yoroi.company Open in urlscan Pro
2606:4700:3035::681f:45d6 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
Submission Tags: falconsandbox
Submission: On November 13 via api (November 13th 2020, 11:31:31 am UTC) from US

Summary HTTP 64 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 8 domains to perform 64 HTTP transactions. The main IP is 2606:4700:3035::681f:45d6, located in United States and belongs to CLOUDFLARENET, US. The main domain is yoroi.company.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 15th 2020. Valid for: a year.

This is the only time yoroi.company was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
38	2606:4700:303... 2606:4700:3035::681f:45d6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81f::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81e::2001	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
1	192.0.77.32 192.0.77.32	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2a04:4e42:3::621 2a04:4e42:3::621	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE)
1	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
64	12

38 2606:4700:3035::681f:45d6 (United States)

ASN13335 (CLOUDFLARENET, US)

yoroi.company	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh5.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh6.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh4.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.32 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

s0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:3::621 (Ascension Island)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	yoroi.company yoroi.company	284 KB
14	googleusercontent.com lh3.googleusercontent.com lh5.googleusercontent.com lh6.googleusercontent.com lh4.googleusercontent.com	1 MB
3	google.com www.google.com	676 B
2	gstatic.com fonts.gstatic.com www.gstatic.com	175 KB
2	jsdelivr.net cdn.jsdelivr.net	9 KB
2	wp.com s0.wp.com pixel.wp.com	2 KB
1	google-analytics.com www.google-analytics.com	18 KB
1	googleapis.com fonts.googleapis.com	657 B
64	8

	Domain	Requested by
38	yoroi.company	yoroi.company
6	lh5.googleusercontent.com	yoroi.company
4	lh3.googleusercontent.com	yoroi.company
3	www.google.com	yoroi.company www.gstatic.com
3	lh6.googleusercontent.com	yoroi.company
2	cdn.jsdelivr.net	yoroi.company
1	pixel.wp.com
1	www.gstatic.com	www.google.com
1	fonts.gstatic.com	fonts.googleapis.com
1	www.google-analytics.com	yoroi.company www.google-analytics.com
1	s0.wp.com	yoroi.company
1	lh4.googleusercontent.com	yoroi.company
1	fonts.googleapis.com	yoroi.company
64	13

This site contains links to these domains. Also see Links.

Domain
unit42.paloaltonetworks.com
maps.google.com
www.facebook.com
twitter.com
www.linkedin.com
www.youtube.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-15` - `2021-08-15`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.googleusercontent.com GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-26` - `2021-04-17`	6 months	crt.sh
www.google.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
Frame ID: A80589DF615748844D0A0C6127200F3E
Requests: 62 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfTr-AUAAAAANb_RvhTeWu00N_K6josD9XFY1OD&co=aHR0cHM6Ly95b3JvaS5jb21wYW55OjQ0Mw..&hl=en&v=rCr6uVkhcBxHr-Uhry4bcSYc&size=invisible&cb=wb00ade6y9oc
Frame ID: C27852FB366191A33C66CB01A63032F1
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfTr-AUAAAAANb_RvhTeWu00N_K6josD9XFY1OD&co=aHR0cHM6Ly95b3JvaS5jb21wYW55OjQ0Mw..&hl=en&v=rCr6uVkhcBxHr-Uhry4bcSYc&size=invisible&cb=wb00ade6y9oc
Frame ID: C0D10171149E1C932BE8740EE4471DB4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+foundation[^>"]+css/i

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link [^>]+(?:\/([\d.]+)\/)?animate\.(?:min\.)?css/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

64
Requests

98 %
HTTPS

82 %
IPv6

8
Domains

13
Subdomains

12
IPs

3
Countries

1851 kB
Transfer

3032 kB
Size

4
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://unit42.paloaltonetworks.com/aggah-campaign-bit-ly-blogspot-and-pastebin-used-for-c2-in-large-scale-campaign/
Title: PaloAlto’s UNIT42

Search URL Search Domain Scan URL

URL: https://maps.google.com/?q=Via%20Giovanni%20Battista%20Martini%206,%20Roma%20RM,%2000198
Title: Via Giovanni Battista Martini 6, Roma RM, 00198

Search URL Search Domain Scan URL

URL: https://www.facebook.com/weareyoroi/

Search URL Search Domain Scan URL

URL: https://twitter.com/yoroisecurity

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/yoroi/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCb3woWzGtRO8tYHHpje3AMA

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

64 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/ 167 KB
30 KB 900ms
869ms Document
text/html 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0bb1538283f86489fcc078facca1890f8c564ac5584ef68f444be7c454b1bae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: yoroi.company
:scheme: https
:path: /research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Fri, 13 Nov 2020 11:31:13 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d0fba4c1a5abc1239469b8ae359169a3a1605267072; expires=Sun, 13-Dec-20 11:31:12 GMT; path=/; domain=.yoroi.company; HttpOnly; SameSite=Lax
strict-transport-security: max-age=31536000
vary: Accept-Encoding Cookie
host-header: WordPress.com
x-pingback: https://yoroi.company/xmlrpc.php
link: <https://yoroi.company/wp-json/>; rel="https://api.w.org/" <https://yoroi.company/wp-json/wp/v2/posts/4618>; rel="alternate"; type="application/json" <https://yoroi.company/?p=4618>; rel=shortlink
x-ac: 1.hhn _atomic_dca
cf-cache-status: DYNAMIC
cf-request-id: 0662f8be94000006219c30b000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4UTYmaIJMPwoRnLo4JVnbZjMKYScKSDGlqbmaTz8mPNKPmIC3vpkpNMo1m9dMl6VyzloI%2FPzBsTh8zgnKj1FMtQ9GU%2FzVuC1BL4tj1IoQM2UoMWTnZP0Q7oM"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5f182a4428770621-FRA
content-encoding: br

GET
H2 200 dashicons.min.css
yoroi.company/wp-includes/css/ 58 KB
35 KB 29ms
21ms Stylesheet
text/css 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://yoroi.company/wp-includes/css/dashicons.min.css?ver=5.5.3

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc1a3a3bf97eada084f65b5d87085ddb8d3a76a9e450c6a41211e1698048de91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 11:31:13 GMT
x-ac: 1.hhn _atomic_dca
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 503355
status: 200
content-encoding: br
cf-request-id: 0662f8c20200000621df199000000001
last-modified: Fri, 17 Jul 2020 17:11:03 GMT
server: cloudflare
etag: W/"5f11dba7-e681"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qnlX7481JGcY9mXbHqvgrcGFCflvz3pCBD43DikWzwNBNVIV%2BtQIsBvuX6iywYbEGt2heAYrQ6qjMCfL7vQyua08%2Bf3JHGu%2FHDwpDwUBxmV0iZjTc%2BUqzNqM"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 5f182a499f070621-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 elusive.min.css
yoroi.company/wp-content/plugins/slick-menu/includes/modules/slick-menu-icons/includes/library/slick-menu-icon-picker/css/types/ 12 KB
2 KB 207ms
199ms Stylesheet
text/css 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://yoroi.company/wp-content/plugins/slick-menu/includes/modules/slick-menu-icons/includes/library/slick-menu-icon-picker/css/types/elusive.min.css?ver=2.0

