	URL: https://load.sumo.com/73.7e831236a32d6086ab3e.js(Line 26) Message: Query variable %s not found sumotoken
console-api	log	URL: https://load.sumo.com/73.7e831236a32d6086ab3e.js(Line 1) Message: install sumo badge...
console-api	log	URL: https://load.sumo.com/73.7e831236a32d6086ab3e.js(Line 26) Message: Query variable %s not found sumopath
console-api	info	URL: https://load.sumo.com/73.7e831236a32d6086ab3e.js(Line 1) Message: CREATING SANDBOX FOR services/index/#services/index
console-api	info	URL: https://load.sumo.com/73.7e831236a32d6086ab3e.js(Line 1) Message: CREATING SANDBOX FOR 156085c5-0017-4150-b225-a731ad248f38/service/#156085c5-0017-4150-b225-a731ad248f38/service
console-api	log	URL: https://load.sumo.com/15.7e831236a32d6086ab3e.js(Line 1) Message: rendering share...
console-api	log	URL: https://load.sumo.com/15.7e831236a32d6086ab3e.js(Line 1) Message: rendering for desktop...
console-api	log	URL: https://load.sumo.com/11.7e831236a32d6086ab3e.js(Line 1) Message: style buffer update...
console-api	log	URL: https://load.sumo.com/15.7e831236a32d6086ab3e.js(Line 1) Message: buffer
console-api	log	URL: https://load.sumo.com/15.7e831236a32d6086ab3e.js(Line 1) Message: facebook
console-api	log	URL: https://load.sumo.com/15.7e831236a32d6086ab3e.js(Line 1) Message: facebooklike
console-api	log	URL: https://load.sumo.com/15.7e831236a32d6086ab3e.js(Line 1) Message: googleplus
console-api	log	URL: https://load.sumo.com/15.7e831236a32d6086ab3e.js(Line 1) Message: pinterest
console-api	log	URL: https://load.sumo.com/15.7e831236a32d6086ab3e.js(Line 1) Message: reddit
console-api	log	URL: https://load.sumo.com/15.7e831236a32d6086ab3e.js(Line 1) Message: yummly
console-api	log	URL: https://load.sumo.com/11.7e831236a32d6086ab3e.js(Line 1) Message: undefined

