abnormalsecurity.com Open in urlscan Pro
76.76.21.21 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
Submission: On December 06 via api (December 6th 2023, 2:12:38 am UTC) from TR — Scanned from DE

Summary HTTP 152 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 29 IPs in 3 countries across 22 domains to perform 152 HTTP transactions. The main IP is 76.76.21.21, located in Walnut, United States and belongs to AMAZON-02, US. The main domain is abnormalsecurity.com. The Cisco Umbrella rank of the primary domain is 246827.
TLS certificate: Issued by R3 on November 7th 2023. Valid for: 3 months.

This is the only time abnormalsecurity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
49	76.76.21.21 76.76.21.21	16509 (AMAZON-02) (AMAZON-02)
1	3.213.99.203 3.213.99.203	14618 (AMAZON-AES) (AMAZON-AES)
3	2600:9000:214... 2600:9000:214f:1000:3:eee:d40:21	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
5	2606:4700:20:... 2606:4700:20::681a:9b5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
10	167.172.14.134 167.172.14.134	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
18	151.101.65.195 151.101.65.195	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:223... 2600:9000:223c:5400:1:57c7:dac0:21	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.2.133 151.101.2.133	54113 (FASTLY) (FASTLY)
2	54.194.25.213 54.194.25.213	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:212... 2600:9000:2127:8200:d:1a25:7e40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	44.238.156.227 44.238.156.227	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
16	99.80.207.12 99.80.207.12	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:212... 2600:9000:2127:8a00:3:b7e:8940:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
3	151.101.192.143 151.101.192.143	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1a32	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.64.150.44 172.64.150.44	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2607:f5b7:1:5... 2607:f5b7:1:52::11	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
1	169.63.31.200 169.63.31.200	36351 (SOFTLAYER) (SOFTLAYER)
2	2a02:6ea0:c70... 2a02:6ea0:c700::22	60068 (CDN77 ^_^) (CDN77 ^_^)
5	2606:4700::68... 2606:4700::6810:880f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
152	29

49 76.76.21.21 (Walnut, United States)

ASN16509 (AMAZON-02, US)

abnormalsecurity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.213.99.203 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-99-203.compute-1.amazonaws.com

abnormalsecurity.outgrow.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:214f:1000:3:eee:d40:21 (United States)

ASN16509 (AMAZON-02, US)

dyv6f9ner1ir9.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:20::681a:9b5 (United States)

ASN13335 (CLOUDFLARENET, US)

optimise2.assets-servd.host	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 167.172.14.134 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

cms.abnormalsecurity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 151.101.65.195 (United States)

ASN54113 (FASTLY, US)

cdn.outgrow.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:5400:1:57c7:dac0:21 (United States)

ASN16509 (AMAZON-02, US)

dlvkyia8i4zmz.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.133 (United States)

ASN54113 (FASTLY, US)

static.filestackapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.194.25.213 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-25-213.eu-west-1.compute.amazonaws.com

vitals.vercel-insights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:8200:d:1a25:7e40:93a1 (United States)

ASN16509 (AMAZON-02, US)

site-assets.plasmic.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.238.156.227 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-238-156-227.us-west-2.compute.amazonaws.com

analytics.plasmic.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 99.80.207.12 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-207-12.eu-west-1.compute.amazonaws.com

api-n.outgrow.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-live.outgrow.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:8a00:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.192.143 (United States)

ASN54113 (FASTLY, US)

s.swiftypecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1a32 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.mouseflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.64.150.44 (United States)

ASN13335 (CLOUDFLARENET, US)

js.zi-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f5b7:1:52::11 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)

n2.mouseflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.63.31.200 (United States)

ASN36351 (SOFTLAYER, US)
PTR: c8.1f.3fa9.ip4.static.sl-reverse.com

cc.swiftype.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6ea0:c700::22 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

maxst.icons8.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:880f (United States)

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ws-assets.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
59	abnormalsecurity.com abnormalsecurity.com — Cisco Umbrella Rank: 246827 cms.abnormalsecurity.com	2 MB
19	outgrow.us abnormalsecurity.outgrow.us cdn.outgrow.us — Cisco Umbrella Rank: 168331	896 KB
16	outgrow.co api-n.outgrow.co — Cisco Umbrella Rank: 175429 api-live.outgrow.co — Cisco Umbrella Rank: 263008	27 KB
13	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2189	42 KB
5	zoominfo.com ws.zoominfo.com — Cisco Umbrella Rank: 4490 ws-assets.zoominfo.com — Cisco Umbrella Rank: 16106	29 KB
5	assets-servd.host optimise2.assets-servd.host — Cisco Umbrella Rank: 118536	3 KB
4	mouseflow.com cdn.mouseflow.com — Cisco Umbrella Rank: 6553 n2.mouseflow.com — Cisco Umbrella Rank: 20415	59 KB
4	cloudfront.net dyv6f9ner1ir9.cloudfront.net dlvkyia8i4zmz.cloudfront.net	186 KB
3	zi-scripts.com js.zi-scripts.com — Cisco Umbrella Rank: 9404	3 KB
3	swiftypecdn.com s.swiftypecdn.com — Cisco Umbrella Rank: 11144	149 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	280 KB
2	icons8.com maxst.icons8.com — Cisco Umbrella Rank: 35542	112 KB
2	plasmic.app site-assets.plasmic.app — Cisco Umbrella Rank: 301739 analytics.plasmic.app — Cisco Umbrella Rank: 402725	1 KB
2	vercel-insights.com vitals.vercel-insights.com — Cisco Umbrella Rank: 10240	331 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
1	swiftype.com cc.swiftype.com — Cisco Umbrella Rank: 12090	279 B
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102	455 B
1	osano.com cmp.osano.com — Cisco Umbrella Rank: 4989	60 KB
1	filestackapi.com static.filestackapi.com — Cisco Umbrella Rank: 18960	30 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 204	18 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 313	9 KB
1	gstatic.com fonts.gstatic.com	126 KB
152	22

	Domain	Requested by
49	abnormalsecurity.com	abnormalsecurity.com
18	cdn.outgrow.us	abnormalsecurity.outgrow.us cdn.outgrow.us
12	api-n.outgrow.co	cdn.outgrow.us
10	cms.abnormalsecurity.com	abnormalsecurity.com
9	www.google-analytics.com	abnormalsecurity.outgrow.us cmp.osano.com cdn.outgrow.us
5	optimise2.assets-servd.host	abnormalsecurity.com
4	ws.zoominfo.com	js.zi-scripts.com ws-assets.zoominfo.com
4	api-live.outgrow.co	cdn.outgrow.us
4	region1.google-analytics.com	www.googletagmanager.com
3	n2.mouseflow.com	cdn.mouseflow.com
3	js.zi-scripts.com	cmp.osano.com js.zi-scripts.com
3	s.swiftypecdn.com	abnormalsecurity.com s.swiftypecdn.com cmp.osano.com
3	www.googletagmanager.com	abnormalsecurity.com cmp.osano.com cdn.outgrow.us
3	dyv6f9ner1ir9.cloudfront.net	abnormalsecurity.com cdn.outgrow.us
2	maxst.icons8.com	cdn.outgrow.us maxst.icons8.com
2	vitals.vercel-insights.com	abnormalsecurity.com
2	fonts.googleapis.com	abnormalsecurity.com client
1	ws-assets.zoominfo.com	cmp.osano.com
1	cc.swiftype.com
1	cdn.mouseflow.com	cmp.osano.com
1	pagead2.googlesyndication.com	www.googletagmanager.com
1	cmp.osano.com	abnormalsecurity.com
1	analytics.plasmic.app	abnormalsecurity.com
1	site-assets.plasmic.app	abnormalsecurity.com
1	static.filestackapi.com	abnormalsecurity.outgrow.us
1	cdnjs.cloudflare.com	abnormalsecurity.outgrow.us
1	dlvkyia8i4zmz.cloudfront.net	abnormalsecurity.outgrow.us
1	cdn.jsdelivr.net	abnormalsecurity.outgrow.us
1	fonts.gstatic.com	fonts.googleapis.com
1	abnormalsecurity.outgrow.us	abnormalsecurity.com
152	30

This site contains links to these domains. Also see Links.

Domain
abnormalsupport.force.com
partners.abnormalsecurity.com
intelligence.abnormalsecurity.com
careers.abnormalsecurity.com
www.abnormalbusinessschool.com
abnormalsecurity.statuspage.io

Subject Issuer	Validity	Valid
abnormalsecurity.com R3	`2023-11-07` - `2024-02-05`	3 months	crt.sh
*.outgrow.us Sectigo RSA Organization Validation Secure Server CA	`2023-07-19` - `2024-08-01`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-26` - `2024-02-26`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
cms.abnormalsecurity.com R3	`2023-10-13` - `2024-01-11`	3 months	crt.sh
www.ewoud.dev GTS CA 1D4	`2023-10-10` - `2024-01-08`	3 months	crt.sh
*.filestackapi.com R3	`2023-12-03` - `2024-03-02`	3 months	crt.sh
vercel-insights.com Amazon RSA 2048 M03	`2023-08-23` - `2024-09-19`	a year	crt.sh
site-assets.plasmic.app Amazon RSA 2048 M01	`2023-01-31` - `2024-02-29`	a year	crt.sh
analytics.plasmic.app R3	`2023-10-15` - `2024-01-13`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.outgrow.co Sectigo RSA Organization Validation Secure Server CA	`2023-07-20` - `2024-08-18`	a year	crt.sh
*.osano.com Amazon RSA 2048 M03	`2023-10-18` - `2024-11-15`	a year	crt.sh
s.swiftypecdn.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-07-02` - `2024-08-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
cdn.mouseflow.com Cloudflare Inc ECC CA-3	`2023-10-25` - `2024-10-23`	a year	crt.sh
zi-scripts.com GTS CA 1P5	`2023-12-02` - `2024-03-01`	3 months	crt.sh
*.mouseflow.com Sectigo RSA Domain Validation Secure Server CA	`2023-08-28` - `2024-09-27`	a year	crt.sh
*.swiftype.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-21` - `2024-07-14`	a year	crt.sh
1454623486.rsc.cdn77.org R3	`2023-11-26` - `2024-02-24`	3 months	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2023-04-04` - `2024-04-03`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
Frame ID: 0A2868C48C39BD27B8880B91065524D0
Requests: 95 HTTP requests in this frame

Frame: https://abnormalsecurity.outgrow.us/64e37afea593954b6e60f08f
Frame ID: A36DBB33D6EE4D7F97A11BABB21F2A18
Requests: 45 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Disney+ Impersonated in Personalized Multi-Stage Email… | Abnormal

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

Mouse Flow (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.mouseflow\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

math.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

math(?:\.min)?\.js

Page Statistics

152
Requests

98 %
HTTPS

61 %
IPv6

22
Domains

30
Subdomains

29
IPs

3
Countries

4097 kB
Transfer

15666 kB
Size

13
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://abnormalsupport.force.com/knowledgebase/s/
Title: Support Portal

Search URL Search Domain Scan URL

URL: https://partners.abnormalsecurity.com/
Title: Partner Portal

Search URL Search Domain Scan URL

URL: https://partners.abnormalsecurity.com/English/register_email.aspx
Title: Become a Partner

Search URL Search Domain Scan URL

URL: https://intelligence.abnormalsecurity.com/
Title: Abnormal Intelligence

Search URL Search Domain Scan URL

URL: https://careers.abnormalsecurity.com/
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.abnormalbusinessschool.com/
Title: Business School

Search URL Search Domain Scan URL

URL: https://abnormalsecurity.statuspage.io/
Title: Status

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

152 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request disney-plus-attack-personalized-attachments Show response
abnormalsecurity.com/blog/ 648 KB
149 KB 213ms
109ms Document
text/html 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel / Next.js

Resource Hash

87527af55b597d9255b785b55406fd62a7395698c1bc9c3c7c9f36e2f53a3abe

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: Content-Type
age: 218
cache-control: public, max-age=0, s-maxage=86400, stale-while-revalidate=86400
content-encoding: br
content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
content-type: text/html; charset=utf-8
date: Wed, 06 Dec 2023 02:08:49 GMT
etag: W/"pl5enj6v8ae7vs"
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
referrer-policy: same-origin
server: Vercel
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-matched-path: /blog/[slug]
x-powered-by: Next.js
x-vercel-cache: HIT
x-vercel-id: fra1::sfo1::pw5sn-1701828748631-14a614109005
x-xss-protection: 1

GET
H2 200 df330d0e494711a3.css
abnormalsecurity.com/_next/static/css/ 96 KB
20 KB 52ms
51ms Stylesheet
text/css 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/css/df330d0e494711a3.css

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

5dd02f5cc67c28e8dc57dc2a3393f9fb006958ce255160d65243bf380380d9f1

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 02:12:28 GMT
strict-transport-security: max-age=63072000
age: 381819
content-disposition: inline; filename="df330d0e494711a3.css"
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::qss7l-1701828748746-636e32a1796f
x-matched-path: /_next/static/css/df330d0e494711a3.css
etag: W/"09d0404a73a18e9a347548edd44e084e"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
access-control-allow-headers: Content-Type

GET
H2 200 webpack-0187382501196b6a.js Show response
abnormalsecurity.com/_next/static/chunks/ 5 KB
3 KB 52ms
52ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/webpack-0187382501196b6a.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

e847afdbb56241b07a24ffe26b17156d6f382d13d0c2bc2c41cc29f0362e7e95

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 02:12:28 GMT
strict-transport-security: max-age=63072000
age: 381819
content-disposition: inline; filename="webpack-0187382501196b6a.js"
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::wlrmw-1701828748747-dca530e2cbd6
x-matched-path: /_next/static/chunks/webpack-0187382501196b6a.js
etag: W/"d51bdd69824509df128dea39d4f3ec18"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
access-control-allow-headers: Content-Type

GET
H2 200 framework-693772c16cf05a93.js Show response
abnormalsecurity.com/_next/static/chunks/ 206 KB
60 KB 46ms
43ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/framework-693772c16cf05a93.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

2e6a2c1bc8bede40932a487f4c4057ba8871fd4ff7358040f06313d63b210e61

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 02:12:28 GMT
strict-transport-security: max-age=63072000
age: 381741
content-disposition: inline; filename="framework-693772c16cf05a93.js"
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::qss7l-1701828748767-866397eca531
x-matched-path: /_next/static/chunks/framework-693772c16cf05a93.js
etag: W/"1b4975da8bcf871b39d7f12199a7e42d"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
access-control-allow-headers: Content-Type

GET
H2 200 main-24417d37015463b1.js Show response
abnormalsecurity.com/_next/static/chunks/ 100 KB
32 KB 47ms
43ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/main-24417d37015463b1.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

e3a8b32b8d2ff683f19a3f3a5f0aa6b7351a811a2830ebc43d59fcf3095c4e53

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 02:12:28 GMT
strict-transport-security: max-age=63072000
age: 381819
content-disposition: inline; filename="main-24417d37015463b1.js"
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::wlrmw-1701828748767-525f2306d85f
x-matched-path: /_next/static/chunks/main-24417d37015463b1.js
etag: W/"d095011b6366427ecc3e2f7700b3d90e"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
access-control-allow-headers: Content-Type

GET
H2 200 _app-52b0f829b69ffc66.js Show response
abnormalsecurity.com/_next/static/chunks/pages/ 1 MB
302 KB 62ms
59ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/pages/_app-52b0f829b69ffc66.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

9e44ffac0553772ec3307c835eade6ee5e0958f0da974ed464312eeafd37a4fe

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 02:12:28 GMT
strict-transport-security: max-age=63072000
age: 381819
content-disposition: inline; filename="_app-52b0f829b69ffc66.js"
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::982b7-1701828748767-a149ae7d5809
x-matched-path: /_next/static/chunks/pages/_app-52b0f829b69ffc66.js
etag: W/"2469c4f1c150308bd43213ec348be037"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
access-control-allow-headers: Content-Type

GET
H2 200 2edb282b-f81471e903dfd1cd.js Show response
abnormalsecurity.com/_next/static/chunks/ 68 KB
26 KB 66ms
63ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/2edb282b-f81471e903dfd1cd.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

62c6cb71f33e94e6ead3bc223297ef4d65e204900f2b56e81f4916b6c9911486

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 02:12:28 GMT
strict-transport-security: max-age=63072000
age: 381819
content-disposition: inline; filename="2edb282b-f81471e903dfd1cd.js"
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::fmhww-1701828748767-4c3eb465dc2a
x-matched-path: /_next/static/chunks/2edb282b-f81471e903dfd1cd.js
etag: W/"650a06501e32aa366c48d74a85358b4b"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
access-control-allow-headers: Content-Type

GET
H2 200 4372-c042718d761c6fb9.js Show response
abnormalsecurity.com/_next/static/chunks/ 31 KB
10 KB 65ms
61ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/4372-c042718d761c6fb9.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

bce9313c9fba0f077c5b70a3cf5df5eb51580292809ad50acb54f0a40b94b78f

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 02:12:28 GMT
strict-transport-security: max-age=63072000
age: 381819
content-disposition: inline; filename="4372-c042718d761c6fb9.js"
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::cv6sb-1701828748767-283667d58c26
x-matched-path: /_next/static/chunks/4372-c042718d761c6fb9.js
etag: W/"aae74e8928c0ced31f1cf6c496e2b51b"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
access-control-allow-headers: Content-Type

GET
H2 200 7175-16c9b2ac211f2e95.js Show response
abnormalsecurity.com/_next/static/chunks/ 198 KB
62 KB 120ms
117ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/7175-16c9b2ac211f2e95.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

6fd7603b0a800befb6fed859d89424472042b5284987e0deb43edf0ed1c2301b

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 02:12:28 GMT
strict-transport-security: max-age=63072000
age: 381819
content-disposition: inline; filename="7175-16c9b2ac211f2e95.js"
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::fmhww-1701828748773-b1cb8f03291a
x-matched-path: /_next/static/chunks/7175-16c9b2ac211f2e95.js
etag: W/"4a0462bb9c3e258b0675b5398cc98443"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
access-control-allow-headers: Content-Type

GET
H2 200 5489-881861585d3b02e5.js Show response
abnormalsecurity.com/_next/static/chunks/ 109 KB
39 KB 48ms
45ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/5489-881861585d3b02e5.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

20d796eaa672b0783407a6454f67dca20dff2c468c694388e34fe6236f54b3ce

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 02:12:28 GMT
strict-transport-security: max-age=63072000
age: 381819
content-disposition: inline; filename="5489-881861585d3b02e5.js"
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::2ffr9-1701828748767-bc780cfd63d8
x-matched-path: /_next/static/chunks/5489-881861585d3b02e5.js
etag: W/"5d3e703681ad6b5f3a1005542f09135e"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
access-control-allow-headers: Content-Type

GET
H2 200 5794-1c7aba968d50592a.js Show response
abnormalsecurity.com/_next/static/chunks/ 52 KB
16 KB 61ms
58ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/5794-1c7aba968d50592a.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

dac9e796332511e2efa1a6394bce92cbe494cf43e5f7cfdde89326f04c914a31

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 02:12:28 GMT
strict-transport-security: max-age=63072000
age: 381819
content-disposition: inline; filename="5794-1c7aba968d50592a.js"
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::pw5sn-1701828748767-49842020165e
x-matched-path: /_next/static/chunks/5794-1c7aba968d50592a.js
etag: W/"ba7e0766e34bfcca1ffb30f3ef464db2"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
access-control-allow-headers: Content-Type