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cf390024b9fb02ae1756d257499f568393acc60c76ae6b13ce986a46f396e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 11:31:13 GMT
x-ac: 1.hhn _atomic_dca
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-encoding: br
cf-request-id: 0662f8c20200000621ff88b000000001
last-modified: Fri, 28 Feb 2020 09:19:08 GMT
server: cloudflare
etag: W/"5e58db0c-31f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nx%2FQJ0lD6DxcxNX%2F%2BlO9IZ8CeUwEWDzG8rvSvVslTUy51IkwRVd%2FYjEwwSCdn0BK1akJlYI8gdfB0UKfeBMHtdFt%2F0Y7gn6FkK3qSuPDO5BE9LArU2%2FGj0KM"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 5f182a499f0d0621-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 font-awesome.min.css
yoroi.company/wp-content/plugins/slick-menu/includes/modules/slick-menu-icons/includes/library/slick-menu-icon-picker/css/types/ 28 KB
6 KB 22ms
15ms Stylesheet
text/css 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://yoroi.company/wp-content/plugins/slick-menu/includes/modules/slick-menu-icons/includes/library/slick-menu-icon-picker/css/types/font-awesome.min.css?ver=4.6.3

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fd50e41f2ce65b53589fb6ca59a03d2fc269d65db66f8c0b29fc5bc8ba84d08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 11:31:13 GMT
x-ac: 2.fra _atomic_dca
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 869621
status: 200
content-encoding: br
cf-request-id: 0662f8c20200000621ef13b000000001
last-modified: Fri, 28 Feb 2020 09:19:08 GMT
server: cloudflare
etag: W/"5e58db0c-7160"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wlAXXJ%2F7t4xfQaAPay99mWwcv16KjtuHJP2heWYEvMYh4Oad7LHA1nB3QLImNrMl1l2231fpzR6g3vPKJ6nOAHcUfLcMgKo00lxHXlzn42EI6tfe59Cq7W5J"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 5f182a499f0f0621-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 foundation-icons.min.css
yoroi.company/wp-content/plugins/slick-menu/includes/modules/slick-menu-icons/includes/library/slick-menu-icon-picker/css/types/ 17 KB
3 KB 30ms
23ms Stylesheet
text/css 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://yoroi.company/wp-content/plugins/slick-menu/includes/modules/slick-menu-icons/includes/library/slick-menu-icon-picker/css/types/foundation-icons.min.css?ver=3.0

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d51089ba164e46643145dc475cce83e53896a1e6541c68b20d841c1ab24e65b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 11:31:13 GMT
x-ac: 1.hhn _atomic_dca
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 58032
status: 200
content-encoding: br
cf-request-id: 0662f8c2040000062121b24000000001
last-modified: Fri, 28 Feb 2020 09:19:08 GMT
server: cloudflare
etag: W/"5e58db0c-439a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rA6GsbiS0OP%2Bt7zieTXADMQR2xxVeuwtF1%2Ff1VIvv0dmvjFpcaGE%2Bnq6NrJm8U2w2VPfcx%2B7QvYwNyseBwtfXYUtx%2BeqrzfiziWELH4%2Bvcq4uINn3nUp06hY"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 5f182a499f140621-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 genericons.min.css
yoroi.company/wp-content/plugins/slick-menu/includes/modules/slick-menu-icons/includes/library/slick-menu-icon-picker/css/types/ 26 KB
16 KB 20ms
13ms Stylesheet
text/css 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://yoroi.company/wp-content/plugins/slick-menu/includes/modules/slick-menu-icons/includes/library/slick-menu-icon-picker/css/types/genericons.min.css?ver=3.4

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2deb67a6ea5e9e0e254330515f7aa291a07618b72715a63971274378cd4d06c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 11:31:13 GMT
x-ac: 1.hhn _atomic_dca
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 58032
status: 200
content-encoding: br
cf-request-id: 0662f8c2020000062127aac000000001
last-modified: Fri, 28 Feb 2020 09:19:08 GMT
server: cloudflare
etag: W/"5e58db0c-683c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xrdEHxdK4ss5PwV2NSBEMHkfFVhPLVJyww7v6Fyeie4NKa2Y479JnjraCwcd%2FeSQ5QCRkb5dSBoglr65JsoCV4ZPizrDrDBlzTjw4i6sXod6RO5vz6BFkuav"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 5f182a499f170621-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 extra.min.css
yoroi.company/wp-content/plugins/slick-menu/includes/modules/slick-menu-icons/css/ 1 KB
631 B 29ms
22ms Stylesheet
text/css 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://yoroi.company/wp-content/plugins/slick-menu/includes/modules/slick-menu-icons/css/extra.min.css?ver=0.10.1

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

818b6cee88115de0ce32e93ec25d7ff9d675199286ff470d71117a3d97b2991a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 11:31:13 GMT
x-ac: 1.hhn _atomic_dca
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 438792
status: 200
content-encoding: br
cf-request-id: 0662f8c20300000621fd8be000000001
last-modified: Fri, 28 Feb 2020 09:19:08 GMT
server: cloudflare
etag: W/"5e58db0c-4a0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ht520iPApCsA3p5R4Xh6RPyADNdYc%2BoV5mtx2wCB2DaQ9dRXYp5Kj%2BeT0WvmSlYnOKxjRvx2odCVIwtDwlgDWq%2Fe8P%2F3F9M0a9IdkPNRWP3ytA4auq87AEPx"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 5f182a499f190621-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.min.css
yoroi.company/wp-includes/css/dist/block-library/ 53 KB
8 KB 24ms
18ms Stylesheet
text/css 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://yoroi.company/wp-includes/css/dist/block-library/style.min.css?ver=5.5.3

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 11:31:13 GMT
x-ac: 1.hhn _atomic_dca
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 58032
status: 200
content-encoding: br
cf-request-id: 0662f8c20300000621d3897000000001
last-modified: Thu, 27 Aug 2020 18:00:38 GMT
server: cloudflare
etag: W/"5f47f4c6-d293"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=O83u87fZ0vTTwDCwu6nANuttAgMi0p1rRwpgy4W5LddpA71SWzAGjMtNBAaAtigVhhU80Q7N2lzCJ3n%2FtTQE%2BGg6ON9YYp%2Be%2FYAqcIHNBus7AjvW1sAnShIR"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 5f182a499f1a0621-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 styles.css
yoroi.company/wp-content/plugins/contact-form-7/includes/css/ 2 KB
908 B 209ms
203ms Stylesheet
text/css 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://yoroi.company/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.3

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fbf8ab57db7f9981bd71d79c7daaa01a3c578ffa0aa8e9b4a9b2bfe2e9927427