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
api.company-target.com
api.facebook.com
api.ipify.org
b.6sc.co
bam.nr-data.net
c.6sc.co
cdn.materialdesignicons.com
cdnjs.cloudflare.com
clients6.google.com
connect.facebook.net
cta-service-cms2.hubspot.com
fonts.googleapis.com
fonts.gstatic.com
go.recordedfuture.com
googleads.g.doubleclick.net
graph.facebook.com
id.rlcdn.com
j.6sc.co
js-agent.newrelic.com
js.driftqa.com
js.driftt.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hscta.net
kenwheeler.github.io
load.sumo.com
match.prod.bidr.io
media.sumo.com
no-cache.hubspot.com
platform.twitter.com
px.ads.linkedin.com
secure.adnxs.com
segments.company-target.com
snap.licdn.com
ssl.google-analytics.com
static.ads-twitter.com
stats.g.doubleclick.net
sumo.com
t.co
tag.demandbase.com
track.hubspot.com
unpkg.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.recordedfuture.com
clients6.google.com
104.108.67.47
104.20.0.126
104.244.42.197
104.244.42.67
13.224.194.79
13.225.80.54
142.250.186.66
143.204.94.67
151.101.114.110
151.101.12.157
162.247.242.20
185.199.110.153
185.33.221.53
185.59.220.196
185.59.220.197
199.60.103.254
23.21.252.4
2606:2800:234:59:254c:406:2366:268c
2606:4700::6810:125e
2606:4700::6810:7eaf
2606:4700::6811:46b0
2606:4700::6811:d4cc
2606:4700::6811:ddcc
2606:4700::6812:15bf
2606:4700::6813:9b53
2620:1ec:21::14
2a00:1450:4001:801::2008
2a00:1450:4001:801::200e
2a00:1450:4001:802::200e
2a00:1450:4001:809::2003
2a00:1450:4001:812::2004
2a00:1450:4001:812::200a
2a00:1450:4001:813::2002
2a00:1450:4001:829::2008
2a00:1450:4001:82b::2003
2a00:1450:400c:c00::9a
2a02:26f0:10c:58e::25ea
2a03:2880:f01c:800e:face:b00c:0:2
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:f500:10:101::b93f:9105
34.120.207.148
52.38.14.212
54.197.143.221
54.228.192.197
65.9.7.129
89.187.169.26
00a9c0d47d9b0646d0d2fcb16f4c9456ecd0771e08e775e174e8c86ad1cb629a
025c46126acdda0157b9a69f0fbd5e7eacdfa4c44aab8af89d09977643083397
04446c6509e4513c239c7803cf8a8c3727e8cef843c8537e48d5e05e1fa723cd
0857d4f4f1bcb1b6ab880dd88a7c90775ad99bcd6a3cbdda5f0c47910d784d4c
0940efb55fa2f1deb76f9261931ac680e0fc2429e1073e2bafaadc7a32bab6d5
0c30678ce61936db0d9405256fc6d328eb49d38614d1650a3678a32ebb3b943c
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
1026d9fb308f7ae9af4b10ee43618382be1a6313656b395da90681d6a10b1988
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
12792810e14458db7277846f29ccaa68bfd813bc1532acd6ea4ccfd0ab2fc539
13e9741d8619b07a7e0779171ec4a35d0ee8dad0592a65088f9d3f31af274d43
14af47320898bd93f367026f7833c9956f14e24856976e4f9e10be31155cdcf2
16b29500b0d4632ac05a1999c97fc3f78a22a6a99f34f9d8778532400fdbfe2f
16c25ccdc13096c0fe269d07f04dcccf888e05875bc871a19e4dfeaf0bb128a1
17669012e2d124bbea502e3e35fd7751b2acb3674f4148f9ef5b25e1a79c9bc5
17e4bd740eb53089e4a6e949ee7d889cb020e9757a40177a122b25505e6c5e2a
18aa66c192cbef43a61b1398c292ae5c6c1d40d679428ee998b1c6bfaf61d75a
19df1a5475b48c52eda2833b5914f418d54481f8750243fc0ba0a1068e33f757
1cc82f513588a417cfb181cd5b2329432cc3b2bb9d1f056e432838a036851aed
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1ed082521f47921ffff14d4ec1c6c3f1ea55114741bee23cc23d4ab6a3213642
1f7e6a6c895c100151dfb452658d754fba7965e3ca95359990486db344d531e7
201c69ecbe44d71302ad988e497e3537252acc7e3d102b195edf2773e2c7c7f0
2198a2af7310236e35e29997323f246c9189ab48c2886713d2cadc4178247728
24131969a1406fd00e47b4c1654440ee1bb1ce2196057454f044d2d3f9e40aae
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
268ebac37d419d809ed9f19112da4f3a60c24710e849fa5c13499813e2bf2a9d
271bc594ffc1d972db7f089f567b29b1174183bcd46c672eb7775226a404a027
2f7d25275cf9ccb802154e572bc808e3c4533bc2004ccb65f4ccf35fc22b0a58
31241a45c6a9dbc6a58e7529b551f11961accb16deacb7afa0cbf81ab97c635f
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
3323814006fe6739493d27057954941830b59eff37ebaac994310e17c522dd57
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
34fcae3cf94e02d46c230a5b7dd3827d612587164e048dcfe146518da1cb4ab0
36aecd4542cf4c62f3d0b0517e0e560aabd649e4efcfce254a95c5adeb388a5c
36cce5cae3d2e0045b2b2b6cbffdad7a0aba3e99919cc219bbf0578efdc45585