GET
H2 200 8988-8bafa0a34afec0d9.js Show response
abnormalsecurity.com/_next/static/chunks/ 8 KB
3 KB 67ms
64ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/8988-8bafa0a34afec0d9.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

f677aee0f89928c0e141a63fb9fd7bddf14c809d91852e51a9d877f09bbcc2b5

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 02:12:28 GMT
strict-transport-security: max-age=63072000
age: 381819
content-disposition: inline; filename="8988-8bafa0a34afec0d9.js"
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::2ffr9-1701828748773-c1e801e2da53
x-matched-path: /_next/static/chunks/8988-8bafa0a34afec0d9.js
etag: W/"b1f0049086d8c05365cd3adc0d4cbf87"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
access-control-allow-headers: Content-Type

GET
H2 200 6204-5990cfaebd10feef.js Show response
abnormalsecurity.com/_next/static/chunks/ 50 KB
17 KB 74ms
71ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/6204-5990cfaebd10feef.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

155de0c1ae374d28c60207ec2a7bf7b81a921ab1acfcf41ea82efe9b19494edc

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 02:12:28 GMT
strict-transport-security: max-age=63072000
age: 381819
content-disposition: inline; filename="6204-5990cfaebd10feef.js"
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::wlrmw-1701828748773-59808b5f85c3
x-matched-path: /_next/static/chunks/6204-5990cfaebd10feef.js
etag: W/"6eb1d7fc2033f08dd2ff610da03248fc"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
access-control-allow-headers: Content-Type

GET
H2 200 1314-bd66c84e488f74a7.js Show response
abnormalsecurity.com/_next/static/chunks/ 9 KB
4 KB 74ms
72ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/1314-bd66c84e488f74a7.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

fc6a2c575905dc725a5a35bbc86cd3cd1a84f9c1fe63ed6207340fae95642585

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 02:12:28 GMT
strict-transport-security: max-age=63072000
age: 381819
content-disposition: inline; filename="1314-bd66c84e488f74a7.js"
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::qss7l-1701828748773-71e00dcbb5fc
x-matched-path: /_next/static/chunks/1314-bd66c84e488f74a7.js
etag: W/"17cde2afcc12987b73da536deac33b7b"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
access-control-allow-headers: Content-Type

GET
H2 200 1485-3f343ac4590755dd.js Show response
abnormalsecurity.com/_next/static/chunks/ 12 KB
5 KB 90ms
88ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/1485-3f343ac4590755dd.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

3a8065364d42327bd2aafa0c605c23593534f7a3e51ad77ea8a3ba142e7d219a

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 02:12:28 GMT
strict-transport-security: max-age=63072000
age: 93361
content-disposition: inline; filename="1485-3f343ac4590755dd.js"
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::pw5sn-1701828748773-11d283b9bf0b
x-matched-path: /_next/static/chunks/1485-3f343ac4590755dd.js
etag: W/"8de48a30c71860dad81f29d6f1faff63"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
access-control-allow-headers: Content-Type

GET
H2 200 6634-e8dfc0b88aa41609.js Show response
abnormalsecurity.com/_next/static/chunks/ 46 KB
18 KB 102ms
100ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/6634-e8dfc0b88aa41609.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

0b0d5e258caa63b6b4d94b077e65c92540ad7c314a26df07808b21db086e160e

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 02:12:28 GMT
strict-transport-security: max-age=63072000
age: 381819
content-disposition: inline; filename="6634-e8dfc0b88aa41609.js"
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::sdvgl-1701828748773-044588bca397
x-matched-path: /_next/static/chunks/6634-e8dfc0b88aa41609.js
etag: W/"a3c66bc332d9604f1aea385fc8a6d9bd"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
access-control-allow-headers: Content-Type

GET
H2 200 4992-c823bd6b9b153adb.js Show response
abnormalsecurity.com/_next/static/chunks/ 51 KB
19 KB 105ms
102ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/4992-c823bd6b9b153adb.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

8c13eda964acfa7ccb50d6bdd5e8f739311aca336c98bbe88d657593a99095e6

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 02:12:28 GMT
strict-transport-security: max-age=63072000
age: 119187
content-disposition: inline; filename="4992-c823bd6b9b153adb.js"
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::2g29n-1701828748773-b7d40b36df65
x-matched-path: /_next/static/chunks/4992-c823bd6b9b153adb.js
etag: W/"8b520f9cddea4bf0a53e007acf2c7edc"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
access-control-allow-headers: Content-Type

GET
H2 200 4319-094c2c0c636d1932.js Show response
abnormalsecurity.com/_next/static/chunks/ 8 KB
4 KB 134ms
132ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/4319-094c2c0c636d1932.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

01535b7e497d6d64f46ab380e02e664b0eda364319ae6692de0086ab8bfc433f

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 02:12:28 GMT
strict-transport-security: max-age=63072000
age: 381819
content-disposition: inline; filename="4319-094c2c0c636d1932.js"
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::wr6lw-1701828748773-4baa3a94f69f
x-matched-path: /_next/static/chunks/4319-094c2c0c636d1932.js
etag: W/"28adc5847d13e5d405b0b645ff24e75f"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
access-control-allow-headers: Content-Type

GET
H2 200 2038-89c1156bb115387f.js Show response
abnormalsecurity.com/_next/static/chunks/ 11 KB
5 KB 130ms
128ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/2038-89c1156bb115387f.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

6bbbee5d3aeae0ace0ce86fd562c6eafc34ab6645f921ab2cf176ef2ae48ab1c

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 02:12:28 GMT
strict-transport-security: max-age=63072000
age: 381741
content-disposition: inline; filename="2038-89c1156bb115387f.js"
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::vpxgs-1701828748773-29e9375df859
x-matched-path: /_next/static/chunks/2038-89c1156bb115387f.js
etag: W/"e6da8e74112140ed849f862d78d23af0"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
access-control-allow-headers: Content-Type

GET
H2 200 4289-37fefb9c5b6e521f.js Show response
abnormalsecurity.com/_next/static/chunks/ 16 KB
5 KB 89ms
87ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/4289-37fefb9c5b6e521f.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

935a1bc15e39837f2e82738f1db46627b4795e62aa80c827ae3dd70a2161a971

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 02:12:28 GMT
strict-transport-security: max-age=63072000
age: 381819
content-disposition: inline; filename="4289-37fefb9c5b6e521f.js"
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::cv6sb-1701828748774-422a5a645091
x-matched-path: /_next/static/chunks/4289-37fefb9c5b6e521f.js
etag: W/"a434927efd066736faf00a90fefca84b"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
access-control-allow-headers: Content-Type

GET
H2 200 3936-cbb5c8afcffa58d0.js Show response
abnormalsecurity.com/_next/static/chunks/ 21 KB
7 KB 102ms
100ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/3936-cbb5c8afcffa58d0.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

96e1863c4adb1b1458836f4c2345f2f1db8b9a0b1ecefbd7098248e9fecb890b

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 02:12:28 GMT
strict-transport-security: max-age=63072000
age: 381819
content-disposition: inline; filename="3936-cbb5c8afcffa58d0.js"
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::sm2m4-1701828748773-2521d64bd071
x-matched-path: /_next/static/chunks/3936-cbb5c8afcffa58d0.js
etag: W/"f6a65b84729e0d33175e4b24a369ce7b"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
access-control-allow-headers: Content-Type

GET
H2 200 3836-0511478eee7041d0.js Show response
abnormalsecurity.com/_next/static/chunks/ 98 KB
24 KB 103ms
102ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/3836-0511478eee7041d0.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

5bae2fc4328f041d72d67e57f4d3fbcbef4db302d13eda7b897a405c7c1f9d2c

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 02:12:28 GMT
strict-transport-security: max-age=63072000
age: 381819
content-disposition: inline; filename="3836-0511478eee7041d0.js"
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::w7c6b-1701828748773-c70a509d3b42
x-matched-path: /_next/static/chunks/3836-0511478eee7041d0.js
etag: W/"2754b733fd2ff5b17ff9a8abc10d8e40"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
access-control-allow-headers: Content-Type

GET
H2 200 %5Bslug%5D-e78b1ebf55f54ce1.js Show response
abnormalsecurity.com/_next/static/chunks/pages/blog/ 16 KB
6 KB 103ms
101ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/pages/blog/%5Bslug%5D-e78b1ebf55f54ce1.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

da43716540586a07d1aed9c08dac27b2c523c5bcffa64aa93266f35017945dce

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 02:12:28 GMT
strict-transport-security: max-age=63072000
age: 381819
content-disposition: inline; filename="[slug]-e78b1ebf55f54ce1.js"
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::l27x7-1701828748774-32ffda9785c7
x-matched-path: /_next/static/chunks/pages/blog/%5Bslug%5D-e78b1ebf55f54ce1.js
etag: W/"d068153d394209d9ed812459236b1e47"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
access-control-allow-headers: Content-Type

GET
H2 200 _buildManifest.js Show response
abnormalsecurity.com/_next/static/LyB3J0NNfEmuU-GqliHGn/ 7 KB
2 KB 102ms
101ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/LyB3J0NNfEmuU-GqliHGn/_buildManifest.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

342cf83f17c8eb1ab0204c695e7db37665a9c055956eabf58923f26cb36bff2b

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 02:12:28 GMT
strict-transport-security: max-age=63072000
age: 381819
content-disposition: inline; filename="_buildManifest.js"
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::4pmgr-1701828748774-f0b03e5963fb
x-matched-path: /_next/static/LyB3J0NNfEmuU-GqliHGn/_buildManifest.js
etag: W/"22c2cfff1459af3f87c90661a0600444"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
access-control-allow-headers: Content-Type

GET
H2 200 _ssgManifest.js Show response
abnormalsecurity.com/_next/static/LyB3J0NNfEmuU-GqliHGn/ 1 KB
541 B 103ms
102ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/LyB3J0NNfEmuU-GqliHGn/_ssgManifest.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

815755b9ab99608198875734c24bfe4c2e26cbcd6811caae13ad8a8500c19fd1

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 02:12:28 GMT
strict-transport-security: max-age=63072000
age: 381819
content-disposition: inline; filename="_ssgManifest.js"
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::2g29n-1701828748773-6bb7dd0a7760
x-matched-path: /_next/static/LyB3J0NNfEmuU-GqliHGn/_ssgManifest.js
etag: W/"21a8968b1b5dd8a98ebe5151fcc0348a"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
access-control-allow-headers: Content-Type

GET
H2 200 64e37afea593954b6e60f08f Show response
abnormalsecurity.outgrow.us/ Frame A36D 6 KB
7 KB 364ms
120ms Document
text/html 3.213.99.203
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.outgrow.us/64e37afea593954b6e60f08f

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.213.99.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-213-99-203.compute-1.amazonaws.com

Software

Apache/2.4.58 () OpenSSL/1.0.2k-fips /

Resource Hash

1de51e11cd28b2312db92f436602c23d6db8891a22d8cf87395b51c124799c65

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=600
content-length: 6614
content-type: text/html; charset=UTF-8
date: Wed, 06 Dec 2023 02:12:29 GMT
etag: "19d6-60aa6e5972240"
expires: Wed, 06 Dec 2023 02:22:29 GMT
last-modified: Tue, 21 Nov 2023 10:16:33 GMT
server: Apache/2.4.58 () OpenSSL/1.0.2k-fips
strict-transport-security: max-age=63072000; includeSubdomains;preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 80 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b0132cf0dae0361cd4feca1b230ee0655f885036718e51f479fa5d128a4e4107

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 chatV2.css
dyv6f9ner1ir9.cloudfront.net/assets/css/shared/ 8 KB
2 KB 149ms
40ms Stylesheet
text/css 2600:9000:214f:1000:3:eee:d40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dyv6f9ner1ir9.cloudfront.net/assets/css/shared/chatV2.css

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/css/df330d0e494711a3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:1000:3:eee:d40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ad567b1d6b357690a4aad1a0a76618c552cc0f90befc02200b5e0872c889d5a0

Security Headers

Name	Value
Content-Security-Policy	form-action 'self'; block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:49:45 GMT
content-encoding: br
via: 1.1 f960fa0538fdb326fc338e984fa7ece8.cloudfront.net (CloudFront)
content-security-policy: form-action 'self'; block-all-mixed-content
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA53-C1
age: 85746
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
referrer-policy: same-origin
last-modified: Tue, 07 Nov 2023 08:35:46 GMT
server: AmazonS3
etag: W/"dd55910e9135810e13bc857aaaa0085b"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31622400
permissions-policy: interest-cohort=()
x-amz-cf-id: Q_h2vUhP0QHCJbV561jJtpG5HyILAbY7Lk6Eui0YrSYjdUEpKI-YIA==

GET
H2 200 icon
fonts.googleapis.com/ 569 B
775 B 136ms
49ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/css/df330d0e494711a3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 06 Dec 2023 02:12:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 02:12:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Dec 2023 02:12:28 GMT

GET
H2 200 Disney-Attack-%E2%80%93-Emails.png
optimise2.assets-servd.host/gifted-zorilla/production/images/blog/ 342 B
896 B 183ms
89ms Image
image/jpeg 2606:4700:20::681a:9b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optimise2.assets-servd.host/gifted-zorilla/production/images/blog/Disney-Attack-%E2%80%93-Emails.png?w=10&h=10&q=80&fm=jpg&fit=crop&crop=focalpoint&fp-x=0.5&fp-y=0.5&dm=1701734218&s=794369faa8153c2b1a7753834f412a44
Requested by: Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9607fdce53340e77e542e38371a63639dd7cf8e7f63a99a2b7b7d76357776a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-servd-from: Cache EU
date: Wed, 06 Dec 2023 02:12:29 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D8RItcLSx0Mj0nPsATFSEV5rUYSEMn7j%2Brz61CYdrc4evJRB48xYU9Hdwk4zey1UddMF6YLCjADENVRYD4zN0Qp0uRaGgP3Yh9n17TRNexffpKVw5SAPouNl51QSGBh6%2B9g8lvUCy5YKNfbZ%2B1fGhGrNgpYhAZOQPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000
cross-origin-resource-policy: cross-origin
x-servd-hash: 50d0919eab09ac38400571c52ab5ef88
cf-ray: 831101125ef06ab9-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 TWKEverett-Regular-web.woff2
abnormalsecurity.com/fonts/ 53 KB
54 KB 174ms
174ms Font
font/woff2 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/fonts/TWKEverett-Regular-web.woff2

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/css/df330d0e494711a3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

94de5c66331cd244e69ce3df84813f93c2213d748c7eefdbb20ac6e461faac0e

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://abnormalsecurity.com/_next/static/css/df330d0e494711a3.css
Origin: https://abnormalsecurity.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
date: Wed, 06 Dec 2023 02:12:29 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
age: 381819
content-disposition: inline; filename="TWKEverett-Regular-web.woff2"
content-length: 54524
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::wr6lw-1701828749149-68fe5c637ef0
x-matched-path: /fonts/TWKEverett-Regular-web.woff2
etag: "f9a6c0ce187482f10a21a2d865025278"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=315360000
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
accept-ranges: bytes
access-control-allow-headers: Content-Type

GET
H2 200 Disney-Attack-%E2%80%93-Invoices.png
optimise2.assets-servd.host/gifted-zorilla/production/images/blog/ 321 B
642 B 204ms
110ms Image
image/jpeg 2606:4700:20::681a:9b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optimise2.assets-servd.host/gifted-zorilla/production/images/blog/Disney-Attack-%E2%80%93-Invoices.png?w=10&h=10&q=80&fm=jpg&fit=crop&crop=focalpoint&fp-x=0.5&fp-y=0.5&dm=1701734226&s=786cabed24ad2816913ed3abba84e1fb
Requested by: Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0ff3254037219a70f66a3c2ea1acc1dc4296dee59fe36d0d94905823fafcc07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-servd-from: Cache EU
date: Wed, 06 Dec 2023 02:12:29 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PWjWUhno7JtdeuoMHOaYMR%2FP%2Fu0PPIkvnQf24Ao4i2nk66g4pgjXjtXdM3DYykELNshIECNWWb2BElntpTmM9FSHbaseXB10wXWhbH7IcdYOYfWrv89eUAt7DMUpZH5mkOKkGQgzSEaopg%2Fo6lZ24aCeXhzAx7n6Mg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000
cross-origin-resource-policy: cross-origin
x-servd-hash: 47b93362157a1c80042c1c444265002b
cf-ray: 831101125ef26ab9-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 GeekSquadAttack_Email.png
optimise2.assets-servd.host/gifted-zorilla/production/images/blog/ 322 B
646 B 330ms
237ms Image
image/jpeg 2606:4700:20::681a:9b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optimise2.assets-servd.host/gifted-zorilla/production/images/blog/GeekSquadAttack_Email.png?w=10&h=10&q=80&fm=jpg&fit=crop&crop=focalpoint&fp-x=0.5&fp-y=0.5&dm=1701734232&s=f6f47e80a79b36677ea12929559e90d4
Requested by: Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c67697fa04c7729b54f7d6eb5118f10ded6e00004252d6d7f50c272cb79087f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-servd-from: Cache EU
date: Wed, 06 Dec 2023 02:12:29 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZTZx6RJPJ3WL8Mi%2BJQvQo%2B7UiRNVGbSAREEbE19i8YD%2Fgt0FPN6bT0WSTqzRgvzQtTbDclNHNCbuDhzBghsP2cL%2BZDdqpbnMdiStzfZm1AsbQDFoJJ%2BGrafACKjRR4uUjXI5UfYcFpbNZJB5cdkE01ZW9Sq1oMnmaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000
cross-origin-resource-policy: cross-origin
x-servd-hash: 110b52a7b0033b9c230311cd2866f1c3
cf-ray: 831101125ef16ab9-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 Disney-Attack-%E2%80%93-Emails-Sriram-Header.png
optimise2.assets-servd.host/gifted-zorilla/production/images/blog/ 323 B
647 B 198ms
106ms Image
image/jpeg 2606:4700:20::681a:9b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optimise2.assets-servd.host/gifted-zorilla/production/images/blog/Disney-Attack-%E2%80%93-Emails-Sriram-Header.png?w=10&h=10&q=80&fm=jpg&fit=crop&crop=focalpoint&fp-x=0.5&fp-y=0.5&dm=1701734661&s=1feb9fec0acf0ff517a1145558715a6e
Requested by: Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aba428766ca04308b63d28f673b0876fc42201e9b8874b98ec51a5b409fb1703

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-servd-from: Cache EU
date: Wed, 06 Dec 2023 02:12:29 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IVryRfUGSa%2FVPC5GuvMTgnARS64vJErtmGY349lyI9WTNxMVQXbWPGwBKrOMLfmE6A%2FOI0hyYrapNBUArF%2Fbv8htjMrB7bUv6tkbzniSaG1S%2FFjt8426HF5aYtoo8l8pODpRV2jjpkEXsMC9Ii10ITD71HZbBnDFTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000
cross-origin-resource-policy: cross-origin
x-servd-hash: b5840f0d45dc3c817328d75a56f0bad5
cf-ray: 831101125ef36ab9-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 Disney-Attack-%E2%80%93-Emails-Matt-Header.png
optimise2.assets-servd.host/gifted-zorilla/production/images/blog/ 338 B
660 B 246ms
153ms Image
image/jpeg 2606:4700:20::681a:9b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optimise2.assets-servd.host/gifted-zorilla/production/images/blog/Disney-Attack-%E2%80%93-Emails-Matt-Header.png?w=10&h=10&q=80&fm=jpg&fit=crop&crop=focalpoint&fp-x=0.5&fp-y=0.5&dm=1701734659&s=f448733352f3d207cf568ec45c5c3337
Requested by: Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af1b80295a161720ac6c72c515e786af19893600052688e65d302aca8c182c09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-servd-from: Cache EU
date: Wed, 06 Dec 2023 02:12:29 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u8aI1ecWBUWPmjbe2NloKhVQdGTw9M%2BLsLTncorcy72F7M6iG0ZdX2yfOxRyrR0z1LFCpdKu6yoqevCYsqX2y1JM8fJM6fuo1ukCnQy2yFrNoKE6ANGB4fKZY2S4bScGDurhJIJaYDu4%2B8Ybw%2BUTGGJcubWp%2BI68HQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000
cross-origin-resource-policy: cross-origin
x-servd-hash: 8653075f8f8d21a675a624098586045a
cf-ray: 831101125ef46ab9-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 125 KB
126 KB 129ms
40ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://abnormalsecurity.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:08:20 GMT
x-content-type-options: nosniff
age: 367449
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 19:51:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 20:08:20 GMT