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 11:31:13 GMT
x-ac: 1.hhn _atomic_dca
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-encoding: br
cf-request-id: 0662f8c20300000621d0952000000001
last-modified: Wed, 21 Oct 2020 14:31:46 GMT
server: cloudflare
etag: W/"5f904652-780"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=I4UzsLmIM8ilPpo9mr2iEARrCFFrfiI9yaUocRQfmbFt1tTrF6tXWWUpUwBk89b8CTAkGw8Ep46eLN1TKmMTZ%2FFe6%2BuwMwBHgtA%2Fxjtn%2F0yVBd0UCuxuS4R7"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 5f182a499f1d0621-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 front.min.css
yoroi.company/wp-content/plugins/cookie-notice/css/ 5 KB
1 KB 18ms
12ms Stylesheet
text/css 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://yoroi.company/wp-content/plugins/cookie-notice/css/front.min.css?ver=5.5.3

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52f668d0c674f4029e8e4ff528bcc1e51307e6568c03c9c6a4d3ba6c9ac1302e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 11:31:13 GMT
x-ac: 1.hhn _atomic_dca
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 58032
status: 200
content-encoding: br
cf-request-id: 0662f8c203000006210e22b000000001
last-modified: Wed, 23 Sep 2020 14:32:03 GMT
server: cloudflare
etag: W/"5f6b5c63-1555"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JwyxCOh1eCQK%2BoOUuYIfzshi6vhgfy96XdRSq%2F%2FekIwgb5KEde553T78JP4hbwf4TdiyvlYtb%2Fht2QZqYNTfh1VMdOTT%2FkgeKj16XAy5CyDdu2j0DiDUKew6"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 5f182a499f200621-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 aos.css
yoroi.company/wp-content/plugins/oxygen/component-framework/vendor/aos/ 25 KB
2 KB 29ms
24ms Stylesheet
text/css 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://yoroi.company/wp-content/plugins/oxygen/component-framework/vendor/aos/aos.css?ver=5.5.3

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 11:31:13 GMT
x-ac: 1.hhn _atomic_dca
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 58032
status: 200
content-encoding: br
cf-request-id: 0662f8c2030000062125bea000000001
last-modified: Mon, 03 Feb 2020 11:41:57 GMT
server: cloudflare
etag: W/"5e380705-65c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=O23cyq8RNIGyDNVPizRtxFUBhuhCU%2BB6KyoAPtqMpF5R1PipGdSWcO0OBzqMsooeM0L90tElAqnIhpirQqBCz9VOSfaVuSS2aHzsOtGqR1TF2g1BgShDIwE5"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 5f182a499f210621-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 oxygen.css
yoroi.company/wp-content/plugins/oxygen/component-framework/ 18 KB
4 KB 30ms
25ms Stylesheet
text/css 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://yoroi.company/wp-content/plugins/oxygen/component-framework/oxygen.css?ver=3.1.1

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9124a6fd00e218d97037cdcbc7ea4c40c73d95bd19da2a6a477789f1daa0bf7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 11:31:13 GMT
x-ac: 1.hhn _atomic_dca
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 58032
status: 200
content-encoding: br
cf-request-id: 0662f8c204000006211b9c3000000001
last-modified: Mon, 03 Feb 2020 11:40:54 GMT
server: cloudflare
etag: W/"5e3806c6-498b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BR6VCE8FS6Kkpk3ZWrya3%2B1tAilw3DbaJnrPBK%2B21kAtD14p1pbLKnJBzfdMRaaN1B8TpVXhg2hJ9uoET%2FmrHhnrUalrVuM59YtH9ngZDLAhwXChdaI%2F%2FKGY"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 5f182a499f260621-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 contact-form-7-email-spam-blocker-public.css
yoroi.company/wp-content/plugins/wp-contact-form7-email-spam-blocker/public/css/ 98 B
412 B 20ms
15ms Stylesheet
text/css 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://yoroi.company/wp-content/plugins/wp-contact-form7-email-spam-blocker/public/css/contact-form-7-email-spam-blocker-public.css?ver=1.0.0

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 11:31:13 GMT
x-ac: 1.hhn _atomic_dca
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 333310
status: 200
content-encoding: br
cf-request-id: 0662f8c20400000621e3b07000000001
last-modified: Tue, 04 Feb 2020 11:21:55 GMT
server: cloudflare
etag: W/"5e3953d3-62"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nzFS%2FEiKfHnblEdLPQYUQyIgzU4rXG526B%2FWW1pxmKfV%2BiPw%2B9rtBPmUESPhuTahZr5X%2FTGBP87ZyepzwxB5DOOeL%2F4ABpU96XLmL6xd%2BabAYF35YPRL67EC"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 5f182a499f280621-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 animate.css
yoroi.company/wp-content/plugins/slick-menu/assets/vendors/animate/ 77 KB
4 KB 18ms
14ms Stylesheet
text/css 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://yoroi.company/wp-content/plugins/slick-menu/assets/vendors/animate/animate.css?ver=1.2.7

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97470c6fac60d3431c7309907a10d67d0356b563c7bab67f7a44301d4164ac38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 11:31:13 GMT
x-ac: 1.hhn _atomic_dca
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 58032
status: 200
content-encoding: br
cf-request-id: 0662f8c20400000621be9ef000000001
last-modified: Fri, 28 Feb 2020 09:19:08 GMT
server: cloudflare
etag: W/"5e58db0c-135d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aoYz00PuDVBuFL1a7mVvTxOiKVnZT%2F21kcv6FruNCmIxv56%2BrR381WiRh%2FzknNuYcjgY4clG4MKW%2BnTmEEcub1%2BZKXGBFHJFK%2B2NIItT%2FZMiCXPFRdyvNKBG"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 5f182a499f2a0621-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 slickmenu.min.css
yoroi.company/wp-content/plugins/slick-menu/assets/css/ 48 KB
7 KB 21ms
17ms Stylesheet
text/css 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://yoroi.company/wp-content/plugins/slick-menu/assets/css/slickmenu.min.css?ver=1.2.7

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81d95e3d8d470a9de65b68baab1200d56b39a812e7717d7d294910a37d635dd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 11:31:13 GMT
x-ac: 1.hhn _atomic_dca
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 58032
status: 200
content-encoding: br
cf-request-id: 0662f8c2040000062188bbc000000001
last-modified: Fri, 28 Feb 2020 09:19:08 GMT
server: cloudflare
etag: W/"5e58db0c-beb1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0jh8POaua333axj%2BYofeZ1t%2BbeLnU1bXSxAnysUrM35GjaHZ6u8onAwfcPraQA8PFwfIMafkU5wHMSGCHTaQ7Fn%2FqU8vmf9%2BIV8y3BjXzSlDWxv5E%2BoVQyNv"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 5f182a499f2b0621-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 /
yoroi.company/ 243 KB
8 KB 699ms
695ms Stylesheet
text/css 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://yoroi.company/?sm_ajax=dynamic_styles&t=1605256635&ver=1.2.7