3b44433b6d777aed38ed9359c5453bba1fb62c181f99f060b94cc58e457457d9
3b47f5c4a5a1d3ed16ae84c3563754421939efc12de5d414e7f1fdabdc6429fb
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3deea8f0b9998aed490ae3243ef52212af53465e0b302936d7288ab407a1902b
3ec19e731a605af29732582f00be3657470562ad2c1059ce01e58feda8f8d141
3efda3e9de70e536aaa4491c806a108e13e381be23f673888fb74573e5aa3e93
3f351eef4b0a3ccd70ff9d4239851252a0a6eba79471e530f9deec0b3421d132
3fc2845d22c09928ba9dae73f657a21ede05bed89a42efafe1028bcbe4ee499b
40bcd63ab74f4ab4d6976033797595ea693379a4186ba951e8059d8f2b63c7a8
42dba42246ff1f5d2b17408a00d7c3dd5b0a959571256bfa4306534103d8b0e4
45c2f8087bd6390d1a8b55d1e151b36dcd1371bdca1d02be42911d24ddccdf06
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
48ed0b05d91e59d7ac7cbc6543cd30b2b3e2aa7bac9b06f3b0f261c9db69a266
4956068b2f2c2f14c6dd7fb409b7e5a22ab4a41b45c9ad683bc0f77c5853ffba
4b6753aef2f81a4813434523b259d9d19f368ae41cd40162bf0897bc4e334cb9
4c2a0a41bdbc55f5d0f74f367110639cb7fe35122a7a140846d1395d21609a6d
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a
4d7638189c7137743ac6c7644ab820c6c669fcb52a79cf8f27857ddd7bcc80f8
5036d77bc45902a3567f499ebf981076387d71995d6fab43c9be0cd0b962b230
5238692ecf23970cbc3bad3899f5ad4913886cd16f0883d22fda406b3324a253
52b8da4e014ba69828d62e8463bc95432418d40d2350fe26a82d08081c6b1f60
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0
535f84cffe4a18de721d24bd0f6a46f059068d48daf2327d143e0397431cbb14
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
55e013cc5b51558d5da65677f12067d523a200d8e29243284131733340adeecd
57bcda2a9d92a692f9c1edccd79a4796bbf0b332a3db8efb74cb0cb0942a838a
593f56bb9b00b639f6aadc57954f46080ce233d1bc01ef50f85720df619029f8
5dc9d61931a73fa03b59af510868b7e89e4523df5a53935212ca8a9b31af0b8d
5efce88ac7228ea159bcf7fd1cc56d73c19428394218706524bac0e9151d4c61
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
5f972353442840a191a5f341fb188f1afd3521ee2df82f4244a5f8baff94ed6e
613c27d45e0551e5862b4bbbf3c6f5241f73bc472ff15e84492f9b4f6579c58b
61a2d2d9e72b541b52b029da2febf1203b443126b6cccbc4fa23a8718af52a3a
6759e1844268d4ab9f5c8a9c16c245b58c1b5cc8d8361ce751bf8902a0025293
692f218144b18d4f2c28c9d8d69385106263fb3239fd0ae2b42680202941ba0f
699713f69dbd2387b7c3b57204bcdc3d86d3ac350718a7ad65a5293e0d2c53eb
6a09ca406e89e7b1d3172741824df92d81eb000aa3241559c573f1bf17bc4899
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
6fdd24bd96b3a482bc058d5c9bcfd6f1c664d91bbd47658d65ac5d852535f7fd
70c9b373b81d6e43a3479f52231ac50d2691fd9232042514159be5866a65e40f
71b3e9761dec1834f8152f030e564ed3ccee88e6f133764557faadbebf869c2d
7201c12b0e82cd05a60c412f53f98f37cfec9616ef61f6e34d7d3a5293e440a5
7223c0b2ffaafe54a5aa7784420e711a847bde036b3e8050c319e815a4b1aa33
73c748a03b271d7a4d7c1ed120f668653c1d7ed4632748920048ddcde2e6d759
756df835cdc3e6d51abfaa6f2cd0d48a3430e2bcc2c12566e06dc79f3ba4ff74
773a8f6755c75e51461fb4809413075f96342df2696625580b407967292d915c
779651bc146d489786b9b4ab590d2784547448e4b85cf1bb9036b31e404d1a37
7915f988d90a47aff5003835c6e0255c3cb35247762ff36f005e7f94d5e8fbbc
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79a39793efbf8217efbbc840e1b2041fe995363a5f12f0c01dd4d1462e5eb842
7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a
7c142f741438550d5cad8e88b6b2952f8f256efda416f35e5a84dd2f6066144d
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551
7dc2bb5610d82601a0414021553c7a2e14376f3071e63e882c40717f37c72944
7df9f6033cb3c95840dc9a2c61de4d7c333a29fa6dd0758cb7f744b196be0157
81a0af4b719cd7130599920adcdb46c1baee5556a3bdac934cc13acab1da9d30
8207ade6f639887a7838b2903d39de1b3d21a327b031310555676d120e068b47
8271756d5397dd04fee9e7b5e9bb25a40b32102998938539946d9a006a0ec737
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83e7b0edd83ba89635382f425dfdfd4e2dc0f4c43a059c41dce98cdb1048ab86
84decc00a588d65b9c7ae58a79d11fa6eb4a1ae0330a0e78097ef88599482168
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8735e4e8367f3114cc5979b4dc8dc2a40d6ca15be9532be0461ac8364a0359fb
8c13ac28c11e551e0f2a5a75cde96400e92cec10f23e4c08b42e45ee694532b7
8dc3a64dfe1f4987255d6091e5ecdd676796677818b52335637fdf7aad592b27