GET
H2 200 TWKEverett-RegularItalic-web.woff2
abnormalsecurity.com/fonts/ 55 KB
56 KB 47ms
47ms Font
font/woff2 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/fonts/TWKEverett-RegularItalic-web.woff2

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/css/df330d0e494711a3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

c642fb6f2230d36e74e53ca1e6e432da853f8ac7e9a1cb04f94dd6c31b50a4d3

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://abnormalsecurity.com/_next/static/css/df330d0e494711a3.css
Origin: https://abnormalsecurity.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
date: Wed, 06 Dec 2023 02:12:29 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
age: 381740
content-disposition: inline; filename="TWKEverett-RegularItalic-web.woff2"
content-length: 56704
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::bxdqn-1701828749085-50034a432c7e
x-matched-path: /fonts/TWKEverett-RegularItalic-web.woff2
etag: "1e8e3568add262c0f802778b4b5dafce"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=315360000
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
accept-ranges: bytes
access-control-allow-headers: Content-Type

GET
H2 200 TWKEverett-BoldItalic-web.woff2
abnormalsecurity.com/fonts/ 63 KB
63 KB 44ms
44ms Font
font/woff2 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/fonts/TWKEverett-BoldItalic-web.woff2

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/css/df330d0e494711a3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

fcd5fc46e77728b0e5da04b51d40abd649eabcf637eb29ef884f668a52164d57

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://abnormalsecurity.com/_next/static/css/df330d0e494711a3.css
Origin: https://abnormalsecurity.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
date: Wed, 06 Dec 2023 02:12:29 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
age: 370593
content-disposition: inline; filename="TWKEverett-BoldItalic-web.woff2"
content-length: 64112
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::982b7-1701828749085-09d59ad104a7
x-matched-path: /fonts/TWKEverett-BoldItalic-web.woff2
etag: "4291e56bdaa232615ce51b3d3b67fb2d"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=315360000
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
accept-ranges: bytes
access-control-allow-headers: Content-Type

GET
H2 200 TWKEverett-Bold-web.woff2
abnormalsecurity.com/fonts/ 60 KB
60 KB 44ms
44ms Font
font/woff2 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/fonts/TWKEverett-Bold-web.woff2

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/css/df330d0e494711a3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

4a6588416e2d67985b8e7595c5ae89d32b3176197566f8e256a1bc8d75e26b32

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://abnormalsecurity.com/_next/static/css/df330d0e494711a3.css
Origin: https://abnormalsecurity.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
date: Wed, 06 Dec 2023 02:12:29 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
age: 381819
content-disposition: inline; filename="TWKEverett-Bold-web.woff2"
content-length: 61376
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::bxdqn-1701828749092-f65528b36a33
x-matched-path: /fonts/TWKEverett-Bold-web.woff2
etag: "5c80ceb188e4930bccf3be1166b8f115"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=315360000
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
accept-ranges: bytes
access-control-allow-headers: Content-Type

GET
H2 200 image
abnormalsecurity.com/_next/ 4 KB
4 KB 43ms
42ms Image
image/avif 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abnormalsecurity.com/_next/image?url=https%3A%2F%2Foptimise2.assets-servd.host%2Fgifted-zorilla%2Fproduction%2Fimages%2Fblog%2Fauthor-mike-britton.png%3Fw%3D30%26h%3D30%26auto%3Dcompress%252Cformat%26fit%3Dcrop%26dm%3D1675097633%26s%3Da41db20d07e66478a0bb222ab6994419&w=90&q=75

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

3e8c8ce8d9b11dbfe75e3e449d459dd6a14a53fc787de6dd54496c0ef11bd5a2

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
date: Wed, 15 Nov 2023 02:13:18 GMT
strict-transport-security: max-age=63072000
age: 1814350
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="author-mike-britton.avif"
content-length: 3677
last-modified: Wed, 15 Nov 2023 02:13:18 GMT
server: Vercel
x-vercel-id: fra1::fmhww-1701828749097-b4ceca91c78f
x-vercel-cache: HIT
vary: Accept
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=2073600, must-revalidate
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 image
abnormalsecurity.com/_next/ 7 KB
7 KB 43ms
43ms Image
image/avif 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abnormalsecurity.com/_next/image?url=https%3A%2F%2Foptimise2.assets-servd.host%2Fgifted-zorilla%2Fproduction%2Fimages%2Fblog%2FB-Disney-Attack-Blog.png%3Fw%3D760%26h%3D760%26q%3D80%26fm%3Djpg%26fit%3Dcrop%26crop%3Dfocalpoint%26fp-x%3D0.5%26fp-y%3D0.5%26dm%3D1701728411%26s%3D8041e672b5d5234ce6950e037a0bf859&w=380&q=75

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

1d4911b8708ddf21478e87516ad41a692c616125f81700ff7eaf0d055506c8a4

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
date: Tue, 05 Dec 2023 10:34:58 GMT
strict-transport-security: max-age=63072000
age: 56250
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="B-Disney-Attack-Blog.avif"
content-length: 6763
last-modified: Tue, 05 Dec 2023 10:34:58 GMT
server: Vercel
x-vercel-id: fra1::2g29n-1701828749097-f65e2b99e1b2
x-vercel-cache: HIT
vary: Accept
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=2073600, must-revalidate
accept-ranges: bytes
timing-allow-origin: *

OPTIONS
H2 200 graphql
cms.abnormalsecurity.com/ Frame 0
0 554ms
189ms Preflight
text/html 167.172.14.134
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://cms.abnormalsecurity.com/graphql

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.172.14.134 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://abnormalsecurity.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, X-Craft-Authorization, X-Craft-Token
access-control-allow-origin: *
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 06 Dec 2023 02:12:29 GMT
strict-transport-security: max-age=15724800
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 graphql Show response
cms.abnormalsecurity.com/ 6 KB
1 KB 209ms
209ms Fetch
application/json 167.172.14.134
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://cms.abnormalsecurity.com/graphql

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/7175-16c9b2ac211f2e95.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.172.14.134 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

79bbba7d7d24ffc8e5b1e3ed0131e709be8f87b5cd16c3e72871910859f56379

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
accept-language: de-DE,de;q=0.9
Authorization: Bearer he3ov7WMe88DxirU9L5BeVDxGCGYnzCF
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 06 Dec 2023 02:12:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, X-Craft-Authorization, X-Craft-Token
x-xss-protection: 1; mode=block

GET
H2 200 script.js Show response
abnormalsecurity.com/_vercel/insights/ 2 KB
1 KB 46ms
46ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_vercel/insights/script.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/pages/_app-52b0f829b69ffc66.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

e6dda910a194774dd2cdde20e20b0519c9116e6712bdf02c05838fe5bc92d128

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:29 GMT
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: Vercel
x-vercel-id: fra1:fra1:fra1::fmhww-1701828749163-3ddbe5905cb3
age: 53
etag: W/"a574ea47f86676c5c2fdc001cf40806e"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=600
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="script.js"

GET
H2 200 bootstrap.min.css
cdn.outgrow.us/assets/css/shared/ Frame A36D 118 KB
16 KB 145ms
41ms Stylesheet
text/css 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.outgrow.us/assets/css/shared/bootstrap.min.css

Requested by

Host: abnormalsecurity.outgrow.us
URL: https://abnormalsecurity.outgrow.us/64e37afea593954b6e60f08f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

49486fb624bd05fb1ef21c3ba7c375bfc893034458b8330c5472b381ce21cea9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.outgrow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 02:12:29 GMT
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16074
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230025-FRA
x-ua-compatible: ie=edge
last-modified: Tue, 21 Nov 2023 10:16:52 GMT
x-timer: S1701828749.288860,VS0,VE1
etag: "79382494882cfee6696fdd420c9898ff2278e369633d90e9f7a4e8600f597bcc-br"
vary: x-fh-requested-host, accept-encoding
content-type: text/css; charset=utf-8
cache-control: max-age=31556952
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 jquery.min.js Show response
cdn.outgrow.us/assets/js/ Frame A36D 84 KB
27 KB 144ms
40ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.outgrow.us/assets/js/jquery.min.js

Requested by

Host: abnormalsecurity.outgrow.us
URL: https://abnormalsecurity.outgrow.us/64e37afea593954b6e60f08f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fdce77a6d0053f32d231518a84a71bcab5c86045ed52369da00b89d4284aef46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.outgrow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 02:12:29 GMT
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26924
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230025-FRA
x-ua-compatible: ie=edge
last-modified: Tue, 21 Nov 2023 10:16:52 GMT
x-timer: S1701828749.289117,VS0,VE1
etag: "a34f05ebcf2a3dd89b7da3636523f954e9e2f2b078ba512870a4aa90eb8fe4be-br"
vary: x-fh-requested-host, accept-encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31556952
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 handsontable.full.min.css
cdn.jsdelivr.net/npm/handsontable@12.0/dist/ Frame A36D 37 KB
9 KB 131ms
47ms Stylesheet
text/css 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/handsontable@12.0/dist/handsontable.full.min.css

Requested by

Host: abnormalsecurity.outgrow.us
URL: https://abnormalsecurity.outgrow.us/64e37afea593954b6e60f08f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d392de8e184fb7a20e74b3d9100c85ad80c44948185894b9f52e88924724225

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.outgrow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3918
x-jsd-version: 12.0.1
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230128-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"92df-WpqL2FuRD7Gl+yZe1fniGbMQMpY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZcKLQU0z1W2pYE%2FVJVN5N6H3bstQeJCOaPK4bCgu2wu%2F3VsBT4I%2BXlQ9s6ZI45BoxnC7X%2F%2F6r7gdV4qNqXDGXFGPo3X1wgFcsX5IuHSepPoTs7n3bk8tPSQb2lGJd7WYL37xCrtjO1h7jmYn%2FMw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 83110112eb911b35-FRA

GET
H2 200 styles.31d6cfe0d16ae931b73c.css
cdn.outgrow.us/ Frame A36D 0
110 B 145ms
41ms Stylesheet
text/css 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.outgrow.us/styles.31d6cfe0d16ae931b73c.css

Requested by

Host: abnormalsecurity.outgrow.us
URL: https://abnormalsecurity.outgrow.us/64e37afea593954b6e60f08f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.outgrow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
date: Wed, 06 Dec 2023 02:12:29 GMT
x-content-type-options: nosniff
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 0
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230025-FRA
x-ua-compatible: ie=edge
last-modified: Tue, 21 Nov 2023 10:16:52 GMT
x-timer: S1701828749.289128,VS0,VE1
etag: "f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec"
vary: x-fh-requested-host, accept-encoding
content-type: text/css; charset=utf-8
cache-control: max-age=31556952
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 65cWdRURGyuAMNnIltNw_og_logo.png
dlvkyia8i4zmz.cloudfront.net/ Frame A36D 1 KB
2 KB 136ms
34ms Image
image/png 2600:9000:223c:5400:1:57c7:dac0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dlvkyia8i4zmz.cloudfront.net/65cWdRURGyuAMNnIltNw_og_logo.png

Requested by

Host: abnormalsecurity.outgrow.us
URL: https://abnormalsecurity.outgrow.us/64e37afea593954b6e60f08f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:5400:1:57c7:dac0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8e12b9fe62d0f82f3731ab55c398ae09def0d738416247e3e16dd19b6d1594f8

Security Headers

Name	Value
Content-Security-Policy	form-action 'self'; block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.outgrow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 08:57:34 GMT
via: 1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront)
content-security-policy: form-action 'self'; block-all-mixed-content
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P2
age: 839696
x-cache: Hit from cloudfront
content-length: 1525
referrer-policy: same-origin
last-modified: Tue, 16 Mar 2021 10:37:11 GMT
server: AmazonS3
etag: "5528f7af37c18bcc67be36c5901d42cc"
content-type: image/png
cache-control: public, max-age=31622400
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-amz-cf-id: HVIxYmjV-LfOQHUktR7Wt3QA4cngYwjAUafInhlp-6Zu80Gqap866A==

GET
H2 200 bootstrap.min.js Show response
cdn.outgrow.us/assets/js/ Frame A36D 36 KB
9 KB 42ms
41ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.outgrow.us/assets/js/bootstrap.min.js

Requested by

Host: abnormalsecurity.outgrow.us
URL: https://abnormalsecurity.outgrow.us/64e37afea593954b6e60f08f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.outgrow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 02:12:29 GMT
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 8653
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230025-FRA
x-ua-compatible: ie=edge
last-modified: Tue, 21 Nov 2023 10:16:52 GMT
x-timer: S1701828749.376733,VS0,VE1
etag: "25723d427bb9af0ca520667f115a1034b89ed2cbb5cb17124ddce4fcb5ce686c-br"
vary: x-fh-requested-host, accept-encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31556952
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 moment.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.14.1/ Frame A36D 57 KB
18 KB 130ms
49ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.14.1/moment.min.js

Requested by

Host: abnormalsecurity.outgrow.us
URL: https://abnormalsecurity.outgrow.us/64e37afea593954b6e60f08f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0defdc819a00920beaa312fdc89a49ccf1f2a335044c59d2bfb11019f416438a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.outgrow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1298282
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 18032
last-modified: Mon, 04 May 2020 16:13:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f26-e53e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wQ9R%2BcOocrxtopZHRED4B3fDMIH8RVZ5FiHuh%2FEPIvJFjH4XAC3k2CTQjbfIbO09c7S1spoGyIPjO8A8BVUJSnFw4FXVSDx28ne8GDRUvArTdHyZrCbayjot2CzjrQeFfW4hattJVd%2FfMo5jf%2BmZRTej"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8311011439bf1e68-FRA
expires: Mon, 25 Nov 2024 02:12:29 GMT

GET
H2 200 filestack.js Show response
static.filestackapi.com/v3/ Frame A36D 104 KB
30 KB 154ms
39ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.filestackapi.com/v3/filestack.js
Requested by: Host: abnormalsecurity.outgrow.us
URL: https://abnormalsecurity.outgrow.us/64e37afea593954b6e60f08f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f1bf8dac3f25110d991fa77fc2668d67f0f88e89771a539ee50db3b4b4d563d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.outgrow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:29 GMT
content-encoding: gzip
via: 1.1 varnish
x-amz-request-id: FP6A6RM1M5MHT96H
age: 78395
x-cache: HIT
content-length: 30471
x-amz-id-2: T+97D1hxCxn2kMQw0qe01+FMoU9EQrSAHWkYrK6PYQDbuWEmb/aZEPOUvs04LtrlxNfT4n/wmwA=
x-served-by: cache-fra-etou8220118-FRA
last-modified: Fri, 18 May 2018 20:03:25 GMT
x-timer: S1701828750.504850,VS0,VE0
etag: "f13ab0f0db3e033473cd5ef24bf3a7b8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
x-cache-hits: 3

GET
H2 200 runtime-es2015.8c3318c93d869574f424.js Show response
cdn.outgrow.us/ Frame A36D 4 KB
2 KB 150ms
47ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.outgrow.us/runtime-es2015.8c3318c93d869574f424.js

Requested by

Host: abnormalsecurity.outgrow.us
URL: https://abnormalsecurity.outgrow.us/64e37afea593954b6e60f08f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9e2e31bd8af29880c37843f71680a559f9de7b5941affc1f4393deb48053c660

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://abnormalsecurity.outgrow.us/
Origin: https://abnormalsecurity.outgrow.us
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 02:12:29 GMT
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1894
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230023-FRA
x-ua-compatible: ie=edge
last-modified: Tue, 21 Nov 2023 10:16:52 GMT
x-timer: S1701828749.289242,VS0,VE0
etag: "daa4ed97eb14db84bab9363ac33d26edb2fa27c126cbc55204c9f017b258b06d-br"
vary: x-fh-requested-host, accept-encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31556952
accept-ranges: bytes
x-cache-hits: 3

GET
H2 200 polyfills-es2015.777b39586274a08d5f72.js Show response
cdn.outgrow.us/ Frame A36D 44 KB
13 KB 143ms
39ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.outgrow.us/polyfills-es2015.777b39586274a08d5f72.js

Requested by

Host: abnormalsecurity.outgrow.us
URL: https://abnormalsecurity.outgrow.us/64e37afea593954b6e60f08f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f1be6617ba107f1e96bcd79ac78ab26e281b1f1b2bda9a46f4d39e241b8ed829

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://abnormalsecurity.outgrow.us/
Origin: https://abnormalsecurity.outgrow.us
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 02:12:29 GMT
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 13275
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230023-FRA
x-ua-compatible: ie=edge
last-modified: Tue, 21 Nov 2023 10:16:52 GMT
x-timer: S1701828749.288993,VS0,VE0
etag: "4bd5c12290c4509969ea72c66b66c17884ac60c25e6c59179ccd9de33edf8db5-br"
vary: x-fh-requested-host, accept-encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31556952
accept-ranges: bytes
x-cache-hits: 35250

GET
H2 200 main-es2015.94837350ae1c70fb2fcc.js Show response
cdn.outgrow.us/ Frame A36D 1012 KB
188 KB 151ms
48ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.outgrow.us/main-es2015.94837350ae1c70fb2fcc.js

Requested by

Host: abnormalsecurity.outgrow.us
URL: https://abnormalsecurity.outgrow.us/64e37afea593954b6e60f08f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

31814f314b7540fefc40d2bba5c0c5ae16ee0e5128dfe6a4bee4da5c7d69e570

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://abnormalsecurity.outgrow.us/
Origin: https://abnormalsecurity.outgrow.us
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 02:12:29 GMT
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 191983
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230023-FRA
x-ua-compatible: ie=edge
last-modified: Tue, 21 Nov 2023 10:16:52 GMT
x-timer: S1701828749.289291,VS0,VE1
etag: "21734d9b14eee009257032b79dedca577a2fc77654b0fc38894bfccf2d69eae4-br"
vary: x-fh-requested-host, accept-encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31556952
accept-ranges: bytes
x-cache-hits: 1

POST
H2 200 vitals
vitals.vercel-insights.com/v1/ 2 B
166 B 174ms
57ms Ping
text/plain 54.194.25.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vitals.vercel-insights.com/v1/vitals
Requested by: Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/main-24417d37015463b1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.25.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-25-213.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 06 Dec 2023 02:12:29 GMT
x-ratelimit-reset: 60
x-ratelimit-limit: 1000
cross-origin-resource-policy: cross-origin
content-length: 2
x-ratelimit-remaining: 999
content-type: text/plain; charset=utf-8