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ea057066074e145942ce7d17112e74a6f88850c8d450ada79c920e78263ee94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nananana: Batcache-Set
date: Fri, 13 Nov 2020 11:31:14 GMT
x-ac: 1.hhn _atomic_dca
vary: Cookie
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
host-header: WordPress.com
content-encoding: br
cf-request-id: 0662f8c20400000621d59bd000000001
last-modified: Fri, 13 Nov 2020 11:31:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6Cc2lv3GNPhHOyndvQpjXUNLsjCkADb93NAsCnztGv8FaEM3s5Q%2Bol7XRyMEeC25EnXPLDJ369MJoITYOhUbeCm4iEiva%2BHVmU9k0KfyElOOtgBQyaNPgKvR"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset: UTF-8;charset=utf-8
cache-control: max-age=300, must-revalidate
cf-ray: 5f182a499f2d0621-FRA

GET
H2 200 jquery.js Show response
yoroi.company/wp-includes/js/jquery/ 95 KB
32 KB 327ms
323ms Script
application/javascript 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://yoroi.company/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 11:31:13 GMT
x-ac: 1.hhn _atomic_dca
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-encoding: br
cf-request-id: 0662f8c20500000621212ef000000001
last-modified: Fri, 17 May 2019 04:25:54 GMT
server: cloudflare
etag: W/"5cde37d2-17a69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2B%2BOgkddKlUkyGxG44HzAbfN6%2FFOtY2yKCMYIFjx54qDCPK89ZOuTogaD27Gey5k3XVWkFTqeJ5szsAyoBnEY5NttSStKc9BOJm6kLrDOgFThiTeI8di5Lyc%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 5f182a49af340621-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 front.min.js Show response
yoroi.company/wp-content/plugins/cookie-notice/js/ 9 KB
2 KB 19ms
16ms Script
application/javascript 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://yoroi.company/wp-content/plugins/cookie-notice/js/front.min.js?ver=1.3.2

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc51ed5137587b9033d06b65d9456d6d69dc52a4005cc51b2d23f85e69d4f8c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 11:31:13 GMT
x-ac: 1.hhn _atomic_dca
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 58032
status: 200
content-encoding: br
cf-request-id: 0662f8c2060000062104a46000000001
last-modified: Wed, 23 Sep 2020 14:32:03 GMT
server: cloudflare
etag: W/"5f6b5c63-2474"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mS74l5VF3y7GKmsmO6HL9X5JeruUwDEJvtvH%2FcAuI7%2FtofseqLDXwxPEOp1u1piQnFCjafGUti2FE5pUmMpg0yaig%2By93UkIDkCCUrnrzdrZQ%2BrnJga3A17B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 5f182a49af350621-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 aos.js Show response
yoroi.company/wp-content/plugins/oxygen/component-framework/vendor/aos/ 14 KB
4 KB 26ms
23ms Script
application/javascript 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://yoroi.company/wp-content/plugins/oxygen/component-framework/vendor/aos/aos.js?ver=1

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4460f1596174d06cca957fdaca2c71e1a377cf1d6f07ee4c75ffb3bf3fc97a03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 11:31:13 GMT
x-ac: 1.hhn _atomic_dca
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 58032
status: 200
content-encoding: br
cf-request-id: 0662f8c2060000062134964000000001
last-modified: Mon, 03 Feb 2020 11:41:57 GMT
server: cloudflare
etag: W/"5e380705-37a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CqsKL2n7Ym%2BvAHT%2FmQpQ%2BOJmOQ52E4gj7Rt%2BKwXXg3Jwqfa29Otv9rrszhe0rk3WtySHLIKiG3gkxIW9WrE3kHKAdBKhFt46PzRSJGpvlomM7zs8pCDcBMwb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 5f182a49af380621-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 contact-form-7-email-spam-blocker-public.js Show response
yoroi.company/wp-content/plugins/wp-contact-form7-email-spam-blocker/public/js/ 838 B
774 B 26ms
24ms Script
application/javascript 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://yoroi.company/wp-content/plugins/wp-contact-form7-email-spam-blocker/public/js/contact-form-7-email-spam-blocker-public.js?ver=1.0.0

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 11:31:13 GMT
x-ac: 1.hhn _atomic_dca
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 438792
status: 200
content-encoding: br
cf-request-id: 0662f8c20700000621d3898000000001
last-modified: Tue, 04 Feb 2020 11:21:55 GMT
server: cloudflare
etag: W/"5e3953d3-346"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=D7e7fspcwZ0kuR%2B5hpQqF%2BFMkjX%2FPoN0lC8QGuEDfiaxM%2FicjoM3kCqBdVz5ZKQJT0wxEPg6%2BYRJaXp3UUvtHqUveBWGmqeiKYLGf811lSFN%2FwQOQI3%2FPUvL"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 5f182a49af390621-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 9 KB
657 B 21ms
19ms Stylesheet
text/css 2a00:1450:4001:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Work+Sans:100,200,300,400,500,600,700,800,900|Work+Sans:100,200,300,400,500,600,700,800,900

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bbd10de48b5659ee4ad78af5514039eb393580d9ffc2e4cf6d9b24fb63532520

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 13 Nov 2020 11:31:13 GMT
server: ESF
date: Fri, 13 Nov 2020 11:31:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 13 Nov 2020 11:31:13 GMT

GET
H2 200 /
yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/ 34 KB
6 KB 837ms
835ms Stylesheet
text/css 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/?xlink=css&ver=5.5.3

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af73c24ded3f2637540ae5b80bacf564d968a70443f4a405182fb42c8a19c91b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 11:31:14 GMT
x-ac: 1.hhn _atomic_dca
vary: Accept-Encoding, Cookie
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-pingback: https://yoroi.company/xmlrpc.php
status: 200
host-header: WordPress.com
content-encoding: br
cf-request-id: 0662f8c205000006213430f000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SH638q1RW084i5jQ2IAOAa5hm70qq2gS54QoiJcmfqXOrjem83y48RelyVQj%2BdChyDB64hgvckDh5trr03H7orrNXIyeTl73Ihy7MFslNe0G92%2F4aQbSAQoe"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=utf-8
cf-ray: 5f182a499f310621-FRA
link: <https://yoroi.company/wp-json/>; rel="https://api.w.org/", <https://yoroi.company/wp-json/wp/v2/posts/4618>; rel="alternate"; type="application/json", <https://yoroi.company/?p=4618>; rel=shortlink

GET
H2 200 logo-head.svg
yoroi.company/wp-content/uploads/2020/01/ 3 KB
1 KB 46ms
41ms Image
image/svg+xml 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yoroi.company/wp-content/uploads/2020/01/logo-head.svg