913dc724415e29cf3bac745a67ee897c6c2d7645c0a9be1005977d5469fe8a7d
967ff48c41053bf7c36f819b71ee6b509bd9971857397d74b41c75acc5bd27ae
96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea
98726f9632fa3f6359c2d118f2061241729bcfc9a98563ccb6cf87444d32bd88
995e86d44aea36569709e1892a20daec975c7f7fb4378739f58eb47bb3d06614
9af807e6648c8beb1c42c4a15706766cc424d646f0e128ea5650050b79e8477f
9b9b439612eecd459a6edf2abfcf4ae252710e0069772b1b78c4970b3c0f1830
9c40f13cd1c3c7338bab7aa23cd5d7b197c79a9cd96ccca801f8937767f67642
9c88bbf6795ced59fe226716a4b1221bdb548e874e2600e5eba42c35aac8e7fb
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
9fdc75d9b87e9b08d1e74e5b8394bce92d3afff32c6b34b337f3120860e548ea
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a17254417c7cf571e6b249cceea19081e5e2c079bfe78830375a5ecee085ccd5
a24dc262ca6db1017f88a6f18786dbb088dce4d06f65ed2b4b43cfd8d0cc618b
a5a00d86a6bf225bb3acdafa45e61eb222f5f7070bfef2c36ac7d8e169ec0767
a63faa208abb098d974347fa268d9022656e07323f10f590c3fc4b7072e9cd2b
a73a98563485541039998520eaa3f1b8475e8da1f9ae414a74c73df0d5f24f8a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad80ac33ed04b4e6d78167b4162ecd3d2e8c29d17b43eb3df1f35b216b2ac5c5
b5d439b0a1670a4a56384b0b48fcdfabef6e8a5124683f32c6913d1fe22e9563
bb54e94c545f03932d631cd985aff128d39396abed2de7cbb522b535493d0262
bb6ea628b1e8dce64046e499cbf511207790ffa4c7515396ce98e2dd9cebd8d9
bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
be71c62688db7e5151d1761c79dcd53d442217130b8c0055879391368affa7f1
c23c7b5a64271af443cbff923966e7878bdbe67654ff666c1619e991be666775
c36eb9f49a231993fa4ead31474f6ba49fbba5b2b8630a6d0abb64b3740226c1
c60328c2a2fba270c2fc603e556bb6eb41d10cecac5941dfe54e0c071472cc78
c60b93effcbac344d2c30270e0d97323af0f64f43f3ac4d8abd486a875477169
c673975b162d9f1e9568bf7ce27dc1fb7c3c81f055c052c230a5b7586f873fd9
c8fdd6c9e3e4037c2acc14556eaec13ae56b6812c43ffc61c667a347ce3ea3d9
d537c73a183af229ef7622aff821e6989b2af4aec2ec5c94b0feb880ccf9ff43
d5e4b2256e6c1a6e0d31f393d0422ad333d5e71e69c0d907cd85863cbffcdf28
d8282c6a4c6ca3d158d75674d00345a50cee1cef971be4017cf4d15be8428f1c
d9576157078dda9a522dad222249eeec6e639a856351b9f09451163cec1828ff
db2af24bfef6358a1c62eb490dcef92470cfd816b84f7fac5c50ae79b1397f81
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd9c85c873b9b644468988e8165e079b0e747a550ce13fa3f7d0c1839b0fd503
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e0cba98ac99011f651af26cfd923aaa2e6da848c56a3578eb7a8c3d06d42ec12
e146694637c659ec76a75f2f92253956460decf38696b9f77d825dde8308efaa
e20b0c0a2c1878b2a7a1806042a995bf0f84313444c19e223fc313a7100b3a99
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
ea55115014c6525fbcd9a649af5fd6f6308ddead86156213d48048748813f033
eb56f5fd1a0b7de8b7344bcaaf0e5c88001ebbf9c89ab9f8f27fced8ddd88b08
ec3873a49c77ec8a26f8c7a6f60eff1c0a7884459b5f8d2fcef28ef0ce271792
ed839d9fae4a8e722e9c408c2716a6f1eb789b99ef16722cd39ff4965749d8fb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f268612ba59ead1b24353bb77d66783bcc435aff1c22be5f93c40bac3869968e
f452c0a329f17acfb74497d9ddef4a0d5af4166d43da2a3824387fc71205cd4f
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23
f76e86c6a29453f0e15e74069a1e105af353ff07abaf5b7fdbb599e7c3263741
fbc199bf7f97061c41664b040e84616a0cb54441a2efc5801d5d401d3a049f3c
fc2c9a085383dfcf93ae2a711197cc7d4fd8526e0a55226b508045c9b7d51334
fe39eced72c33ae4c1b3bdd9843bc853265b9909040d41555faa02f62cb29ef2

www.recordedfuture.com Open in urlscan Pro 104.20.0.126 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

191 Requests

99 %HTTPS

51 %IPv6

37 Domains

52 Subdomains

45 IPs

7 Countries

11245 kBTransfer

18336 kBSize

24 Cookies

32 Outgoing links

Page URL History

Redirected requests

191 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 13 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.recordedfuture.com Open in urlscan Pro
104.20.0.126 Public Scan

Screenshot
Live screenshot

Full Image

191
Requests

99 %
HTTPS

51 %
IPv6

37
Domains

52
Subdomains

45
IPs

7
Countries

11245 kB
Transfer

18336 kB
Size

24
Cookies

191 HTTP transactions
13 data transactions