OPTIONS
H2 200 graphql
cms.abnormalsecurity.com/ Frame 0
0 451ms
156ms Preflight
text/html 167.172.14.134
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://cms.abnormalsecurity.com/graphql

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.172.14.134 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://abnormalsecurity.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, X-Craft-Authorization, X-Craft-Token
access-control-allow-origin: *
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 06 Dec 2023 02:12:29 GMT
strict-transport-security: max-age=15724800
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 graphql Show response
cms.abnormalsecurity.com/ 6 KB
1 KB 197ms
195ms Fetch
application/json 167.172.14.134
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://cms.abnormalsecurity.com/graphql

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/7175-16c9b2ac211f2e95.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.172.14.134 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

79bbba7d7d24ffc8e5b1e3ed0131e709be8f87b5cd16c3e72871910859f56379

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
accept-language: de-DE,de;q=0.9
Authorization: Bearer he3ov7WMe88DxirU9L5BeVDxGCGYnzCF
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 06 Dec 2023 02:12:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, X-Craft-Authorization, X-Craft-Token
x-xss-protection: 1; mode=block

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
661 B 50ms
50ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inconsolata%3Aital%2Cwght%400%2C400%3B0%2C500%3B0%2C600%3B0%2C700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6dea60f79962ab2bff00343db7d9ab8dd9d8c442c94328ffe1e395a9fa81ef1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 06 Dec 2023 02:12:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 02:12:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Dec 2023 02:12:29 GMT

GET
DATA 200
OK truncated
/ 84 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86027890704f9d2d32b7ceb1f4e25cfe75e7f7d96e6b2a061c9989c9e42f51e4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 5b44b2eaae896b504d4f83df72a96cba.svg
site-assets.plasmic.app/ 3 KB
1008 B 220ms
57ms Image
image/svg+xml 2600:9000:2127:8200:d:1a25:7e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://site-assets.plasmic.app/5b44b2eaae896b504d4f83df72a96cba.svg
Requested by: Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:8200:d:1a25:7e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ac4e49ff0d6f85af4ad5d6694a17031c7f32c9209c771c5c8ddb8f020888e3b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 11:08:19 GMT
x-amz-version-id: UEf87VnS1C0wPqysr3re_lXo60gy5TJO
content-encoding: gzip
via: 1.1 cb11ca2ff3db5adbe7df4bca70e51594.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 6275051
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 19 Apr 2023 18:16:05 GMT
server: AmazonS3
etag: W/"5b44b2eaae896b504d4f83df72a96cba"
vary: Accept-Encoding, Origin
content-type: image/svg+xml
cache-control: max-age=3600, s-maxage=31536000
x-robots-tag: noindex
x-amz-cf-id: tTqqu6heqsyI7M6AuCUqbcW78nyeGxqQiSCDufQZhSFpFZmwqBCwyw==

POST
H2 200 capture Show response
analytics.plasmic.app/ 13 B
359 B 685ms
221ms Fetch
application/json 44.238.156.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.plasmic.app/capture

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/pages/_app-52b0f829b69ffc66.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.238.156.227 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-238-156-227.us-west-2.compute.amazonaws.com

Software

Resource Hash

7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json
Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 06 Dec 2023 02:12:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
referrer-policy: same-origin
x-frame-options: DENY
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://abnormalsecurity.com
vary: Cookie
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type
content-length: 13

OPTIONS
H2 200 graphql
cms.abnormalsecurity.com/ Frame 0
0 347ms
157ms Preflight
text/html 167.172.14.134
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://cms.abnormalsecurity.com/graphql

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.172.14.134 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://abnormalsecurity.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, X-Craft-Authorization, X-Craft-Token
access-control-allow-origin: *
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 06 Dec 2023 02:12:29 GMT
strict-transport-security: max-age=15724800
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 graphql Show response
cms.abnormalsecurity.com/ 6 KB
1 KB 212ms
211ms Fetch
application/json 167.172.14.134
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://cms.abnormalsecurity.com/graphql

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/7175-16c9b2ac211f2e95.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.172.14.134 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

79bbba7d7d24ffc8e5b1e3ed0131e709be8f87b5cd16c3e72871910859f56379

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
accept-language: de-DE,de;q=0.9
Authorization: Bearer he3ov7WMe88DxirU9L5BeVDxGCGYnzCF
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 06 Dec 2023 02:12:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, X-Craft-Authorization, X-Craft-Token
x-xss-protection: 1; mode=block

GET
H2 200 image
abnormalsecurity.com/_next/ 97 KB
97 KB 43ms
43ms Image
image/avif 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abnormalsecurity.com/_next/image?url=https%3A%2F%2Foptimise2.assets-servd.host%2Fgifted-zorilla%2Fproduction%2Fimages%2Fblog%2FDisney-Attack-%25E2%2580%2593-Emails.png%3Fw%3D1536%26h%3D1584%26auto%3Dcompress%252Cformat%26fit%3Dcrop%26dm%3D1701734218%26s%3D681ab9e2daf3f23c78c43962585de83b&w=828&q=75

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

51f8cce2415bd1c0b63d5767f6ec47ab050636b19788e53307ad37634507185e

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
date: Tue, 05 Dec 2023 11:07:23 GMT
strict-transport-security: max-age=63072000
age: 54305
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="Disney-Attack-%E2%80%93-Emails.avif"
content-length: 99426
last-modified: Tue, 05 Dec 2023 11:07:21 GMT
server: Vercel
x-vercel-id: fra1::982b7-1701828749312-2261b82c5e8c
x-vercel-cache: HIT
vary: Accept
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=2073600, must-revalidate
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 index.json Show response
abnormalsecurity.com/_next/data/LyB3J0NNfEmuU-GqliHGn/ 868 KB
177 KB 76ms
65ms Fetch
application/json 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/data/LyB3J0NNfEmuU-GqliHGn/index.json

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/main-24417d37015463b1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

17986206616733c5e8427126a762d3753a07b7476dbdaa6f962b8f9c5da7b15c

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

purpose: prefetch
x-nextjs-data: 1
Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
accept-language: de-DE,de;q=0.9
x-middleware-prefetch: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 01:46:24 GMT
strict-transport-security: max-age=63072000
age: 1564
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::sfo1::2g29n-1701828749348-842941b8a543
x-matched-path: /_next/data/LyB3J0NNfEmuU-GqliHGn/[[...slug]].json
etag: W/"vcieom1fwnj252"
x-vercel-cache: STALE
x-frame-options: SAMEORIGIN
content-type: application/json
cache-control: public, max-age=0, s-maxage=86400, stale-while-revalidate=86400
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
x-nextjs-rewrite: /__pm__plasmic_seed=14
access-control-allow-headers: Content-Type

GET
H2 200 demo.json Show response
abnormalsecurity.com/_next/data/LyB3J0NNfEmuU-GqliHGn/ 809 KB
173 KB 77ms
66ms Fetch
application/json 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/data/LyB3J0NNfEmuU-GqliHGn/demo.json?slug=demo

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/main-24417d37015463b1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

85dd44a634e06acb6c41df4edc538e5157d337e29d4a55060ad6c195b4f593b9

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

purpose: prefetch
x-nextjs-data: 1
Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
accept-language: de-DE,de;q=0.9
x-middleware-prefetch: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 01:21:25 GMT
strict-transport-security: max-age=63072000
age: 3063
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::sfo1::w7c6b-1701828749348-f8f9d7324c2b
x-matched-path: /_next/data/LyB3J0NNfEmuU-GqliHGn/[[...slug]].json
etag: W/"2eml1klekqhr8o"
x-vercel-cache: STALE
x-frame-options: SAMEORIGIN
content-type: application/json
cache-control: public, max-age=0, s-maxage=86400, stale-while-revalidate=86400
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
x-nextjs-rewrite: /demo/__pm__plasmic_seed=7?slug=demo
access-control-allow-headers: Content-Type

GET
H2 200 mike-britton.json Show response
abnormalsecurity.com/_next/data/LyB3J0NNfEmuU-GqliHGn/blog/author/ 544 KB
132 KB 70ms
59ms Fetch
application/json 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/data/LyB3J0NNfEmuU-GqliHGn/blog/author/mike-britton.json?authorSlug=mike-britton

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/main-24417d37015463b1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

b433634836f7e92dedc2fa24d703bd9d77a6e97b15546d40c0052e79e99c8f95

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

purpose: prefetch
x-nextjs-data: 1
Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
accept-language: de-DE,de;q=0.9
x-middleware-prefetch: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
content-encoding: br
x-content-type-options: nosniff
date: Tue, 05 Dec 2023 16:48:23 GMT
strict-transport-security: max-age=63072000
age: 33845
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::sfo1::sm2m4-1701828749348-a9845de5dcf9
x-matched-path: /_next/data/LyB3J0NNfEmuU-GqliHGn/blog/author/[authorSlug].json
etag: W/"xnmled4gygbxeq"
x-vercel-cache: STALE
x-frame-options: SAMEORIGIN
content-type: application/json
cache-control: public, max-age=0, s-maxage=86400, stale-while-revalidate=86400
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
access-control-allow-headers: Content-Type

GET
H2 200 demo.json Show response
abnormalsecurity.com/_next/data/LyB3J0NNfEmuU-GqliHGn/ 809 KB
174 KB 269ms
258ms Fetch
application/json 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/data/LyB3J0NNfEmuU-GqliHGn/demo.json

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/main-24417d37015463b1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

85dd44a634e06acb6c41df4edc538e5157d337e29d4a55060ad6c195b4f593b9

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

purpose: prefetch
x-nextjs-data: 1
Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
content-encoding: br
x-content-type-options: nosniff
date: Tue, 05 Dec 2023 21:54:13 GMT
strict-transport-security: max-age=63072000
age: 15495
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::sfo1::l27x7-1701828749348-610348855bb8
x-matched-path: /_next/data/LyB3J0NNfEmuU-GqliHGn/[[...slug]].json
etag: W/"2eml1klekqhr8o"
x-vercel-cache: STALE
x-frame-options: SAMEORIGIN
content-type: application/json
cache-control: public, max-age=0, s-maxage=86400, stale-while-revalidate=86400
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
x-nextjs-rewrite: /demo/__pm__plasmic_seed=5
access-control-allow-headers: Content-Type

GET
H2 200 433-a8b4e647a06f5be2.js
abnormalsecurity.com/_next/static/chunks/ 0
35 KB 53ms
43ms Other
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/433-a8b4e647a06f5be2.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/main-24417d37015463b1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 02:12:29 GMT
strict-transport-security: max-age=63072000
age: 381815
content-disposition: inline; filename="433-a8b4e647a06f5be2.js"
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::4pmgr-1701828749348-68d16754e36b
x-matched-path: /_next/static/chunks/433-a8b4e647a06f5be2.js
etag: W/"b62da6e214b4679a06ae59f0f8f2ec4b"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
access-control-allow-headers: Content-Type

GET
H2 200 9358-fc56e7c3ae1b37cd.js
abnormalsecurity.com/_next/static/chunks/ 0
6 KB 54ms
44ms Other
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/9358-fc56e7c3ae1b37cd.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/main-24417d37015463b1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 02:12:29 GMT
strict-transport-security: max-age=63072000
age: 381815
content-disposition: inline; filename="9358-fc56e7c3ae1b37cd.js"
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::sdvgl-1701828749349-133ae86b621a
x-matched-path: /_next/static/chunks/9358-fc56e7c3ae1b37cd.js
etag: W/"994b4f9a3f78460ec7934fdaa90cad10"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
access-control-allow-headers: Content-Type

GET
H2 200 5192-851b443df02a86a5.js
abnormalsecurity.com/_next/static/chunks/ 0
31 KB 53ms
43ms Other
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/5192-851b443df02a86a5.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/main-24417d37015463b1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 02:12:29 GMT
strict-transport-security: max-age=63072000
age: 119187
content-disposition: inline; filename="5192-851b443df02a86a5.js"
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::cv6sb-1701828749348-12b558861704
x-matched-path: /_next/static/chunks/5192-851b443df02a86a5.js
etag: W/"80ab974aa866e3bf543bd1c2f55c4f6c"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
access-control-allow-headers: Content-Type

GET
H2 200 %5B%5B...slug%5D%5D-e1426b9985c3ed60.js
abnormalsecurity.com/_next/static/chunks/pages/ 0
4 KB 58ms
48ms Other
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/pages/%5B%5B...slug%5D%5D-e1426b9985c3ed60.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/main-24417d37015463b1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 02:12:29 GMT
strict-transport-security: max-age=63072000
age: 381815
content-disposition: inline; filename="[[...slug]]-e1426b9985c3ed60.js"
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::pw5sn-1701828749348-5e7b7fd93efb
x-matched-path: /_next/static/chunks/pages/%5B%5B...slug%5D%5D-e1426b9985c3ed60.js
etag: W/"76f25080fb22ebd122c0fc2ffa897017"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
access-control-allow-headers: Content-Type

POST
H2 200 view Show response
abnormalsecurity.com/_vercel/insights/ 2 B
202 B 145ms
144ms Fetch
text/plain 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_vercel/insights/view

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_vercel/insights/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 06 Dec 2023 02:12:29 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::pw5sn-1701828749357-bdae229e2d24
x-ratelimit-remaining: 999
content-type: text/plain; charset=utf-8
cache-control: public, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
x-ratelimit-limit: 1000
x-ratelimit-reset: 60
content-length: 2

OPTIONS
H2 200 graphql
cms.abnormalsecurity.com/ Frame 0
0 305ms
174ms Preflight
text/html 167.172.14.134
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://cms.abnormalsecurity.com/graphql

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.172.14.134 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://abnormalsecurity.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, X-Craft-Authorization, X-Craft-Token
access-control-allow-origin: *
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 06 Dec 2023 02:12:29 GMT
strict-transport-security: max-age=15724800
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 graphql Show response
cms.abnormalsecurity.com/ 6 KB
1 KB 191ms
191ms Fetch
application/json 167.172.14.134
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://cms.abnormalsecurity.com/graphql

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/7175-16c9b2ac211f2e95.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.172.14.134 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

79bbba7d7d24ffc8e5b1e3ed0131e709be8f87b5cd16c3e72871910859f56379

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
accept-language: de-DE,de;q=0.9
Authorization: Bearer he3ov7WMe88DxirU9L5BeVDxGCGYnzCF
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 06 Dec 2023 02:12:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, X-Craft-Authorization, X-Craft-Token
x-xss-protection: 1; mode=block

OPTIONS
H2 200 graphql
cms.abnormalsecurity.com/ Frame 0
0 281ms
175ms Preflight
text/html 167.172.14.134
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://cms.abnormalsecurity.com/graphql

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.172.14.134 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://abnormalsecurity.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, X-Craft-Authorization, X-Craft-Token
access-control-allow-origin: *
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 06 Dec 2023 02:12:29 GMT
strict-transport-security: max-age=15724800
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 graphql Show response
cms.abnormalsecurity.com/ 6 KB
1 KB 182ms
182ms Fetch
application/json 167.172.14.134
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://cms.abnormalsecurity.com/graphql

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/7175-16c9b2ac211f2e95.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.172.14.134 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

79bbba7d7d24ffc8e5b1e3ed0131e709be8f87b5cd16c3e72871910859f56379

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
accept-language: de-DE,de;q=0.9
Authorization: Bearer he3ov7WMe88DxirU9L5BeVDxGCGYnzCF
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 06 Dec 2023 02:12:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, X-Craft-Authorization, X-Craft-Token
x-xss-protection: 1; mode=block

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame A36D 52 KB
21 KB 124ms
39ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: abnormalsecurity.outgrow.us
URL: https://abnormalsecurity.outgrow.us/64e37afea593954b6e60f08f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.outgrow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 01:41:49 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1840
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 06 Dec 2023 03:41:49 GMT

GET
H2 200 bootstrap.min.css
cdn.outgrow.us/assets/css/shared/ Frame A36D 118 KB
16 KB 42ms
39ms Stylesheet
text/css 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.outgrow.us/assets/css/shared/bootstrap.min.css

Requested by

Host: abnormalsecurity.outgrow.us
URL: https://abnormalsecurity.outgrow.us/64e37afea593954b6e60f08f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

49486fb624bd05fb1ef21c3ba7c375bfc893034458b8330c5472b381ce21cea9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.outgrow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 02:12:29 GMT
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16074
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230025-FRA
x-ua-compatible: ie=edge
last-modified: Tue, 21 Nov 2023 10:16:52 GMT
x-timer: S1701828749.399135,VS0,VE0
etag: "79382494882cfee6696fdd420c9898ff2278e369633d90e9f7a4e8600f597bcc-br"
vary: x-fh-requested-host, accept-encoding
content-type: text/css; charset=utf-8
cache-control: max-age=31556952
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 433-a8b4e647a06f5be2.js Show response
abnormalsecurity.com/_next/static/chunks/ 108 KB
35 KB 49ms
43ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/433-a8b4e647a06f5be2.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/main-24417d37015463b1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

2095fd0d234295ebaa974d78aa3b89cf7832d22f539626a2d788b28411aa32ed

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 02:12:29 GMT
strict-transport-security: max-age=63072000
age: 381815
content-disposition: inline; filename="433-a8b4e647a06f5be2.js"
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::pw5sn-1701828749423-0b48f215dd33
x-matched-path: /_next/static/chunks/433-a8b4e647a06f5be2.js
etag: W/"b62da6e214b4679a06ae59f0f8f2ec4b"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
access-control-allow-headers: Content-Type

GET
H2 200 9358-fc56e7c3ae1b37cd.js Show response
abnormalsecurity.com/_next/static/chunks/ 17 KB
6 KB 48ms
42ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/9358-fc56e7c3ae1b37cd.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/main-24417d37015463b1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

157d48a8d90c0d76a7c4b55a11d8058770d75c47485e8a85d8932520d82fc9d2

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 02:12:29 GMT
strict-transport-security: max-age=63072000
age: 381815
content-disposition: inline; filename="9358-fc56e7c3ae1b37cd.js"
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::2g29n-1701828749423-accb8cf755a1
x-matched-path: /_next/static/chunks/9358-fc56e7c3ae1b37cd.js
etag: W/"994b4f9a3f78460ec7934fdaa90cad10"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
access-control-allow-headers: Content-Type

GET
H2 200 5192-851b443df02a86a5.js Show response
abnormalsecurity.com/_next/static/chunks/ 290 KB
30 KB 49ms
43ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/5192-851b443df02a86a5.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/main-24417d37015463b1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

0c028ce92935c3315fba24628513d2f7c0fb4c63daa77365e26c92b1d98511b0

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 02:12:29 GMT
strict-transport-security: max-age=63072000
age: 380509
content-disposition: inline; filename="5192-851b443df02a86a5.js"
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::w7c6b-1701828749423-47bc88445824
x-matched-path: /_next/static/chunks/5192-851b443df02a86a5.js
etag: W/"80ab974aa866e3bf543bd1c2f55c4f6c"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
access-control-allow-headers: Content-Type

GET
H2 200 %5B%5B...slug%5D%5D-e1426b9985c3ed60.js Show response
abnormalsecurity.com/_next/static/chunks/pages/ 9 KB
4 KB 47ms
41ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/pages/%5B%5B...slug%5D%5D-e1426b9985c3ed60.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/main-24417d37015463b1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