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65158a29c17b7bd93fcb3409b97eda74a7c090d932a9ce494adb9f82d737894d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 11:31:14 GMT
x-ac: 1.hhn _atomic_dca
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 68478
status: 200
access-control-allow-methods: GET, HEAD
content-encoding: br
cf-request-id: 0662f8c5f900000621fcbfc000000001
last-modified: Mon, 03 Feb 2020 11:41:20 GMT
server: cloudflare
etag: W/"5e3806e0-a21"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FZc2ZXKtgxWFp4LYyfPBODLD5%2BDdsH2Zt9nSGZsl3HGMDTgJIvvbj80euoZ5QOy7scLtR5%2BMQxlViWkLwCffXjS0j6Gcm5cXF0Ke4u4PuEr1xjFyXENyV69H"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 5f182a4ffddf0621-FRA
expires: Thu, 19 Nov 2020 16:29:56 GMT

GET
H2 200 hamburger.svg
yoroi.company/wp-content/uploads/2020/01/ 488 B
647 B 28ms
23ms Image
image/svg+xml 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yoroi.company/wp-content/uploads/2020/01/hamburger.svg

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f349f68dd834591897a2b648193d96446427a388772b17163e166c17bf4bb5f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 11:31:14 GMT
x-ac: 1.hhn _atomic_dca
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 68478
status: 200
access-control-allow-methods: GET, HEAD
strict-transport-security: max-age=31536000
content-encoding: br
cf-request-id: 0662f8c5f900000621bea50000000001
last-modified: Mon, 03 Feb 2020 11:41:17 GMT
server: cloudflare
etag: W/"5e3806dd-1e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NhY9UGnlT0E4IWNJ0bNsonrX2cjjNBLYrd8ei7NiZWIMW%2FOvYpqp6X%2FkalyoRQm1h9D1JpH1qndyMGe38WwcEsBDVGVzAw9ID1Qrzkng37SQCWJF6NefJ8%2F7"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 5f182a4ffde00621-FRA
expires: Thu, 19 Nov 2020 16:29:56 GMT

GET
H2 200 Risorsa-36-8.png
yoroi.company/wp-content/uploads/2020/01/ 30 KB
30 KB 44ms
39ms Image
image/png 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yoroi.company/wp-content/uploads/2020/01/Risorsa-36-8.png

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

048e7b54fbc9022c80b0bf1144f55baaf814f91fe575515dbd4263634317013f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 11:31:14 GMT
x-ac: 1.hhn _atomic_dca
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 58032
status: 200
access-control-allow-methods: GET, HEAD
strict-transport-security: max-age=31536000
content-length: 30485
cf-request-id: 0662f8c5fa0000062121b86000000001
last-modified: Mon, 03 Feb 2020 11:41:18 GMT
server: cloudflare
etag: "5e3806de-7715"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1Yjl0gFHnaIkamkoQcD%2Fjb%2Bkv87EKMiBmfIof0yBrGzy8QGy0PfGDznT%2BNH68aK2ujccvSQCtNuAsq7VbZkBSm8%2BpPMziE%2F3%2B6uwF9GNdnXxX5SxPXOiJfK3"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 5f182a4ffde10621-FRA
expires: Thu, 19 Nov 2020 19:24:02 GMT

GET
H2 200 Zjha9-Haq9pIhQOXqU8yF2o10B93AMeGphJOoQtJBVaccZQfc6aPDT0NsyN9zpjzqQ1fFjIxnAZ12pRAai9OP5S0-xmZPlEhdaN77M0J_H2T-z5z21pny1HnbVlkCMm5I9zYBYc
lh3.googleusercontent.com/ 62 KB
62 KB 523ms
518ms Image
image/png 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/Zjha9-Haq9pIhQOXqU8yF2o10B93AMeGphJOoQtJBVaccZQfc6aPDT0NsyN9zpjzqQ1fFjIxnAZ12pRAai9OP5S0-xmZPlEhdaN77M0J_H2T-z5z21pny1HnbVlkCMm5I9zYBYc

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0393ca3e78ea20df43fe2aeb0b0edfaa8207dec4555bbc7afe49acc07a16eafd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 11:31:15 GMT
x-content-type-options: nosniff
status: 200
content-disposition: inline;filename="pasted image 0.png"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63693
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 14 Nov 2020 11:31:15 GMT

GET
H2 200 AYz0w4ASVf03imxs2S8Z19CxzEgya5NAm0CPqRNSHvFY2mA2yOqti6FTGqWny0JKH9oQqeGTUYp9kGygz0WnPYmZAQbZBVNqpF1QBuahJJl1nUvMkAVjJfbaou0StPzHZCjDUE8
lh5.googleusercontent.com/ 18 KB
18 KB 478ms
473ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/AYz0w4ASVf03imxs2S8Z19CxzEgya5NAm0CPqRNSHvFY2mA2yOqti6FTGqWny0JKH9oQqeGTUYp9kGygz0WnPYmZAQbZBVNqpF1QBuahJJl1nUvMkAVjJfbaou0StPzHZCjDUE8

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2a2cf9a938c52aa4159c61435eae29f96a0abbbe0528afe1f98a63d9431218ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 11:31:14 GMT
x-content-type-options: nosniff
status: 200
content-disposition: inline;filename="pasted image 0.png"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18787
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 14 Nov 2020 11:31:14 GMT

GET
H2 200 ogxIs1oN2_TGi2MIkNytyTpGepS4Xn-Bvxq_hRFyn3kUj-0pLbstEmkFnHgDb9b3d9d27lfN8I03itpIwjxWx2j5S3EScne-AAem0_f2dpR5CcVAKjvmsRSsH3GauR2C_C6zMSI
lh5.googleusercontent.com/ 19 KB
19 KB 371ms
365ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/ogxIs1oN2_TGi2MIkNytyTpGepS4Xn-Bvxq_hRFyn3kUj-0pLbstEmkFnHgDb9b3d9d27lfN8I03itpIwjxWx2j5S3EScne-AAem0_f2dpR5CcVAKjvmsRSsH3GauR2C_C6zMSI

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

11afa87705977e06be751fce8cebbeecc0c93e5b5d90d0055ab3936a57eac385

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 11:31:14 GMT
x-content-type-options: nosniff
status: 200
content-disposition: inline;filename="pasted image 0.png"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19164
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 14 Nov 2020 11:31:14 GMT

GET
H2 200 6_QIuMa3i-tbZ02nH1R8eUAfUL1jwZtEB52im9QEQVQHJ2wbn23w2pTSfpV8J0n-Kz_VAtl_lk95Zkqh-r2m4sZvS8yEg2EpDEEGmg-uWhYkt7NPAJf8_OuPi8uE93By8xYG0VI
lh5.googleusercontent.com/ 65 KB
65 KB 498ms
493ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/6_QIuMa3i-tbZ02nH1R8eUAfUL1jwZtEB52im9QEQVQHJ2wbn23w2pTSfpV8J0n-Kz_VAtl_lk95Zkqh-r2m4sZvS8yEg2EpDEEGmg-uWhYkt7NPAJf8_OuPi8uE93By8xYG0VI