4158bb0b755e96a75cb4edf45e0edcec42f341386982f2d05f75b3e02ff39e86

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 02:12:29 GMT
strict-transport-security: max-age=63072000
age: 381815
content-disposition: inline; filename="[[...slug]]-e1426b9985c3ed60.js"
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::sm2m4-1701828749423-1140993759c4
x-matched-path: /_next/static/chunks/pages/%5B%5B...slug%5D%5D-e1426b9985c3ed60.js
etag: W/"76f25080fb22ebd122c0fc2ffa897017"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
access-control-allow-headers: Content-Type

GET
H2 200 %5BauthorSlug%5D-19eb328cdca22587.js
abnormalsecurity.com/_next/static/chunks/pages/blog/author/ 0
6 KB 43ms
43ms Other
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/pages/blog/author/%5BauthorSlug%5D-19eb328cdca22587.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/main-24417d37015463b1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 02:12:29 GMT
strict-transport-security: max-age=63072000
age: 381739
content-disposition: inline; filename="[authorSlug]-19eb328cdca22587.js"
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::w7c6b-1701828749430-ff7a1a00ecc6
x-matched-path: /_next/static/chunks/pages/blog/author/%5BauthorSlug%5D-19eb328cdca22587.js
etag: W/"5ae4167200888fd2804fa17e5c431134"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
access-control-allow-headers: Content-Type

OPTIONS
H2 204 abnormalsecurity
api-n.outgrow.co/api/v1/builder/get_company_calculator/64e37afea593954b6e60f08f/ Frame 0
0 203ms
66ms Preflight 99.80.207.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-n.outgrow.co/api/v1/builder/get_company_calculator/64e37afea593954b6e60f08f/abnormalsecurity

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.80.207.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-207-12.eu-west-1.compute.amazonaws.com

Software

nginx/1.22.1 / Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://abnormalsecurity.outgrow.us
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-HTTP-Method-Override,Content-Type,Accept,Content-Encoding,Authorization,api-key,employee,content-t
access-control-allow-methods: OPTIONS,GET,POST,PUT,HEAD,DELETE,PATCH
access-control-allow-origin: https://abnormalsecurity.outgrow.us
access-control-expose-headers: content-t
access-control-max-age: 86400
date: Wed, 06 Dec 2023 02:12:29 GMT
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
server: nginx/1.22.1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: deny
x-powered-by: Express
x-xss-protection: 1; mode=block

GET
H2 200 abnormalsecurity Show response
api-n.outgrow.co/api/v1/builder/get_company_calculator/64e37afea593954b6e60f08f/ Frame A36D 155 KB
16 KB 515ms
406ms XHR
application/json 99.80.207.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-n.outgrow.co/api/v1/builder/get_company_calculator/64e37afea593954b6e60f08f/abnormalsecurity

Requested by

Host: cdn.outgrow.us
URL: https://cdn.outgrow.us/polyfills-es2015.777b39586274a08d5f72.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.80.207.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-207-12.eu-west-1.compute.amazonaws.com

Software

nginx/1.22.1 / Express

Resource Hash

a001a9e41dc38527f0a531d2ba65e11fad8492e0aa3ccabe65a909ecb74420af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://abnormalsecurity.outgrow.us/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 06 Dec 2023 02:12:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
x-powered-by: Express
x-cache: Hit from cache
x-xss-protection: 1; mode=block
server: nginx/1.22.1
etag: W/"26cd7-OwCNnlXWkKrocq+daqa4EZKM3lA"
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,GET,POST,PUT,HEAD,DELETE,PATCH
content-type: application/json; charset=utf-8
access-control-allow-origin: https://abnormalsecurity.outgrow.us
access-control-expose-headers: content-t
x-frame-options: deny
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-HTTP-Method-Override,Content-Type,Accept,Content-Encoding,Authorization,api-key,employee,content-t

POST
H2 200 vitals
vitals.vercel-insights.com/v1/ 2 B
165 B 62ms
60ms Ping
text/plain 54.194.25.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vitals.vercel-insights.com/v1/vitals
Requested by: Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/main-24417d37015463b1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.25.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-25-213.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 06 Dec 2023 02:12:29 GMT
x-ratelimit-reset: 60
x-ratelimit-limit: 1000
cross-origin-resource-policy: cross-origin
content-length: 2
x-ratelimit-remaining: 999
content-type: text/plain; charset=utf-8

GET
H2 200 %5BauthorSlug%5D-19eb328cdca22587.js Show response
abnormalsecurity.com/_next/static/chunks/pages/blog/author/ 17 KB
6 KB 51ms
50ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/pages/blog/author/%5BauthorSlug%5D-19eb328cdca22587.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/main-24417d37015463b1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

a34223bc27e04af9df72c91f4cdc05c152274a1ffd13ff4ac1a61d3dc72ec170

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 02:12:29 GMT
strict-transport-security: max-age=63072000
age: 381739
content-disposition: inline; filename="[authorSlug]-19eb328cdca22587.js"
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::2dl4d-1701828749574-86fa0535432e
x-matched-path: /_next/static/chunks/pages/blog/author/%5BauthorSlug%5D-19eb328cdca22587.js
etag: W/"5ae4167200888fd2804fa17e5c431134"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
access-control-allow-headers: Content-Type

GET
H2 200 osano.js Show response
cmp.osano.com/169lRDSj6676CDt8D/88b78aa1-c424-4eeb-96cb-59809bf84390/ 237 KB
60 KB 183ms
75ms Script
application/javascript 2600:9000:2127:8a00:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/169lRDSj6676CDt8D/88b78aa1-c424-4eeb-96cb-59809bf84390/osano.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2127:8a00:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

58777e2b967af5cdf00a0715ef80c1e984c2e3bb56785f060b66f39f727c643c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:04:59 GMT
content-encoding: br
via: 1.1 f631e696fd022598ec39e248ac48b192.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: PRG50-C1
age: 450
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 60947
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 14 Sep 2022 18:38:53 GMT
server: CloudFront
etag: "53359b8e9d1895c11660356678f863aa"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-id: IJJ5tCny2hIeB0VMStUyv5VLISca14Ynfma3_v0tx1WnU6ZRLMONYg==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 276 KB
96 KB 153ms
60ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5DSW3JC

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

69ad5049ec0eb71fbb42d330fdb54bbb52d9e828b0b18a346b6ad4a0fb7997ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97867
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 06 Dec 2023 02:12:29 GMT

GET
H/1.1 200
OK st.js Show response
s.swiftypecdn.com/install/v2/ 416 KB
110 KB 150ms
43ms Script
text/javascript 151.101.192.143
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.swiftypecdn.com/install/v2/st.js
Requested by: Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.192.143 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2d7c7930eb39d59cd8c2dc00652977da3ed72347e7cd465f7b540e10e2121c22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Wed, 06 Dec 2023 02:12:29 GMT
Content-Encoding: gzip
Via: 1.1 varnish
Age: 86
X-Cache: HIT
Connection: keep-alive
Content-Length: 112326
X-Served-By: cache-fra-eddf8230043-FRA
X-Timer: S1701828750.680581,VS0,VE1
ETag: "644bc37e-1b6c6"
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, public, max-age=300, public
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H2 200 chatV2.js Show response
dyv6f9ner1ir9.cloudfront.net/assets/js/ 998 B
2 KB 43ms
43ms Script
text/javascript 2600:9000:214f:1000:3:eee:d40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dyv6f9ner1ir9.cloudfront.net/assets/js/chatV2.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:1000:3:eee:d40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

333d71153215f5f9299fa750c8b4b1e774e62f69ba13ee47e14d6385afcc69ec

Security Headers

Name	Value
Content-Security-Policy	form-action 'self'; block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 09:40:40 GMT
via: 1.1 f960fa0538fdb326fc338e984fa7ece8.cloudfront.net (CloudFront)
content-security-policy: form-action 'self'; block-all-mixed-content
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA53-C1
age: 67457
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 998
referrer-policy: same-origin
last-modified: Tue, 07 Nov 2023 08:37:04 GMT
server: AmazonS3
etag: "6e836226ec0cee4ccc1b1ef7c684584d"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31622400
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-amz-cf-id: ERp79YKmDCpT0JOjE8VjXHhhCS3vBtD5Me3o3KcR3tnR08ZTr4WlVg==

GET
BLOB 200
OK e94e1537-46db-4e3b-bca8-ff5999fb7eae
https://abnormalsecurity.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://abnormalsecurity.com/e94e1537-46db-4e3b-bca8-ff5999fb7eae
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H/1.1 200
OK MPCTbKVvgW6arYio-yHr.json Show response
s.swiftypecdn.com/install/v2/config/ 19 KB
5 KB 128ms
39ms XHR
application/json 151.101.192.143
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://s.swiftypecdn.com/install/v2/config/MPCTbKVvgW6arYio-yHr.json

Requested by

Host: s.swiftypecdn.com
URL: https://s.swiftypecdn.com/install/v2/st.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.143 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e927d7fbd371b71537496dd2bc52f767f2e0f5c23e873075b367b8a5e7a26215

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Wed, 06 Dec 2023 02:12:29 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Via: 1.1 varnish
X-Permitted-Cross-Domain-Policies: none
Age: 242
X-Cache: HIT
Connection: keep-alive
Content-Length: 4250
X-XSS-Protection: 1; mode=block
X-Request-Id: 4f9c54f8c993d567f6515b1e49ea117a
X-Served-By: cache-fra-eddf8230030-FRA
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 06 Jan 2023 17:39:17 GMT
X-Timer: S1701828750.965190,VS0,VE1
ETag: W/"41ea9ae29cb453065d6ee8ac2b35f23e"
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Access-Control-Max-Age: 7200
Access-Control-Allow-Methods: GET, POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: max-age=300, public
Access-Control-Allow-Credentials: true
Vary: Accept-Encoding, Origin
Accept-Ranges: bytes
X-Cache-Hits: 1

POST
H2 200 landing
pagead2.googlesyndication.com/pagead/ 42 B
455 B 173ms
76ms Ping
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=11p1p1l1l5&rnd=1786262036.1701828750&url=https%3A%2F%2Fabnormalsecurity.com%2Fblog%2Fdisney-plus-attack-personalized-attachments&dma_cps=sypham&dma=1&gtm=45He3bt0n815DSW3JCv830630196

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5DSW3JC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 02:12:30 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 55451921-8278-4244-87a2-1e0b878bdae0.js Show response
cdn.mouseflow.com/projects/ 195 KB
58 KB 144ms
52ms Script
application/javascript 2606:4700::6812:1a32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.mouseflow.com/projects/55451921-8278-4244-87a2-1e0b878bdae0.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/169lRDSj6676CDt8D/88b78aa1-c424-4eeb-96cb-59809bf84390/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a3e1a9e456122f3da105a75c141cf5d6920a40c746b24df195795aaa2da6791

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:30 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 183684
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400
x-mf-script-region: EU
last-modified: Sun, 26 Nov 2023 16:00:39 GMT
server: cloudflare
etag: W/"fc705cb38120da1:0"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 831101179c8d1e4f-FRA
expires: Thu, 07 Dec 2023 02:12:30 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 282 KB
92 KB 57ms
56ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-F60FHP0104&l=dataLayer&cx=c

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/169lRDSj6676CDt8D/88b78aa1-c424-4eeb-96cb-59809bf84390/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2d1ab875cc75d5df5a5e9568956f339bcd10ad6e97dd96082f86c34c2fffc43e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94585
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 06 Dec 2023 02:12:29 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/169lRDSj6676CDt8D/88b78aa1-c424-4eeb-96cb-59809bf84390/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 01:41:49 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1840
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 06 Dec 2023 03:41:49 GMT

GET
H2 200 zi-tag.js Show response
js.zi-scripts.com/ 8 KB
3 KB 231ms
159ms Script
application/javascript 172.64.150.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/zi-tag.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/169lRDSj6676CDt8D/88b78aa1-c424-4eeb-96cb-59809bf84390/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.150.44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15ebddd8f42a017abf38230bbefe743a7a4daeeeec69785baf43ce930d3de6ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:30 GMT
x-amz-version-id: d0fvXwBE1KKHAVrX57LqVGhiliHVZHvh
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Thu, 16 Nov 2023 09:35:17 GMT
server: cloudflare
via: 1.1 2d4d085f20577a6aef404b4e48f97a1c.cloudfront.net (CloudFront)
x-amz-cf-pop: BAH53-C1
etag: W/"84c587b3edbc3a49ffac053ea2e2f6f6"
age: 86187
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cf-ray: 831101176f052675-TXL
x-amz-cf-id: HgP_N2z1TSWOrh4WJOngaxiWLgywS2z98MN3aaA8a6oJ2drR0vpQnA==

GET
H2 200 TWKEverett-Medium-web.woff2
abnormalsecurity.com/fonts/ 60 KB
60 KB 57ms
48ms Font
font/woff2 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/fonts/TWKEverett-Medium-web.woff2

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/css/df330d0e494711a3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

d91033f65778252fc30b9aa96ff688f60a08c40cd89e947d795762b8da785d20

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://abnormalsecurity.com/_next/static/css/df330d0e494711a3.css
Origin: https://abnormalsecurity.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
date: Wed, 06 Dec 2023 02:12:29 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
age: 381816
content-disposition: inline; filename="TWKEverett-Medium-web.woff2"
content-length: 61120
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::pw5sn-1701828749967-8f30687629bf
x-matched-path: /fonts/TWKEverett-Medium-web.woff2
etag: "f31631e88d6dfd9860d1013e7d77dd05"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=315360000
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
accept-ranges: bytes
access-control-allow-headers: Content-Type

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 44ms
44ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=584277893&t=pageview&_s=1&dl=https%3A%2F%2Fabnormalsecurity.com%2Fblog%2Fdisney-plus-attack-personalized-attachments&ul=en-us&de=UTF-8&dt=Disney%2B%20Impersonated%20in%20Personalized%20Multi-Stage%20Email%E2%80%A6%20%7C%20Abnormal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEAAAAABAAAAAAAAIk~&cid=1275463924.1701828750&tid=UA-135379382-1&_gid=750748346.1701828750&gtm=45He3bt0n815DSW3JCv830630196&gcs=G100&gcd=11p1p1l1l5&dma_cps=sypham&dma=1&z=1716026138

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 19:52:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 22829
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 44ms
43ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=584277893&t=timing&_s=2&dl=https%3A%2F%2Fabnormalsecurity.com%2Fblog%2Fdisney-plus-attack-personalized-attachments&ul=en-us&de=UTF-8&dt=Disney%2B%20Impersonated%20in%20Personalized%20Multi-Stage%20Email%E2%80%A6%20%7C%20Abnormal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=1043&pdt=61&dns=0&rrt=0&srt=109&tcp=86&dit=280&clt=548&_gst=1384&_gbt=1451&_u=YEAAAAABAAAAAAAAIk~&cid=1275463924.1701828750&tid=UA-135379382-1&_gid=750748346.1701828750&gtm=45He3bt0n815DSW3JCv830630196&gcs=G100&gcd=11p1p1l1l5&dma_cps=sypham&dma=1&z=300041140

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 19:52:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 22829
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK new_embed-2552d8d62d9c60f59b3b11a5d083d1ebd090c72de809fc7c76fb339825302241.css
s.swiftypecdn.com/assets/ 89 KB
34 KB 39ms
39ms Stylesheet
text/css 151.101.192.143
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.swiftypecdn.com/assets/new_embed-2552d8d62d9c60f59b3b11a5d083d1ebd090c72de809fc7c76fb339825302241.css
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/169lRDSj6676CDt8D/88b78aa1-c424-4eeb-96cb-59809bf84390/osano.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.192.143 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2552d8d62d9c60f59b3b11a5d083d1ebd090c72de809fc7c76fb339825302241

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

X-Cache-Hits: 4253
Date: Wed, 06 Dec 2023 02:12:30 GMT
Content-Encoding: gzip
Via: 1.1 varnish
Age: 606452
X-Cache: HIT
Connection: keep-alive
Content-Length: 33983
X-Served-By: cache-fra-eddf8230043-FRA
X-Timer: S1701828750.006893,VS0,VE0
ETag: "62b9d075-84bf"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
Expires: Thu, 28 Nov 2024 01:44:57 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
257 B 133ms
46ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-F60FHP0104&gtm=45je3bt0v892533739z8830630196&_p=1701828749554&gcs=G100&gcd=11p1p1l1l5&dma_cps=sypham&dma=1&cid=1275463924.1701828750&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1701828750&sct=1&seg=0&dl=https%3A%2F%2Fabnormalsecurity.com%2Fblog%2Fdisney-plus-attack-personalized-attachments&dt=Disney%2B%20Impersonated%20in%20Personalized%20Multi-Stage%20Email%E2%80%A6%20%7C%20Abnormal&en=page_view&_fv=1&_ss=1&tfd=1512
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-F60FHP0104&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 02:12:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://abnormalsecurity.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 init Show response
n2.mouseflow.com/ 0
244 B 624ms
124ms XHR
text/plain 2607:f5b7:1:52::11
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL

https://n2.mouseflow.com/init?v=17.97&p=55451921-8278-4244-87a2-1e0b878bdae0&s=0ae4ed2d28a852c6d6040c98983f5c08&page=12063070dd847f24a5cb89918f89fb18354a4f80&ret=0&u=b4ef632400f410db9e4da2c08440d25c&href=https%3A%2F%2Fabnormalsecurity.com%2Fblog%2Fdisney-plus-attack-personalized-attachments&url=%2Fblog%2Fdisney-plus-attack-personalized-attachments&ref=&title=Disney%2B%20Impersonated%20in%20Personalized%20Multi-Stage%20Email%E2%80%A6%20%7C%20Abnormal&res=1600x1200&tz=-60&to=0&dnt=0&ori=&dw=1600&dh=1200&time=1347&pxr=1&gdpr=1

Requested by

Host: cdn.mouseflow.com
URL: https://cdn.mouseflow.com/projects/55451921-8278-4244-87a2-1e0b878bdae0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2607:f5b7:1:52::11 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),

Reverse DNS

Software

Mouseflow /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type: text/plain

Response headers

date: Wed, 06 Dec 2023 02:12:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: Mouseflow
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://abnormalsecurity.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK cc.js
cc.swiftype.com/ 43 B
279 B 670ms
158ms Image
image/gif 169.63.31.200
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc.swiftype.com/cc.js?engine_key=Jf5CnSM-5QHr_uqSbubJ&url=https%3A%2F%2Fabnormalsecurity.com%2Fblog%2Fdisney-plus-attack-personalized-attachments
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 169.63.31.200 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: c8.1f.3fa9.ip4.static.sl-reverse.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 06 Dec 2023 02:12:30 GMT
Cache-Control: no-cache
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Connection: keep-alive
Content-Length: 43
Expires: Wed, 06 Dec 2023 02:12:29 GMT

OPTIONS
H2 204 getSubscriptions
js.zi-scripts.com/unified/v1/master/ Frame 0
0 570ms
504ms Preflight 172.64.150.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.150.44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,visited_url
Access-Control-Request-Method: GET
Origin: https://abnormalsecurity.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 0
apigw-requestid: Pf7GVgazPHcES9g=
cf-cache-status: DYNAMIC
cf-ray: 83110118eeb74522-TXL
date: Wed, 06 Dec 2023 02:12:30 GMT
server: cloudflare
vary: Access-Control-Request-Headers
via: 1.1 8a8ce1b655547c1da36b64e17700f010.cloudfront.net (CloudFront)
x-amz-cf-id: ibLjLqUlMDl-jZa7gx-N5f7tA_wfpCdoZNs5kwUGvIBqtOpguBBoKQ==
x-amz-cf-pop: TXL52-C1
x-cache: Miss from cloudfront
x-powered-by: Express

GET
H2 200 getSubscriptions Show response
js.zi-scripts.com/unified/v1/master/ 195 B
417 B 503ms
503ms Fetch
application/json 172.64.150.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Requested by: Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.150.44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 497f6cf77379371537ee2f970cafda2f57be59d9efeab8f5bdf0a5e99ed7743d

Request headers

Content-Type: application/json
Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
accept-language: de-DE,de;q=0.9
Authorization: Bearer da2adf007b1682358524
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
visited_url: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments

Response headers

date: Wed, 06 Dec 2023 02:12:31 GMT
via: 1.1 8a8ce1b655547c1da36b64e17700f010.cloudfront.net (CloudFront)
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-amz-cf-pop: TXL52-C1
x-powered-by: Express
etag: W/"c3-bJL90tTKUYMXSd/bbUYnq44jMfA"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cf-ray: 8311011c091f4522-TXL
x-amz-cf-id: OHpfWSG9XEGIWstlY6RTsXfJ2nKpPQ-FCJQj5JU1zZBapmN6tDFK7A==
apigw-requestid: Pf7GaiSpPHcESJg=

OPTIONS
H2 204 get_pklist
api-n.outgrow.co/api/v1/analytic/ Frame 0
0 59ms
59ms Preflight 99.80.207.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-n.outgrow.co/api/v1/analytic/get_pklist

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.80.207.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-207-12.eu-west-1.compute.amazonaws.com

Software

nginx/1.22.1 / Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://abnormalsecurity.outgrow.us
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-HTTP-Method-Override,Content-Type,Accept,Content-Encoding,Authorization,api-key,employee,content-t
access-control-allow-methods: OPTIONS,GET,POST,PUT,HEAD,DELETE,PATCH
access-control-allow-origin: https://abnormalsecurity.outgrow.us
access-control-expose-headers: content-t
access-control-max-age: 86400
date: Wed, 06 Dec 2023 02:12:30 GMT
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
server: nginx/1.22.1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: deny
x-powered-by: Express
x-xss-protection: 1; mode=block

GET
H2 200 get_pklist Show response
api-n.outgrow.co/api/v1/analytic/ Frame A36D 6 KB
3 KB 60ms
60ms XHR
application/json 99.80.207.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-n.outgrow.co/api/v1/analytic/get_pklist

Requested by

Host: cdn.outgrow.us
URL: https://cdn.outgrow.us/polyfills-es2015.777b39586274a08d5f72.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.80.207.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-207-12.eu-west-1.compute.amazonaws.com

Software

nginx/1.22.1 / Express

Resource Hash

8a554ae14c832270af5c3d24e1ecd3d4c77eacd89f58db58dd486da5e202a588

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://abnormalsecurity.outgrow.us/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 06 Dec 2023 02:12:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
x-powered-by: Express
x-cache: Hit from cache
x-xss-protection: 1; mode=block
server: nginx/1.22.1
etag: W/"191a-XYkLK04alOnGlqNYiC6YSaL2rcI"
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,GET,POST,PUT,HEAD,DELETE,PATCH
content-type: application/json; charset=utf-8
access-control-allow-origin: https://abnormalsecurity.outgrow.us
access-control-expose-headers: content-t
x-frame-options: deny
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-HTTP-Method-Override,Content-Type,Accept,Content-Encoding,Authorization,api-key,employee,content-t

GET
H2 200 abnormalsecurity Show response
api-n.outgrow.co/api/v1/companies/sub_domain/ Frame A36D 524 B
915 B 68ms
68ms XHR
application/json 99.80.207.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-n.outgrow.co/api/v1/companies/sub_domain/abnormalsecurity

Requested by

Host: cdn.outgrow.us
URL: https://cdn.outgrow.us/polyfills-es2015.777b39586274a08d5f72.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.80.207.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-207-12.eu-west-1.compute.amazonaws.com

Software

nginx/1.22.1 / Express

Resource Hash

aef6dd2d741c46994d6729418cc596349c6c7124b27be3b825371666a62bf6e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://abnormalsecurity.outgrow.us/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
x-powered-by: Express
x-xss-protection: 1; mode=block
server: nginx/1.22.1
etag: W/"20c-8vRuU2zWSK2JXKUTjcp4i8bealg"
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,GET,POST,PUT,HEAD,DELETE,PATCH
content-type: application/json; charset=utf-8
access-control-allow-origin: https://abnormalsecurity.outgrow.us
access-control-expose-headers: content-t
x-frame-options: deny
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-HTTP-Method-Override,Content-Type,Accept,Content-Encoding,Authorization,api-key,employee,content-t

GET
H2 200 6365434fe10da466c0ef383b Show response
api-n.outgrow.co/api/v1/company/getCompanyCreatedAt/ Frame A36D 255 B
801 B 63ms
62ms XHR
application/json 99.80.207.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-n.outgrow.co/api/v1/company/getCompanyCreatedAt/6365434fe10da466c0ef383b

Requested by

Host: cdn.outgrow.us
URL: https://cdn.outgrow.us/polyfills-es2015.777b39586274a08d5f72.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.80.207.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-207-12.eu-west-1.compute.amazonaws.com

Software

nginx/1.22.1 / Express

Resource Hash

b158c11c47b6f4553da86ab66bde2ae149679325076aeda0fb46a723c12caf7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://abnormalsecurity.outgrow.us/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
x-powered-by: Express
x-xss-protection: 1; mode=block
server: nginx/1.22.1
etag: W/"ff-yFp4cQsVvFx6zfouKLiq75sA9Uo"
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,GET,POST,PUT,HEAD,DELETE,PATCH
content-type: application/json; charset=utf-8
access-control-allow-origin: https://abnormalsecurity.outgrow.us
access-control-expose-headers: content-t
x-frame-options: deny
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-HTTP-Method-Override,Content-Type,Accept,Content-Encoding,Authorization,api-key,employee,content-t

GET
H3 200 selectize.min.js Show response
cdn.outgrow.us/assets/js/ Frame A36D 59 KB
15 KB 40ms
39ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.outgrow.us/assets/js/selectize.min.js

Requested by

Host: cdn.outgrow.us
URL: https://cdn.outgrow.us/main-es2015.94837350ae1c70fb2fcc.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

aadeb6afa8eca318fda70cc6cc6be87b3a7e6657ea64051a0d899115708fe855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.outgrow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 02:12:30 GMT
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 14545
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230136-FRA
x-ua-compatible: ie=edge
last-modified: Tue, 21 Nov 2023 10:16:52 GMT
x-timer: S1701828750.229795,VS0,VE0
etag: "168e4c1a6eb5f7b48c5496a63637ec60c998aeed56e5b2c023fb03d9ceef29a9-br"
vary: x-fh-requested-host, accept-encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31556952
accept-ranges: bytes
x-cache-hits: 4

GET
H2 200 math.min.js Show response
dyv6f9ner1ir9.cloudfront.net/assets/js/ Frame A36D 697 KB
181 KB 47ms
47ms Script
text/javascript 2600:9000:214f:1000:3:eee:d40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dyv6f9ner1ir9.cloudfront.net/assets/js/math.min.js

Requested by

Host: cdn.outgrow.us
URL: https://cdn.outgrow.us/main-es2015.94837350ae1c70fb2fcc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:1000:3:eee:d40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0a4d88f548b76c4bc0472708cf2500b202a1c618b6e18b6ae97370af87422994

Security Headers

Name	Value
Content-Security-Policy	form-action 'self'; block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.outgrow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 02:33:25 GMT
content-encoding: br
via: 1.1 f960fa0538fdb326fc338e984fa7ece8.cloudfront.net (CloudFront)
content-security-policy: form-action 'self'; block-all-mixed-content
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA53-C1
age: 85225
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
referrer-policy: same-origin
last-modified: Tue, 21 Nov 2023 10:56:40 GMT
server: AmazonS3
etag: W/"ae225b93ff637c3bc615bc62fde2c1d6"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31622400
permissions-policy: interest-cohort=()
x-amz-cf-id: PuX_akZzQihGg3XsIqyHYT6pA0elPY8i8VovLVLAKaUcfCHcDMDvNQ==

GET
H3 200 iFrameResizer.js Show response
cdn.outgrow.us/assets/js/ Frame A36D 14 KB
5 KB 41ms
41ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.outgrow.us/assets/js/iFrameResizer.js

Requested by

Host: cdn.outgrow.us
URL: https://cdn.outgrow.us/main-es2015.94837350ae1c70fb2fcc.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

37e06e1f9f0b894fb7ca088663d48a397ec743acc9acbf605945a120d408294f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.outgrow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 02:12:30 GMT
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4588
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230136-FRA
x-ua-compatible: ie=edge
last-modified: Tue, 21 Nov 2023 10:16:52 GMT
x-timer: S1701828750.230006,VS0,VE0
etag: "4d9cba3dd945032c63b2aa240aa7106b920f6cdaa394739d95959fa6d950f443-br"
vary: x-fh-requested-host, accept-encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31556952
accept-ranges: bytes
x-cache-hits: 4

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame A36D 3 B
23 B 46ms
46ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1357173241&t=pageview&_s=1&dl=https%3A%2F%2Fabnormalsecurity.outgrow.us%2F64e37afea593954b6e60f08f&dr=https%3A%2F%2Fabnormalsecurity.com%2Fblog%2Fdisney-plus-attack-personalized-attachments&ul=en-us&de=UTF-8&dt=Outgrow&sd=24-bit&sr=1600x1200&vp=400x700&je=0&_u=KEBAAEABEAAAACAAsD~&jid=1726757484&gjid=1920867208&cid=603977598.1701828750&tid=UA-82253758-1&_gid=236521548.1701828750&_r=1&_slc=1&z=734629197

Requested by

Host: cdn.outgrow.us
URL: https://cdn.outgrow.us/polyfills-es2015.777b39586274a08d5f72.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://abnormalsecurity.outgrow.us/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 02:12:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://abnormalsecurity.outgrow.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame A36D 276 KB
91 KB 56ms
56ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-99F3Z2K9LL&l=ga4dataLayer&debug_mode=true

Requested by

Host: cdn.outgrow.us
URL: https://cdn.outgrow.us/main-es2015.94837350ae1c70fb2fcc.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2a6af2c27bdf57aa4d89cca2249a02a2175b037f51ac72672db9bf0fc6de7927

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.outgrow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93335
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 06 Dec 2023 02:12:30 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame A36D 35 B
55 B 39ms
38ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1357173241&t=pageview&_s=2&dl=https%3A%2F%2Fabnormalsecurity.outgrow.us%2F64e37afea593954b6e60f08f&dr=https%3A%2F%2Fabnormalsecurity.com%2Fblog%2Fdisney-plus-attack-personalized-attachments&dp=%2F64e37afea593954b6e60f08f&ul=en-us&de=UTF-8&dt=Outgrow&sd=24-bit&sr=1600x1200&vp=400x700&je=0&_u=KEBAAEABEAAAACAAsD~&jid=&gjid=&cid=603977598.1701828750&tid=UA-82253758-1&_gid=236521548.1701828750&z=2067543661

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.outgrow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 22:31:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 13235
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame A36D 35 B
55 B 40ms
40ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1357173241&t=pageview&_s=3&dl=https%3A%2F%2Fabnormalsecurity.outgrow.us%2F64e37afea593954b6e60f08f&dr=https%3A%2F%2Fabnormalsecurity.com%2Fblog%2Fdisney-plus-attack-personalized-attachments&dp=%2F6365434fe10da466c0ef383b&ul=en-us&de=UTF-8&dt=Outgrow&sd=24-bit&sr=1600x1200&vp=400x700&je=0&_u=KEBAAEABEAAAACAAsD~&jid=&gjid=&cid=603977598.1701828750&tid=UA-82253758-1&_gid=236521548.1701828750&z=1073147580

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.outgrow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 22:31:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 13235
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame A36D 35 B
55 B 41ms
41ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1357173241&t=event&_s=4&dl=https%3A%2F%2Fabnormalsecurity.outgrow.us%2F64e37afea593954b6e60f08f&dr=https%3A%2F%2Fabnormalsecurity.com%2Fblog%2Fdisney-plus-attack-personalized-attachments&ul=en-us&de=UTF-8&dt=Outgrow&sd=24-bit&sr=1600x1200&vp=400x700&je=0&ec=Calculator%20Opened&ea=abnormalsecurity&el=https%3A%2F%2Fabnormalsecurity.outgrow.us%2F64e37afea593954b6e60f08f&_u=KEBAAEABEAAAACAAsD~&jid=&gjid=&cid=603977598.1701828750&tid=UA-82253758-1&_gid=236521548.1701828750&z=1921182161

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.outgrow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 22:31:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 13235
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 6365434fe10da466c0ef383b
api-n.outgrow.co/api/v1/subscriptionStatus/ Frame 0
0 63ms
61ms Preflight 99.80.207.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-n.outgrow.co/api/v1/subscriptionStatus/6365434fe10da466c0ef383b

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.80.207.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-207-12.eu-west-1.compute.amazonaws.com

Software

nginx/1.22.1 / Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://abnormalsecurity.outgrow.us
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-HTTP-Method-Override,Content-Type,Accept,Content-Encoding,Authorization,api-key,employee,content-t
access-control-allow-methods: OPTIONS,GET,POST,PUT,HEAD,DELETE,PATCH
access-control-allow-origin: https://abnormalsecurity.outgrow.us
access-control-expose-headers: content-t
access-control-max-age: 86400
date: Wed, 06 Dec 2023 02:12:30 GMT
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
server: nginx/1.22.1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: deny
x-powered-by: Express
x-xss-protection: 1; mode=block

OPTIONS
H2 204 visitor_key
api-live.outgrow.co/api/v1/analytic/ Frame 0
0 67ms
58ms Preflight 99.80.207.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-live.outgrow.co/api/v1/analytic/visitor_key

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.80.207.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-207-12.eu-west-1.compute.amazonaws.com

Software

nginx/1.22.1 / Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://abnormalsecurity.outgrow.us
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-HTTP-Method-Override,Content-Type,Accept,Content-Encoding,Authorization,api-key,employee,content-t
access-control-allow-methods: OPTIONS,GET,POST,PUT,HEAD,DELETE,PATCH
access-control-allow-origin: https://abnormalsecurity.outgrow.us
access-control-expose-headers: content-t
access-control-max-age: 86400
date: Wed, 06 Dec 2023 02:12:30 GMT
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
server: nginx/1.22.1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: deny
x-powered-by: Express
x-xss-protection: 1; mode=block

OPTIONS
H2 204 en
api-n.outgrow.co/api/v1/locale/get_locale/ Frame 0
0 64ms
63ms Preflight 99.80.207.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-n.outgrow.co/api/v1/locale/get_locale/en

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.80.207.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-207-12.eu-west-1.compute.amazonaws.com

Software

nginx/1.22.1 / Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://abnormalsecurity.outgrow.us
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-HTTP-Method-Override,Content-Type,Accept,Content-Encoding,Authorization,api-key,employee,content-t
access-control-allow-methods: OPTIONS,GET,POST,PUT,HEAD,DELETE,PATCH
access-control-allow-origin: https://abnormalsecurity.outgrow.us
access-control-expose-headers: content-t
access-control-max-age: 86400
date: Wed, 06 Dec 2023 02:12:30 GMT
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
server: nginx/1.22.1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: deny
x-powered-by: Express
x-xss-protection: 1; mode=block

OPTIONS
H2 204 get_file_hash
api-live.outgrow.co/api/v1/builder/ Frame 0
0 69ms
60ms Preflight 99.80.207.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-live.outgrow.co/api/v1/builder/get_file_hash

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.80.207.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-207-12.eu-west-1.compute.amazonaws.com

Software

nginx/1.22.1 / Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://abnormalsecurity.outgrow.us
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-HTTP-Method-Override,Content-Type,Accept,Content-Encoding,Authorization,api-key,employee,content-t
access-control-allow-methods: OPTIONS,GET,POST,PUT,HEAD,DELETE,PATCH
access-control-allow-origin: https://abnormalsecurity.outgrow.us
access-control-expose-headers: content-t
access-control-max-age: 86400
date: Wed, 06 Dec 2023 02:12:30 GMT
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
server: nginx/1.22.1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: deny
x-powered-by: Express
x-xss-protection: 1; mode=block

GET
H2 200 6365434fe10da466c0ef383b Show response
api-n.outgrow.co/api/v1/subscriptionStatus/ Frame A36D 212 B
773 B 65ms
64ms XHR
application/json 99.80.207.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-n.outgrow.co/api/v1/subscriptionStatus/6365434fe10da466c0ef383b

Requested by

Host: cdn.outgrow.us
URL: https://cdn.outgrow.us/polyfills-es2015.777b39586274a08d5f72.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.80.207.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-207-12.eu-west-1.compute.amazonaws.com

Software

nginx/1.22.1 / Express

Resource Hash

28c69f951bce5bebd363d036f71a938570df534a1cd7a3ad7c3a29c6829c8c5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://abnormalsecurity.outgrow.us/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 06 Dec 2023 02:12:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
x-powered-by: Express
x-xss-protection: 1; mode=block
server: nginx/1.22.1
etag: W/"d4-6j67+J3xfzN9ZtiCRrgVkW3SJ3E"
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,GET,POST,PUT,HEAD,DELETE,PATCH
content-type: application/json; charset=utf-8
access-control-allow-origin: https://abnormalsecurity.outgrow.us
access-control-expose-headers: content-t
x-frame-options: deny
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-HTTP-Method-Override,Content-Type,Accept,Content-Encoding,Authorization,api-key,employee,content-t

GET
H3 200 258-es2015.b1f4e24efb297aab1179.js Show response
cdn.outgrow.us/ Frame A36D 38 KB
9 KB 40ms
39ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.outgrow.us/258-es2015.b1f4e24efb297aab1179.js

Requested by

Host: cdn.outgrow.us
URL: https://cdn.outgrow.us/runtime-es2015.8c3318c93d869574f424.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

49517832730175e88ef1745d25a86aba87092cd3b0ec8056a3585296fc06d76e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.outgrow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 02:12:30 GMT
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 8498
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230136-FRA
x-ua-compatible: ie=edge
last-modified: Tue, 21 Nov 2023 10:16:52 GMT
x-timer: S1701828750.282982,VS0,VE0
etag: "6ae8b418b4d959838cc9fb07bb1247a5cfd8fa81daf8a706b1159a129b567219-br"
vary: x-fh-requested-host, accept-encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31556952
accept-ranges: bytes
x-cache-hits: 4

GET
H3 200 299-es2015.5a3065d5cab3137dbe3d.js Show response
cdn.outgrow.us/ Frame A36D 650 KB
135 KB 42ms
41ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.outgrow.us/299-es2015.5a3065d5cab3137dbe3d.js

Requested by

Host: cdn.outgrow.us
URL: https://cdn.outgrow.us/runtime-es2015.8c3318c93d869574f424.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

770fbd6f60607d70164e5717ca22bbad03ab83221a959fabd141028d48e52ff4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.outgrow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 02:12:30 GMT
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 137921
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230136-FRA
x-ua-compatible: ie=edge
last-modified: Tue, 21 Nov 2023 10:16:52 GMT
x-timer: S1701828750.283118,VS0,VE1
etag: "14a75d527c635e33ec91d3b1e00411a1a23d33dcfb60fd906f918683524540ae-br"
vary: x-fh-requested-host, accept-encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31556952
accept-ranges: bytes
x-cache-hits: 1