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

873ec0a245593ff878fd6a363dd4ce3ef3d2292eaea64cd332d163f2cb7543d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 11:31:15 GMT
x-content-type-options: nosniff
age: 0
status: 200
content-disposition: inline;filename="pasted image 0.png"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66639
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 11 Nov 2020 21:27:14 GMT

GET
H2 200 PotKj0cUukFOuAcbqvBAcA6PSsgEpjKYtwp5ZXDBPc-YalOMa9ODMYIxExHtA2XewO8awq-pXwx4NssKZmpK3Va-d8t0PVatLDBAvngv_M-V4XhnngWcc6abmXNNHF8azGYgc3c
lh6.googleusercontent.com/ 78 KB
78 KB 563ms
559ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/PotKj0cUukFOuAcbqvBAcA6PSsgEpjKYtwp5ZXDBPc-YalOMa9ODMYIxExHtA2XewO8awq-pXwx4NssKZmpK3Va-d8t0PVatLDBAvngv_M-V4XhnngWcc6abmXNNHF8azGYgc3c

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3c23e9a47403b2586844292fbc79cc03567ceba2f285cbfdbe0dc57814ce88af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 11:31:15 GMT
x-content-type-options: nosniff
age: 0
status: 200
content-disposition: inline;filename="pasted image 0.png"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 79889
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 11 Nov 2020 21:27:14 GMT

GET
H2 200 UtOWdf-myewjXoZcFC-kfW4yWlPU1qU2C4mHBiY_wJmorObxkZGLcBirioB_rOloY5tLVfPgwVJiUD9RmasMi1rRIJj_hwGI-qNpp4TqWqep8tirFVYDA7Kl4ytrwiMQAHE4_-k
lh5.googleusercontent.com/ 33 KB
33 KB 407ms
403ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/UtOWdf-myewjXoZcFC-kfW4yWlPU1qU2C4mHBiY_wJmorObxkZGLcBirioB_rOloY5tLVfPgwVJiUD9RmasMi1rRIJj_hwGI-qNpp4TqWqep8tirFVYDA7Kl4ytrwiMQAHE4_-k

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a5e4f9b4fcb23c33ecee407b2b25cd0216c141a6e169d78dcef21437fe9fa699

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 11:31:14 GMT
x-content-type-options: nosniff
status: 200
content-disposition: inline;filename="pasted image 0.png"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33591
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 14 Nov 2020 11:31:14 GMT

GET
H2 200 W6SvX6YKiJ5Ze7L_CtFNb1S3N-s6d5Mry_R8I9ItOI9ed0AokeysPmpPjKNS1wBlxsQ3AiyL2QsKh1LceWl0LtZS_MSbzgpRoy0q7xhieHDgjly6T1EkNshrEkZkPcHtKrliVVY
lh6.googleusercontent.com/ 34 KB
34 KB 389ms
385ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/W6SvX6YKiJ5Ze7L_CtFNb1S3N-s6d5Mry_R8I9ItOI9ed0AokeysPmpPjKNS1wBlxsQ3AiyL2QsKh1LceWl0LtZS_MSbzgpRoy0q7xhieHDgjly6T1EkNshrEkZkPcHtKrliVVY

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

cd26fabb30132bf676ebbea7cab03130fb76d6b6b3458ca43633f43ac66629c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 11:31:14 GMT
x-content-type-options: nosniff
status: 200
content-disposition: inline;filename="pasted image 0.png"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35110
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 14 Nov 2020 11:31:14 GMT

GET
H2 200 UcFdk0S8hMEUqHzk3ieVAVD6wybVM8XouO9DQ5mZ-zz_tyfcm2yzVwPnaysITE1b0Nivw4XjNowmMGGaBLCKfQgLsU2e3WM1GLNsfkuxTNo2z_jIMDFxe1kB43eNVneC6UOf16M
lh5.googleusercontent.com/ 31 KB
31 KB 442ms
438ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/UcFdk0S8hMEUqHzk3ieVAVD6wybVM8XouO9DQ5mZ-zz_tyfcm2yzVwPnaysITE1b0Nivw4XjNowmMGGaBLCKfQgLsU2e3WM1GLNsfkuxTNo2z_jIMDFxe1kB43eNVneC6UOf16M

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f498badc611203564d7b2dbe60aa71a8cfd99f33dd2f1dd339659ee637cfda98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 11:31:14 GMT
x-content-type-options: nosniff
status: 200
content-disposition: inline;filename="pasted image 0.png"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31778
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 14 Nov 2020 11:31:14 GMT

GET
H2 200 -sPxsAFeZGiMwLS22rUID19RsZxJs5NJ4LDVXTBepT9aTfSAgW-nvLDpt-qT0lRdJ-by0jm51UIy4T58JCqCiE7ji7hwWIihVHhKEPGP9LbwoN9nNE79hS-Nx7iITypi1bgyzLY
lh3.googleusercontent.com/ 41 KB
41 KB 444ms
441ms Image
image/png 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/-sPxsAFeZGiMwLS22rUID19RsZxJs5NJ4LDVXTBepT9aTfSAgW-nvLDpt-qT0lRdJ-by0jm51UIy4T58JCqCiE7ji7hwWIihVHhKEPGP9LbwoN9nNE79hS-Nx7iITypi1bgyzLY

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ffada9a789139fda6ea91b3db07de8109264ba27a849900c80b80430cb3b9186

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 11:31:14 GMT
x-content-type-options: nosniff
status: 200
content-disposition: inline;filename="pasted image 0.png"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42132
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 14 Nov 2020 11:31:14 GMT

GET
H2 200 gyTocUn7fuiueoWejFoJeniKcHrdZb-muWIpoQf-WKK5vxxK8DrHBKmEmAlBLRepgYztERoZBITwngWyE1N1qswsNbpjFrYMHfbvFAMgewcAqaUBpCWU-qqsta0Kr_C0FHD4EZM
lh6.googleusercontent.com/ 22 KB
22 KB 397ms
394ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/gyTocUn7fuiueoWejFoJeniKcHrdZb-muWIpoQf-WKK5vxxK8DrHBKmEmAlBLRepgYztERoZBITwngWyE1N1qswsNbpjFrYMHfbvFAMgewcAqaUBpCWU-qqsta0Kr_C0FHD4EZM

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

23e7c9ba61971cd992dc23560b8ae84b4c6e7292c7ad1a33c490ef4255f5b36a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 11:31:14 GMT
x-content-type-options: nosniff
age: 0
status: 200
content-disposition: inline;filename="pasted image 0.png"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22256
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 11 Nov 2020 21:27:14 GMT

GET
H2 200 pmtpPiEXWDDtV2hhyyl9JEOUr1iB5wCRhiawi2sdDrv76f9b4s8hljSZyB2fe5MeOIWDcOwVAy8owqtEoaEx9pEVLCjUwgrQkP7iqJHzh56JM2wGgzys5hbk2JRvF5l5I2ROtEs
lh4.googleusercontent.com/ 200 KB
200 KB 522ms
522ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.googleusercontent.com/pmtpPiEXWDDtV2hhyyl9JEOUr1iB5wCRhiawi2sdDrv76f9b4s8hljSZyB2fe5MeOIWDcOwVAy8owqtEoaEx9pEVLCjUwgrQkP7iqJHzh56JM2wGgzys5hbk2JRvF5l5I2ROtEs