GET
H3 200 124-es2015.c9857a546bad5429527d.js Show response
cdn.outgrow.us/ Frame A36D 950 KB
161 KB 83ms
82ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.outgrow.us/124-es2015.c9857a546bad5429527d.js

Requested by

Host: cdn.outgrow.us
URL: https://cdn.outgrow.us/runtime-es2015.8c3318c93d869574f424.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2809f39d92b538426157a4b1db651cad537a9a5929f56558fe94abfc839909b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.outgrow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 02:12:30 GMT
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 164921
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230136-FRA
x-ua-compatible: ie=edge
last-modified: Tue, 21 Nov 2023 10:16:52 GMT
x-timer: S1701828750.283575,VS0,VE1
etag: "45611022a968a700b95ae22fa80aa90fb032b2f00c7471bcc5996841a5f10ce4-br"
vary: x-fh-requested-host, accept-encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31556952
accept-ranges: bytes
x-cache-hits: 1

GET
H3 200 common-es2015.22a0c3e12bc4f6e2d2ab.js Show response
cdn.outgrow.us/ Frame A36D 13 KB
4 KB 41ms
40ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.outgrow.us/common-es2015.22a0c3e12bc4f6e2d2ab.js

Requested by

Host: cdn.outgrow.us
URL: https://cdn.outgrow.us/runtime-es2015.8c3318c93d869574f424.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9aa3fb65ca76e62bd12a44296e4be03f5d863c8c79f47dba4abc38034556c866

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.outgrow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 02:12:30 GMT
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3240
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230136-FRA
x-ua-compatible: ie=edge
last-modified: Tue, 21 Nov 2023 10:16:52 GMT
x-timer: S1701828750.283777,VS0,VE0
etag: "b50fd5efb3ea5a6b0194d739fd28113e431b4b38c7bca8139a64155f41463a61-br"
vary: x-fh-requested-host, accept-encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31556952
accept-ranges: bytes
x-cache-hits: 4

GET
H3 200 57-es2015.c08decf5ce36e3f5fb9f.js Show response
cdn.outgrow.us/ Frame A36D 2 MB
252 KB 130ms
129ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.outgrow.us/57-es2015.c08decf5ce36e3f5fb9f.js

Requested by

Host: cdn.outgrow.us
URL: https://cdn.outgrow.us/runtime-es2015.8c3318c93d869574f424.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9f9cdc7747db4df8e72c272cc7dd75eb1ebedda9a479998a03349e366f2e7ae6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.outgrow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 02:12:30 GMT
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 257878
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230136-FRA
x-ua-compatible: ie=edge
last-modified: Tue, 21 Nov 2023 10:16:52 GMT
x-timer: S1701828750.283998,VS0,VE1
etag: "6810f0f556da197955bc99f0a31ec7789ce10d6c818833282ae6a44c4f75307f-br"
vary: x-fh-requested-host, accept-encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31556952
accept-ranges: bytes
x-cache-hits: 1

POST
H2 200 visitor_key Show response
api-live.outgrow.co/api/v1/analytic/ Frame A36D 271 B
809 B 126ms
126ms XHR
application/json 99.80.207.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-live.outgrow.co/api/v1/analytic/visitor_key

Requested by

Host: cdn.outgrow.us
URL: https://cdn.outgrow.us/polyfills-es2015.777b39586274a08d5f72.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.80.207.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-207-12.eu-west-1.compute.amazonaws.com

Software

nginx/1.22.1 / Express

Resource Hash

a06c3ec7053c854621c150e20196fe231d009565b60b4ee2c389c69ba45ffdb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://abnormalsecurity.outgrow.us/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 06 Dec 2023 02:12:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
x-powered-by: Express
x-xss-protection: 1; mode=block
server: nginx/1.22.1
etag: W/"10f-EPRhl5kbQij8ro21R/cRjedSg2g"
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,GET,POST,PUT,HEAD,DELETE,PATCH
content-type: application/json; charset=utf-8
access-control-allow-origin: https://abnormalsecurity.outgrow.us
access-control-expose-headers: content-t
x-frame-options: deny
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-HTTP-Method-Override,Content-Type,Accept,Content-Encoding,Authorization,api-key,employee,content-t

GET
H2 200 en Show response
api-n.outgrow.co/api/v1/locale/get_locale/ Frame A36D 3 KB
2 KB 85ms
85ms XHR
application/json 99.80.207.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-n.outgrow.co/api/v1/locale/get_locale/en

Requested by

Host: cdn.outgrow.us
URL: https://cdn.outgrow.us/polyfills-es2015.777b39586274a08d5f72.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.80.207.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-207-12.eu-west-1.compute.amazonaws.com

Software

nginx/1.22.1 / Express

Resource Hash

27c58cb7c92a72c8674e44d90ade122cadfdee8b987da22a4a645d9127e6fc86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://abnormalsecurity.outgrow.us/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 06 Dec 2023 02:12:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
x-powered-by: Express
x-cache: Hit from HCache
x-xss-protection: 1; mode=block
server: nginx/1.22.1
etag: W/"a63-s0w9M/8YsBxzxVGAmf3sNnwN6YU"
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,GET,POST,PUT,HEAD,DELETE,PATCH
content-type: application/json; charset=utf-8
access-control-allow-origin: https://abnormalsecurity.outgrow.us
access-control-expose-headers: content-t
x-frame-options: deny
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-HTTP-Method-Override,Content-Type,Accept,Content-Encoding,Authorization,api-key,employee,content-t

GET
H2 200 get_file_hash Show response
api-live.outgrow.co/api/v1/builder/ Frame A36D 203 B
775 B 63ms
62ms XHR
application/json 99.80.207.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-live.outgrow.co/api/v1/builder/get_file_hash

Requested by

Host: cdn.outgrow.us
URL: https://cdn.outgrow.us/polyfills-es2015.777b39586274a08d5f72.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.80.207.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-207-12.eu-west-1.compute.amazonaws.com

Software

nginx/1.22.1 / Express

Resource Hash

9657cb254a1f0e284c34f3cb658919999112124e906a231ebc3ee8458114579b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://abnormalsecurity.outgrow.us/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 06 Dec 2023 02:12:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
x-powered-by: Express
x-xss-protection: 1; mode=block
server: nginx/1.22.1
etag: W/"cb-aHfKEfOZ83omSFQED2FVDG8j/QE"
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,GET,POST,PUT,HEAD,DELETE,PATCH
content-type: application/json; charset=utf-8
access-control-allow-origin: https://abnormalsecurity.outgrow.us
access-control-expose-headers: content-t
x-frame-options: deny
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-HTTP-Method-Override,Content-Type,Accept,Content-Encoding,Authorization,api-key,employee,content-t

POST
H2 204 collect
region1.google-analytics.com/g/ Frame A36D 0
71 B 48ms
47ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-99F3Z2K9LL&gtm=45je3bt0v9136151217&_p=1701828749372&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=603977598.1701828750&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701828750&sct=1&seg=0&dl=https%3A%2F%2Fabnormalsecurity.outgrow.us%2F64e37afea593954b6e60f08f&dr=https%3A%2F%2Fabnormalsecurity.com%2Fblog%2Fdisney-plus-attack-personalized-attachments&dt=Outgrow&en=page_view&_fv=1&_ss=1&_ee=1&ep.debug_mode=true&tfd=1622
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-99F3Z2K9LL&l=ga4dataLayer&debug_mode=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.outgrow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 02:12:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://abnormalsecurity.outgrow.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ Frame A36D 0
54 B 46ms
46ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-99F3Z2K9LL&gtm=45je3bt0v9136151217&_p=1701828749372&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=603977598.1701828750&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1701828750&sct=1&seg=0&dl=https%3A%2F%2Fabnormalsecurity.outgrow.us%2F64e37afea593954b6e60f08f&dr=https%3A%2F%2Fabnormalsecurity.com%2Fblog%2Fdisney-plus-attack-personalized-attachments&dt=Outgrow&_s=2&tfd=1629
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-99F3Z2K9LL&l=ga4dataLayer&debug_mode=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://abnormalsecurity.outgrow.us/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 02:12:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://abnormalsecurity.outgrow.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 fetch_app_conditionsV2
api-n.outgrow.co/api/v1/app_conditions/ Frame 0
0 60ms
60ms Preflight 99.80.207.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-n.outgrow.co/api/v1/app_conditions/fetch_app_conditionsV2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.80.207.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-207-12.eu-west-1.compute.amazonaws.com

Software

nginx/1.22.1 / Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://abnormalsecurity.outgrow.us
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-HTTP-Method-Override,Content-Type,Accept,Content-Encoding,Authorization,api-key,employee,content-t
access-control-allow-methods: OPTIONS,GET,POST,PUT,HEAD,DELETE,PATCH
access-control-allow-origin: https://abnormalsecurity.outgrow.us
access-control-expose-headers: content-t
access-control-max-age: 86400
date: Wed, 06 Dec 2023 02:12:30 GMT
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
server: nginx/1.22.1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: deny
x-powered-by: Express
x-xss-protection: 1; mode=block

GET
H2 200 line-awesome.min.css
maxst.icons8.com/vue-static/landings/line-awesome/line-awesome/1.3.0/css/ Frame A36D 88 KB
16 KB 146ms
39ms Stylesheet
text/css 2a02:6ea0:c700::22
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://maxst.icons8.com/vue-static/landings/line-awesome/line-awesome/1.3.0/css/line-awesome.min.css

Requested by

Host: cdn.outgrow.us
URL: https://cdn.outgrow.us/57-es2015.c08decf5ce36e3f5fb9f.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

ce61a18cf084f15003798340044643f329ac5f90045acb2d9e778368bd799854

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.outgrow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 06 Dec 2023 02:12:30 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
x-age-lb: 748887
x-77-cache: HIT
x-accel-date: 1701079863
x-77-nzt: EgwB1GY4tAH3V20LAAwB1GY4EQH3BwAAAA
x-accel-expires: @2016439856
x-77-age: 748894
x-cache-lb: HIT
last-modified: Mon, 27 Nov 2023 06:48:28 GMT
server: CDN77-Turbo
etag: W/"15e81-wb0UGHttyzbvrSHlFxH4lBgB3g8"
x-77-nzt-ray: 6d204d1165de14ab8ed86f65dceb5e25
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1728000
access-control-allow-credentials: true
cache-control: max-age=315360000, public
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 Roboto_Regular.css
cdn.outgrow.us/assets/fonts/templateFonts/fonts_varient/ Frame A36D 1 KB
549 B 40ms
40ms Stylesheet
text/css 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.outgrow.us/assets/fonts/templateFonts/fonts_varient/Roboto_Regular.css

Requested by

Host: cdn.outgrow.us
URL: https://cdn.outgrow.us/assets/js/jquery.min.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

882655fb98b618018e3c8c4848a3620879371cdede22a4da2fefa87cce3ee70c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.outgrow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 02:12:30 GMT
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 199
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230136-FRA
x-ua-compatible: ie=edge
last-modified: Tue, 21 Nov 2023 10:16:52 GMT
x-timer: S1701828751.525414,VS0,VE1
etag: "c08860f5c733b559559793649ed4def1abfde4e86fa24fe5b93db4d204363bfb-br"
vary: x-fh-requested-host, accept-encoding
content-type: text/css; charset=utf-8
cache-control: max-age=31556952
accept-ranges: bytes
x-cache-hits: 1

GET
H3 200 inter.css
cdn.outgrow.us/assets/fonts/templateFonts/fonts_varient/ Frame A36D 7 KB
919 B 41ms
41ms Stylesheet
text/css 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.outgrow.us/assets/fonts/templateFonts/fonts_varient/inter.css

Requested by

Host: cdn.outgrow.us
URL: https://cdn.outgrow.us/assets/js/jquery.min.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

24c9c565136897fe5d74cc0d1157745b241b76146688aae44021a641a5893ea0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.outgrow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 02:12:30 GMT
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 569
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230136-FRA
x-ua-compatible: ie=edge
last-modified: Tue, 21 Nov 2023 10:16:52 GMT
x-timer: S1701828751.525547,VS0,VE1
etag: "4fb63eb461af67f24489c5b5389139832e9bbecd99c48d49a3b7e43b93f3de26-br"
vary: x-fh-requested-host, accept-encoding
content-type: text/css; charset=utf-8
cache-control: max-age=31556952
accept-ranges: bytes
x-cache-hits: 1

POST
H2 200 fetch_app_conditionsV2 Show response
api-n.outgrow.co/api/v1/app_conditions/ Frame A36D 7 KB
1 KB 62ms
62ms XHR
application/json 99.80.207.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-n.outgrow.co/api/v1/app_conditions/fetch_app_conditionsV2

Requested by

Host: cdn.outgrow.us
URL: https://cdn.outgrow.us/polyfills-es2015.777b39586274a08d5f72.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.80.207.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-207-12.eu-west-1.compute.amazonaws.com

Software

nginx/1.22.1 / Express

Resource Hash

ef1ba159e2b186c2f2481ce6ebb8c68752c9ada403d6a53973e6ed93df1ebd91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://abnormalsecurity.outgrow.us/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 06 Dec 2023 02:12:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
x-powered-by: Express
x-xss-protection: 1; mode=block
server: nginx/1.22.1
etag: W/"1c2a-fhcGPKDpVOY7zOxS3ns3kknF+Io"
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,GET,POST,PUT,HEAD,DELETE,PATCH
content-type: application/json; charset=utf-8
access-control-allow-origin: https://abnormalsecurity.outgrow.us
access-control-expose-headers: content-t
x-frame-options: deny
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-HTTP-Method-Override,Content-Type,Accept,Content-Encoding,Authorization,api-key,employee,content-t

GET
H3 200 collect
www.google-analytics.com/ Frame A36D 35 B
55 B 39ms
38ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1357173241&t=pageview&_s=5&dl=https%3A%2F%2Fabnormalsecurity.outgrow.us%2F64e37afea593954b6e60f08f&dr=https%3A%2F%2Fabnormalsecurity.com%2Fblog%2Fdisney-plus-attack-personalized-attachments&dp=%2F656fd88eeca41c13aab28263&ul=en-us&de=UTF-8&dt=Outgrow&sd=24-bit&sr=1600x1200&vp=400x700&je=0&_u=KEBAAEABEAAAACAAsD~&jid=&gjid=&cid=603977598.1701828750&tid=UA-82253758-1&_gid=236521548.1701828750&z=1329718346

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.outgrow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 22:31:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 13235
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 /
ws.zoominfo.com/pixel/LKxXxg7SWf5zxXA3vzqV/ Frame 0
0 255ms
173ms Preflight
text/html 2606:4700::6810:880f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/LKxXxg7SWf5zxXA3vzqV/?iszitag=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:880f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: _vtok,_zitok,content-type,visited-url
Access-Control-Request-Method: GET
Origin: https://abnormalsecurity.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
access-control-allow-origin: https://abnormalsecurity.com
allow: GET,HEAD
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8311011fc9f6372d-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 06 Dec 2023 02:12:31 GMT
server: cloudflare
via: 1.1 google
x-content-type-options: nosniff
x-powered-by: Express

GET
H3 200 / Show response
ws.zoominfo.com/pixel/LKxXxg7SWf5zxXA3vzqV/ 3 KB
2 KB 453ms
408ms Fetch
text/javascript 2606:4700::6810:880f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/LKxXxg7SWf5zxXA3vzqV/?iszitag=true

Requested by

Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:880f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

c50b4bb5d317f6719143e6ac53612a12642e5745f0c5b76e9a882fa3249e7780

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

visited-url: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
_vtok: ODAuMjU1LjcuMTA0
_zitok: 3b4b20426be81df511d61701828751
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/javascript

Response headers

date: Wed, 06 Dec 2023 02:12:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://abnormalsecurity.com
access-control-allow-credentials: true
cf-ray: 831101212df1bbda-FRA
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
alt-svc: h3=":443"; ma=86400

GET
BLOB 200
OK c11c0fec-5a87-4372-8423-3290e608d6d4
https://abnormalsecurity.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://abnormalsecurity.com/c11c0fec-5a87-4372-8423-3290e608d6d4
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 formcomplete.js Show response
ws-assets.zoominfo.com/ 86 KB
27 KB 160ms
70ms Script
application/javascript 2606:4700::6810:880f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ws-assets.zoominfo.com/formcomplete.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/169lRDSj6676CDt8D/88b78aa1-c424-4eeb-96cb-59809bf84390/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:880f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe92edba1f5990d76e1817f250ee4aae144f4efa95b676733bdd4391f2b74cf1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:31 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
age: 1269
x-guploader-uploadid: ABPtcPpcLwXL2SbCblgD2YnE7Wwe_AhHmg65KlNAh0yce1YXf8ljmT6Jzmwh7I_vE5ck3tqCcmePKVNuqA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 02 Nov 2023 11:05:05 GMT
server: cloudflare
etag: W/"bbabfd4493e8cf8aafea99a2f70825c0"
x-goog-hash: crc32c=4scEgA==, md5=u6v9RJPoz4qv6pmi9wglwA==
x-goog-generation: 1698923105172059
content-type: application/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 87554
cf-ray: 8311011fe96265a3-FRA
expires: Wed, 06 Dec 2023 02:51:22 GMT

OPTIONS
H2 200 forms
ws.zoominfo.com/formcomplete-v2/ Frame 0
0 483ms
483ms Preflight
text/html 2606:4700::6810:880f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/formcomplete-v2/forms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:880f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://abnormalsecurity.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,Authorization,visitorId,_zitok
access-control-allow-origin: https://abnormalsecurity.com
allow: POST
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 831101206a4c372d-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 06 Dec 2023 02:12:31 GMT
server: cloudflare
via: 1.1 google
x-content-type-options: nosniff
x-powered-by: Express

POST
H3 200 forms Show response
ws.zoominfo.com/formcomplete-v2/ 1 KB
787 B 184ms
184ms Fetch
application/json 2606:4700::6810:880f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/formcomplete-v2/forms

Requested by

Host: ws-assets.zoominfo.com
URL: https://ws-assets.zoominfo.com/formcomplete.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:880f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

d9dc67683837b3103890d9c2f410412d8f8567b22439df0f15c038f24adfc3a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
accept-language: de-DE,de;q=0.9
Authorization: bearer 7465943a1815a63c9c1be7e5616519
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 06 Dec 2023 02:12:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
x-powered-by: Express
etag: W/"54e-bCIFH5aPU9Fm2J3RjnQ8ySauqbY"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://abnormalsecurity.com
access-control-allow-credentials: true
cf-ray: 831101237f48bbda-FRA
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,Authorization, visitorId, _zitok
alt-svc: h3=":443"; ma=86400

GET
H2 200 la-solid-900.woff2
maxst.icons8.com/vue-static/landings/line-awesome/line-awesome/1.3.0/fonts/ Frame A36D 94 KB
95 KB 157ms
77ms Font
font/woff2 2a02:6ea0:c700::22
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://maxst.icons8.com/vue-static/landings/line-awesome/line-awesome/1.3.0/fonts/la-solid-900.woff2

Requested by

Host: maxst.icons8.com
URL: https://maxst.icons8.com/vue-static/landings/line-awesome/line-awesome/1.3.0/css/line-awesome.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

10a68e01209d939afa9318ee71601b0a6e10f025d4cd6d98a492d340b73941fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://maxst.icons8.com/vue-static/landings/line-awesome/line-awesome/1.3.0/css/line-awesome.min.css
Origin: https://abnormalsecurity.outgrow.us
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 06 Dec 2023 02:12:31 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-age-lb: 748885
x-77-cache: HIT
x-accel-date: 1701079866
content-length: 96752
x-77-nzt: EgwB1GY4tAH3VW0LAAwB1GY4EQH3CAAAAA
x-accel-expires: @2016439858
x-77-age: 748893
x-cache-lb: HIT
last-modified: Mon, 27 Nov 2023 06:48:28 GMT
server: CDN77-Turbo
etag: "179f0-idlTHAxwqHUd/4PBkXuqsfFqIHE"
x-77-nzt-ray: 6d204d1124bd72b58fd86f65254d3627
access-control-max-age: 1728000
access-control-allow-methods: GET, OPTIONS
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=315360000, public
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Inter-latin.woff2
cdn.outgrow.us/assets/fonts/templateFonts/fonts_varient/fonts/Inter/ Frame A36D 37 KB
37 KB 43ms
42ms Font
font/woff2 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.outgrow.us/assets/fonts/templateFonts/fonts_varient/fonts/Inter/Inter-latin.woff2

Requested by

Host: cdn.outgrow.us
URL: https://cdn.outgrow.us/assets/fonts/templateFonts/fonts_varient/inter.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.outgrow.us/assets/fonts/templateFonts/fonts_varient/inter.css
Origin: https://abnormalsecurity.outgrow.us
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
date: Wed, 06 Dec 2023 02:12:31 GMT
x-content-type-options: nosniff
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 37924
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230023-FRA
x-ua-compatible: ie=edge
last-modified: Tue, 21 Nov 2023 10:16:52 GMT
x-timer: S1701828752.580028,VS0,VE1
etag: "0c90522504ed89982038242c7710e08d9a35f8c8bdb71dfea3f8840b9e7c6a4f"
vary: x-fh-requested-host, accept-encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556952
accept-ranges: bytes
x-cache-hits: 1

POST
H3 200 html Show response
n2.mouseflow.com/ 0
238 B 598ms
206ms XHR
text/plain 2607:f5b7:1:52::11
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL

https://n2.mouseflow.com/html?website=55451921-8278-4244-87a2-1e0b878bdae0&session=0ae4ed2d28a852c6d6040c98983f5c08&page=12063070dd847f24a5cb89918f89fb18354a4f80&gz=1

Requested by

Host: cdn.mouseflow.com
URL: https://cdn.mouseflow.com/projects/55451921-8278-4244-87a2-1e0b878bdae0.js

Protocol

Security

QUIC, , AES_256_GCM

Server

2607:f5b7:1:52::11 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),

Reverse DNS

Software

Mouseflow /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type: text/plain

Response headers

date: Wed, 06 Dec 2023 02:12:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: Mouseflow
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://abnormalsecurity.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
BLOB 200
OK 99745885-185d-436d-a00e-049373ed505f
https://abnormalsecurity.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://abnormalsecurity.com/99745885-185d-436d-a00e-049373ed505f
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

POST
H3 200 dom Show response
n2.mouseflow.com/ 0
256 B 124ms
123ms XHR
text/plain 2607:f5b7:1:52::11
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL

https://n2.mouseflow.com/dom?gz=1

Requested by

Host: cdn.mouseflow.com
URL: https://cdn.mouseflow.com/projects/55451921-8278-4244-87a2-1e0b878bdae0.js

Protocol

Security

QUIC, , AES_256_GCM

Server

2607:f5b7:1:52::11 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),

Reverse DNS

Software

Mouseflow /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://abnormalsecurity.com/blog/disney-plus-attack-personalized-attachments
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type: text/plain

Response headers

date: Wed, 06 Dec 2023 02:12:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: Mouseflow
x-recorder: rec-21-us
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://abnormalsecurity.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 204 collect
region1.google-analytics.com/g/ Frame A36D 0
17 B 47ms
46ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-99F3Z2K9LL&gtm=45je3bt0v9136151217&_p=1701828749372&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=603977598.1701828750&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=3&sid=1701828750&sct=1&seg=0&dl=https%3A%2F%2Fabnormalsecurity.outgrow.us%2F64e37afea593954b6e60f08f&dr=https%3A%2F%2Fabnormalsecurity.com%2Fblog%2Fdisney-plus-attack-personalized-attachments&dt=Outgrow&en=scroll&ep.debug_mode=true&epn.percent_scrolled=90&tfd=6629
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-99F3Z2K9LL&l=ga4dataLayer&debug_mode=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.outgrow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 02:12:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://abnormalsecurity.outgrow.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

86 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
abnormalsecurity.com/blog	1970-01-20 16:45:18	Name: urlParams Value: %7B%22slug%22%3A%22disney-plus-attack-personalized-attachments%22%7D
.outgrow.us/	1969-12-31 23:59:59	Name: _OG_GDPR_COOKIE_ Value: false
abnormalsecurity.com/	1969-12-31 23:59:59	Name: plasmic_seed Value: 5
.abnormalsecurity.com/	1970-01-20 18:53:24	Name: mf_user Value: b4ef632400f410db9e4da2c08440d25c\|
.abnormalsecurity.com/	1969-12-31 23:59:59	Name: mf_55451921-8278-4244-87a2-1e0b878bdae0 Value: 0ae4ed2d28a852c6d6040c98983f5c08\|12063070dd847f24a5cb89918f89fb18354a4f80.-3460703232.1701828750073\|1701828750070\|\|0\|\|\|\|0\|17.97\|33.887
.outgrow.us/	1970-01-21 02:19:48	Name: gaCookie1 Value: GA1.2.603977598.1701828750
.outgrow.us/	1970-01-20 16:45:15	Name: gaCookie1_gid Value: GA1.2.236521548.1701828750
.outgrow.us/	1970-01-20 16:43:48	Name: _gat_devteam Value: 1
.outgrow.us/	1970-01-21 02:19:48	Name: _ga Value: GA1.1.603977598.1701828750
.outgrow.us/	1970-01-21 02:19:48	Name: _ga_99F3Z2K9LL Value: GS1.1.1701828750.1.0.1701828750.0.0.0
.abnormalsecurity.com/	1970-01-21 01:29:24	Name: _zitok Value: 3b4b20426be81df511d61701828751
.zoominfo.com/	1970-01-20 16:43:50	Name: __cf_bm Value: slveb.2p1HzMbpMp2njoK0G8lMdmtYoCjMLFFR6KNIU-1701828751-0-AUS4sHFcs7moQKN9gHqhsRTHIKoOcEwF4zrY4snKzHVemlj1ccOLXs/VSe6zsTtR7dxxCEwTWNfAuYFonrta8es=
.zoominfo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: jfybj9JN3VBcKoGTI_fLgu1vt2_uv82e1_E1o0X5WPw-1701828751374-0-604800000

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'battery'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'navigation-override'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'speaker-selection'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'conversion-measurement'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'sync-script'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'trust-token-redemption'.
other	warning	URL: https://cdn.outgrow.us/main-es2015.94837350ae1c70fb2fcc.js Message: <link rel=preload> has an invalid `href` value

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com cms.abnormalsecurity.com staging-cms.abnormalmarketing.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

abnormalsecurity.com
abnormalsecurity.outgrow.us
analytics.plasmic.app
api-live.outgrow.co
api-n.outgrow.co
cc.swiftype.com
cdn.jsdelivr.net
cdn.mouseflow.com
cdn.outgrow.us
cdnjs.cloudflare.com
cmp.osano.com
cms.abnormalsecurity.com
dlvkyia8i4zmz.cloudfront.net
dyv6f9ner1ir9.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
js.zi-scripts.com
maxst.icons8.com
n2.mouseflow.com
optimise2.assets-servd.host
pagead2.googlesyndication.com
region1.google-analytics.com
s.swiftypecdn.com
site-assets.plasmic.app
static.filestackapi.com
vitals.vercel-insights.com
ws-assets.zoominfo.com
ws.zoominfo.com
www.google-analytics.com
www.googletagmanager.com
151.101.192.143
151.101.2.133
151.101.65.195
167.172.14.134
169.63.31.200
172.64.150.44
2001:4860:4802:32::36
2600:9000:2127:8200:d:1a25:7e40:93a1
2600:9000:2127:8a00:3:b7e:8940:93a1
2600:9000:214f:1000:3:eee:d40:21
2600:9000:223c:5400:1:57c7:dac0:21
2606:4700:20::681a:9b5
2606:4700::6810:5514
2606:4700::6810:880f
2606:4700::6811:180e
2606:4700::6812:1a32
2607:f5b7:1:52::11
2a00:1450:4001:806::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:813::2003
2a00:1450:4001:82a::200e
2a02:6ea0:c700::22
3.213.99.203
44.238.156.227
54.194.25.213
76.76.21.21
99.80.207.12
01535b7e497d6d64f46ab380e02e664b0eda364319ae6692de0086ab8bfc433f
0a4d88f548b76c4bc0472708cf2500b202a1c618b6e18b6ae97370af87422994
0b0d5e258caa63b6b4d94b077e65c92540ad7c314a26df07808b21db086e160e
0c028ce92935c3315fba24628513d2f7c0fb4c63daa77365e26c92b1d98511b0
0defdc819a00920beaa312fdc89a49ccf1f2a335044c59d2bfb11019f416438a
10a68e01209d939afa9318ee71601b0a6e10f025d4cd6d98a492d340b73941fb
155de0c1ae374d28c60207ec2a7bf7b81a921ab1acfcf41ea82efe9b19494edc
157d48a8d90c0d76a7c4b55a11d8058770d75c47485e8a85d8932520d82fc9d2
15ebddd8f42a017abf38230bbefe743a7a4daeeeec69785baf43ce930d3de6ff
17986206616733c5e8427126a762d3753a07b7476dbdaa6f962b8f9c5da7b15c
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d4911b8708ddf21478e87516ad41a692c616125f81700ff7eaf0d055506c8a4
1de51e11cd28b2312db92f436602c23d6db8891a22d8cf87395b51c124799c65
2095fd0d234295ebaa974d78aa3b89cf7832d22f539626a2d788b28411aa32ed
20d796eaa672b0783407a6454f67dca20dff2c468c694388e34fe6236f54b3ce
24c9c565136897fe5d74cc0d1157745b241b76146688aae44021a641a5893ea0
2552d8d62d9c60f59b3b11a5d083d1ebd090c72de809fc7c76fb339825302241
27c58cb7c92a72c8674e44d90ade122cadfdee8b987da22a4a645d9127e6fc86
2809f39d92b538426157a4b1db651cad537a9a5929f56558fe94abfc839909b6
28c69f951bce5bebd363d036f71a938570df534a1cd7a3ad7c3a29c6829c8c5c
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
2a6af2c27bdf57aa4d89cca2249a02a2175b037f51ac72672db9bf0fc6de7927
2d1ab875cc75d5df5a5e9568956f339bcd10ad6e97dd96082f86c34c2fffc43e
2d7c7930eb39d59cd8c2dc00652977da3ed72347e7cd465f7b540e10e2121c22
2e6a2c1bc8bede40932a487f4c4057ba8871fd4ff7358040f06313d63b210e61
31814f314b7540fefc40d2bba5c0c5ae16ee0e5128dfe6a4bee4da5c7d69e570
333d71153215f5f9299fa750c8b4b1e774e62f69ba13ee47e14d6385afcc69ec
342cf83f17c8eb1ab0204c695e7db37665a9c055956eabf58923f26cb36bff2b
37e06e1f9f0b894fb7ca088663d48a397ec743acc9acbf605945a120d408294f
3a8065364d42327bd2aafa0c605c23593534f7a3e51ad77ea8a3ba142e7d219a
3e8c8ce8d9b11dbfe75e3e449d459dd6a14a53fc787de6dd54496c0ef11bd5a2
4158bb0b755e96a75cb4edf45e0edcec42f341386982f2d05f75b3e02ff39e86
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
49486fb624bd05fb1ef21c3ba7c375bfc893034458b8330c5472b381ce21cea9
49517832730175e88ef1745d25a86aba87092cd3b0ec8056a3585296fc06d76e
497f6cf77379371537ee2f970cafda2f57be59d9efeab8f5bdf0a5e99ed7743d
4a6588416e2d67985b8e7595c5ae89d32b3176197566f8e256a1bc8d75e26b32
4d392de8e184fb7a20e74b3d9100c85ad80c44948185894b9f52e88924724225
51f8cce2415bd1c0b63d5767f6ec47ab050636b19788e53307ad37634507185e
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
58777e2b967af5cdf00a0715ef80c1e984c2e3bb56785f060b66f39f727c643c
5bae2fc4328f041d72d67e57f4d3fbcbef4db302d13eda7b897a405c7c1f9d2c
5dd02f5cc67c28e8dc57dc2a3393f9fb006958ce255160d65243bf380380d9f1
62c6cb71f33e94e6ead3bc223297ef4d65e204900f2b56e81f4916b6c9911486
69ad5049ec0eb71fbb42d330fdb54bbb52d9e828b0b18a346b6ad4a0fb7997ef
6bbbee5d3aeae0ace0ce86fd562c6eafc34ab6645f921ab2cf176ef2ae48ab1c
6dea60f79962ab2bff00343db7d9ab8dd9d8c442c94328ffe1e395a9fa81ef1e
6fd7603b0a800befb6fed859d89424472042b5284987e0deb43edf0ed1c2301b
770fbd6f60607d70164e5717ca22bbad03ab83221a959fabd141028d48e52ff4
79bbba7d7d24ffc8e5b1e3ed0131e709be8f87b5cd16c3e72871910859f56379
7a3e1a9e456122f3da105a75c141cf5d6920a40c746b24df195795aaa2da6791
7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56
815755b9ab99608198875734c24bfe4c2e26cbcd6811caae13ad8a8500c19fd1
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85dd44a634e06acb6c41df4edc538e5157d337e29d4a55060ad6c195b4f593b9
86027890704f9d2d32b7ceb1f4e25cfe75e7f7d96e6b2a061c9989c9e42f51e4
87527af55b597d9255b785b55406fd62a7395698c1bc9c3c7c9f36e2f53a3abe
882655fb98b618018e3c8c4848a3620879371cdede22a4da2fefa87cce3ee70c
8a554ae14c832270af5c3d24e1ecd3d4c77eacd89f58db58dd486da5e202a588
8c13eda964acfa7ccb50d6bdd5e8f739311aca336c98bbe88d657593a99095e6
8c67697fa04c7729b54f7d6eb5118f10ded6e00004252d6d7f50c272cb79087f
8e12b9fe62d0f82f3731ab55c398ae09def0d738416247e3e16dd19b6d1594f8
935a1bc15e39837f2e82738f1db46627b4795e62aa80c827ae3dd70a2161a971
94de5c66331cd244e69ce3df84813f93c2213d748c7eefdbb20ac6e461faac0e
9657cb254a1f0e284c34f3cb658919999112124e906a231ebc3ee8458114579b
96e1863c4adb1b1458836f4c2345f2f1db8b9a0b1ecefbd7098248e9fecb890b
9aa3fb65ca76e62bd12a44296e4be03f5d863c8c79f47dba4abc38034556c866
9e2e31bd8af29880c37843f71680a559f9de7b5941affc1f4393deb48053c660
9e44ffac0553772ec3307c835eade6ee5e0958f0da974ed464312eeafd37a4fe
9f9cdc7747db4df8e72c272cc7dd75eb1ebedda9a479998a03349e366f2e7ae6
a001a9e41dc38527f0a531d2ba65e11fad8492e0aa3ccabe65a909ecb74420af
a06c3ec7053c854621c150e20196fe231d009565b60b4ee2c389c69ba45ffdb2
a34223bc27e04af9df72c91f4cdc05c152274a1ffd13ff4ac1a61d3dc72ec170
a9607fdce53340e77e542e38371a63639dd7cf8e7f63a99a2b7b7d76357776a7
aadeb6afa8eca318fda70cc6cc6be87b3a7e6657ea64051a0d899115708fe855
aba428766ca04308b63d28f673b0876fc42201e9b8874b98ec51a5b409fb1703
ac4e49ff0d6f85af4ad5d6694a17031c7f32c9209c771c5c8ddb8f020888e3b9
ad567b1d6b357690a4aad1a0a76618c552cc0f90befc02200b5e0872c889d5a0
aef6dd2d741c46994d6729418cc596349c6c7124b27be3b825371666a62bf6e4
af1b80295a161720ac6c72c515e786af19893600052688e65d302aca8c182c09
b0132cf0dae0361cd4feca1b230ee0655f885036718e51f479fa5d128a4e4107
b158c11c47b6f4553da86ab66bde2ae149679325076aeda0fb46a723c12caf7b
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5
b433634836f7e92dedc2fa24d703bd9d77a6e97b15546d40c0052e79e99c8f95
bce9313c9fba0f077c5b70a3cf5df5eb51580292809ad50acb54f0a40b94b78f
c0ff3254037219a70f66a3c2ea1acc1dc4296dee59fe36d0d94905823fafcc07
c50b4bb5d317f6719143e6ac53612a12642e5745f0c5b76e9a882fa3249e7780
c642fb6f2230d36e74e53ca1e6e432da853f8ac7e9a1cb04f94dd6c31b50a4d3
ce61a18cf084f15003798340044643f329ac5f90045acb2d9e778368bd799854
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d91033f65778252fc30b9aa96ff688f60a08c40cd89e947d795762b8da785d20
d9dc67683837b3103890d9c2f410412d8f8567b22439df0f15c038f24adfc3a5
da43716540586a07d1aed9c08dac27b2c523c5bcffa64aa93266f35017945dce
dac9e796332511e2efa1a6394bce92cbe494cf43e5f7cfdde89326f04c914a31
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3a8b32b8d2ff683f19a3f3a5f0aa6b7351a811a2830ebc43d59fcf3095c4e53
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6dda910a194774dd2cdde20e20b0519c9116e6712bdf02c05838fe5bc92d128
e847afdbb56241b07a24ffe26b17156d6f382d13d0c2bc2c41cc29f0362e7e95
e927d7fbd371b71537496dd2bc52f767f2e0f5c23e873075b367b8a5e7a26215
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef1ba159e2b186c2f2481ce6ebb8c68752c9ada403d6a53973e6ed93df1ebd91
f1be6617ba107f1e96bcd79ac78ab26e281b1f1b2bda9a46f4d39e241b8ed829
f1bf8dac3f25110d991fa77fc2668d67f0f88e89771a539ee50db3b4b4d563d4
f677aee0f89928c0e141a63fb9fd7bddf14c809d91852e51a9d877f09bbcc2b5
fc6a2c575905dc725a5a35bbc86cd3cd1a84f9c1fe63ed6207340fae95642585
fcd5fc46e77728b0e5da04b51d40abd649eabcf637eb29ef884f668a52164d57
fdce77a6d0053f32d231518a84a71bcab5c86045ed52369da00b89d4284aef46
fe92edba1f5990d76e1817f250ee4aae144f4efa95b676733bdd4391f2b74cf1

abnormalsecurity.com Open in urlscan Pro 76.76.21.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

152 Requests

98 %HTTPS

61 %IPv6

22 Domains

30 Subdomains

29 IPs

3 Countries

4097 kBTransfer

15666 kBSize

13 Cookies

7 Outgoing links

Redirected requests

152 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

abnormalsecurity.com Open in urlscan Pro
76.76.21.21 Public Scan

Screenshot
Live screenshot

Full Image

152
Requests

98 %
HTTPS

61 %
IPv6

22
Domains

30
Subdomains

29
IPs

3
Countries

4097 kB
Transfer

15666 kB
Size

13
Cookies

152 HTTP transactions
3 data transactions