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

797aa2ba5e3eb09bebee4a64989f3a5554e475a203c55ba08b82c99a09767914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 11:31:15 GMT
x-content-type-options: nosniff
status: 200
content-disposition: inline;filename="pasted image 0.png"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 204778
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 14 Nov 2020 11:31:15 GMT

GET
H3-Q050 200 8fa-BymzQwqwOdO1mj05oz1yiPlPZLwHTni3o2Di7WDaMifGVEANe9eXQu_8eKbKDoAtzkXUy2mwn8AHzNUaldweJxDYnErDwFwquuvPgYbSeTkzaXHN5eHb9w8umRosIg9QaiY
lh5.googleusercontent.com/ 210 KB
210 KB 450ms
434ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/8fa-BymzQwqwOdO1mj05oz1yiPlPZLwHTni3o2Di7WDaMifGVEANe9eXQu_8eKbKDoAtzkXUy2mwn8AHzNUaldweJxDYnErDwFwquuvPgYbSeTkzaXHN5eHb9w8umRosIg9QaiY

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

62aecf5afa3266b749d56fd10300316d07ae7b5d995b4b862bf8e629bb950093

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 11:31:15 GMT
x-content-type-options: nosniff
status: 200
content-disposition: inline;filename="pasted image 0.png"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 215141
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 14 Nov 2020 11:31:15 GMT

GET
H3-Q050 200 74UPzLPgqv03jCSoo7VePc5H1DmBFo_0RXAwWq9gVw2iv9copR64jIXykWDdKDzkIs9hCauYl6vHZI8yPEQJmE3BUxQW_z_eWKvw0hvAvqhRVhdYw5hJgbkvC_m0-siyjVDtJ-g
lh3.googleusercontent.com/ 389 KB
389 KB 551ms
536ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/74UPzLPgqv03jCSoo7VePc5H1DmBFo_0RXAwWq9gVw2iv9copR64jIXykWDdKDzkIs9hCauYl6vHZI8yPEQJmE3BUxQW_z_eWKvw0hvAvqhRVhdYw5hJgbkvC_m0-siyjVDtJ-g

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0efbb0e114f9f0dd7d5b2205243474376ea75b11a72086412f9dccda5f3868ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 11:31:15 GMT
x-content-type-options: nosniff
status: 200
content-disposition: inline;filename="pasted image 0.png"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 398260
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 14 Nov 2020 11:31:15 GMT

GET
H3-Q050 200 0bRl7gOtI5oaIi329gH0qhEeeL_Iko8z6XPkmkDF4y1DutiqJPk2rTl8Q3lEbCeJAhc4luewMgPnpmam1uj63h8GtYHQsHa0KpGo1knKaWPLs4XkfJd8qCa2W5CG2vueNh525zc
lh3.googleusercontent.com/ 158 KB
158 KB 483ms
469ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/0bRl7gOtI5oaIi329gH0qhEeeL_Iko8z6XPkmkDF4y1DutiqJPk2rTl8Q3lEbCeJAhc4luewMgPnpmam1uj63h8GtYHQsHa0KpGo1knKaWPLs4XkfJd8qCa2W5CG2vueNh525zc

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

50c5ded8f5b1d438955ba152608e8355210da6b23a4e84fb34b4397087f5c2a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 11:31:15 GMT
x-content-type-options: nosniff
status: 200
content-disposition: inline;filename="pasted image 0.png"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 162216
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 14 Nov 2020 11:31:15 GMT

GET
H2 200 email-decode.min.js Show response
yoroi.company/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 8ms
8ms Script
application/javascript 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://yoroi.company/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 11:31:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
vary: Accept-Encoding
cf-request-id: 0662f8c54800000621bea3f000000001
last-modified: Mon, 09 Nov 2020 16:26:32 GMT
server: cloudflare
etag: W/"5fa96db8-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ifbmP0AIkVSmJE7zRtXRN3uCXZcFYV2nbPksuPX2GWe1ASKsepltmk1UAZIbzzi0mvjpsoDk%2BL8ZBxQqfIdY3ccXIEVk78%2FB4dYjZ6f4dSLuMn7Aa29A0cE9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 5f182a4edb330621-FRA
expires: Sun, 15 Nov 2020 11:31:14 GMT

GET
H2 200 bilmur.min.js Show response
s0.wp.com/wp-content/js/ 3 KB
1 KB 47ms
14ms Script
application/javascript 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/wp-content/js/bilmur.min.js?m=202046
Requested by: Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: 98619b62f2320249ce5e6850e5e5e5040d348b2f9a80467a7d0306069134d35e

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Fri, 13 Nov 2020 11:31:14 GMT
content-encoding: gzip
server: nginx
etag: W/"5f72415a-dbf"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
x-ac: 4.ams _dfw
expires: Tue, 09 Nov 2021 00:00:01 GMT

GET
H2 200 countUp.min.js Show response
yoroi.company/wp-content/assets/js/ 5 KB
2 KB 12ms
12ms Script
application/javascript 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://yoroi.company/wp-content/assets/js/countUp.min.js

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c63a636fec47c33c1f90b009d2f95830d3492083c04e429cda86914834714967

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://yoroi.company
Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 11:31:14 GMT
x-ac: 1.hhn _atomic_dca
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 68478
status: 200
content-encoding: br
cf-request-id: 0662f8c551000006217f18e000000001
last-modified: Mon, 03 Feb 2020 11:40:49 GMT
server: cloudflare
etag: W/"5e3806c1-126e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8wFQ%2Fh5fT3GyOz83W8vNgnPi2fRdzqaBf9EJ%2F6T4xykqfFWZUAQgTNAW4YGMGwpBwz49RfiDE7%2F5aP2lL1yw2jrGy6HRp%2BjJwt1fgw%2Ft9l%2FGZX9m4WeUZdkE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=604800
cf-ray: 5f182a4eeb650621-FRA
expires: Thu, 19 Nov 2020 16:29:56 GMT

GET
H2 200 counters.js Show response
yoroi.company/wp-content/assets/js/ 2 KB
966 B 14ms
14ms Script
application/javascript 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://yoroi.company/wp-content/assets/js/counters.js

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c594062728319da3ecaa98c4c0b930b07d5e64207eb6e4987d4fcbff9134768

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://yoroi.company
Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 11:31:14 GMT
x-ac: 1.hhn _atomic_dca
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 68478
status: 200
content-encoding: br
cf-request-id: 0662f8c56100000621d09a4000000001
last-modified: Mon, 03 Feb 2020 11:40:49 GMT
server: cloudflare
etag: W/"5e3806c1-78d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xFV0IEx4icK447IFcEzZoO7U4BfS8yPbA6NIAm1NfGhXeaw%2BkIQ6pcPSQl38w4D4vb8al4oDkyYZ4ieYSHY9IJ5fLnKWSbRvajFfOCUQanPCtEtVzQXC0On4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=604800
cf-ray: 5f182a4efb9f0621-FRA
expires: Thu, 19 Nov 2020 16:29:56 GMT

GET
H2 200 parallax.min.js Show response
yoroi.company/wp-content/assets/js/ 17 KB
5 KB 11ms
11ms Script
application/javascript 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://yoroi.company/wp-content/assets/js/parallax.min.js

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf4d20b28de8c7f77428b24325ec3afb39b6f7e277f6b61666f3a0a17cc3b42b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 11:31:14 GMT
x-ac: 1.hhn _atomic_dca
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 68478
status: 200
content-encoding: br
cf-request-id: 0662f8c56e00000621f2851000000001
last-modified: Mon, 03 Feb 2020 11:40:49 GMT
server: cloudflare
etag: W/"5e3806c1-43a2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kZI4z1TqnGsS9GQJv7D0AHGzj6TW0YC%2BrYgaUXxp9Nez1CgZO1hXX8s425OMNU53yvmGRZl0PL2mxgdpJb9bw4ZJgzGxR%2Bfx5aISrv6zEvaS%2F4Omz%2BSrbxvo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=604800
cf-ray: 5f182a4f1bdd0621-FRA
expires: Thu, 19 Nov 2020 16:29:56 GMT

GET
H2 200 intersection-observer.js Show response
cdn.jsdelivr.net/npm/intersection-observer@0.7.0/ 22 KB
6 KB 6ms
6ms Script
application/javascript 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/intersection-observer@0.7.0/intersection-observer.js

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1dc6d2d43514d1d8956877d1f2ef347cd5abdb8ecf8e47aba59d87b8a6da49bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 128712
x-cache: HIT
status: 200
cross-origin-resource-policy: cross-origin
content-length: 6401
etag: W/"57ad-m3EaUx6495LHE8zS0+QpFP8kqM0"
x-served-by: cache-fra19121-FRA
date: Fri, 13 Nov 2020 11:31:14 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 lazyload.min.js Show response
cdn.jsdelivr.net/npm/vanilla-lazyload@12.4.0/dist/ 6 KB
2 KB 8ms
6ms Script
application/javascript 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vanilla-lazyload@12.4.0/dist/lazyload.min.js

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0be502b9446e16b338d36ccadac232f4a68ab74655f98fec415ccdbbccbf5729

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 1351065
x-cache: HIT
status: 200
cross-origin-resource-policy: cross-origin
content-length: 2436
etag: W/"1926-ftj+zhhSvu4E/RMH3S02cxSkfWc"
x-served-by: cache-fra19121-FRA
date: Fri, 13 Nov 2020 11:31:14 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 scripts.js Show response
yoroi.company/wp-content/plugins/contact-form-7/includes/js/ 14 KB
4 KB 16ms
15ms Script
application/javascript 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://yoroi.company/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.3

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

125ec330f66081e7dc9f2814e9ec18f4e2d0baa1936d497375eedfda7ac12e5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 11:31:14 GMT
x-ac: 1.hhn _atomic_dca
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 58032
status: 200
content-encoding: br
cf-request-id: 0662f8c57e00000621d38e9000000001
last-modified: Wed, 21 Oct 2020 14:31:46 GMT
server: cloudflare
etag: W/"5f904652-37c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ndcpxzi62PY%2Bq%2FvHCy2I%2Bv8gcBqTbDCmiOtU02EJOCgmgQ993N6e%2Fg37DuXaIibw%2BOyPMabqdCnRVFNFVPpy7wAcLQwD0zytyPAQcn%2BIfbgwA6sMuiP6BaNg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 5f182a4f2c030621-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
676 B 28ms
28ms Script
text/javascript 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LfTr-AUAAAAANb_RvhTeWu00N_K6josD9XFY1OD&ver=3.0

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

619141470330575142621c135c649a73bcb592cda6834dfe9e1da185d1066880

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 11:31:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 584
x-xss-protection: 1; mode=block
expires: Fri, 13 Nov 2020 11:31:14 GMT

GET
H2 200 script.js Show response
yoroi.company/wp-content/plugins/contact-form-7/modules/recaptcha/ 1 KB
846 B 11ms
11ms Script
application/javascript 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://yoroi.company/wp-content/plugins/contact-form-7/modules/recaptcha/script.js?ver=5.3

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aef711d1643073ab593de1d958ee854d6f63339cb216eda43666fb9dfcebffd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 11:31:14 GMT
x-ac: 1.hhn _atomic_dca
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 58032
status: 200
content-encoding: br
cf-request-id: 0662f8c5a900000621651af000000001
last-modified: Wed, 21 Oct 2020 14:31:46 GMT
server: cloudflare
etag: W/"5f904652-4f3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZTgb41wJ4Q48c0qeMNm2ipz3Q6fbT9%2BdplD9LMnTZW4MHUd5jwRPGrSiQLm%2FwndkL%2Bb5zReChqfxcSneBSXVf0wNLdODSap7aogT9FHx0KwOEMeR5AZr41o%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 5f182a4f7cae0621-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 modernizr.js Show response
yoroi.company/wp-content/plugins/slick-menu/assets/vendors/modernizr/ 12 KB
5 KB 18ms
18ms Script
application/javascript 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://yoroi.company/wp-content/plugins/slick-menu/assets/vendors/modernizr/modernizr.js?ver=1.2.7

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49cf0f2de45929d5674df4377cfc2363324674ca4dfdef454bc1dfeebcec9ca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 11:31:14 GMT
x-ac: 1.hhn _atomic_dca
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 58032
status: 200
content-encoding: br
cf-request-id: 0662f8c5b7000006218fa6a000000001
last-modified: Fri, 28 Feb 2020 09:19:08 GMT
server: cloudflare
etag: W/"5e58db0c-317b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=y%2F8GqoGyEqAlweLr3xAZZ3Pek6PrW%2F4VDu2CGDu0VZTRnB%2BIHNQRDhg%2F%2Bt8Dv4ZAg3SFPkDFnoLl8OFHS95fXw588tbvyFuGLh8qqcjcunhV%2B%2ByCFcKLU93J"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 5f182a4f8cd70621-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 TweenMax.min.js Show response
yoroi.company/wp-content/plugins/slick-menu/assets/vendors/greensock/ 108 KB
35 KB 18ms
18ms Script
application/javascript 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://yoroi.company/wp-content/plugins/slick-menu/assets/vendors/greensock/TweenMax.min.js?ver=1.2.7

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97982680a892d29f743ce32b99fb340cc4a186769e56380998145868781f4ebe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 11:31:14 GMT
x-ac: 2.fra _atomic_dca
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 763977
status: 200
content-encoding: br
cf-request-id: 0662f8c5c900000621d09b1000000001
last-modified: Fri, 28 Feb 2020 09:19:08 GMT
server: cloudflare
etag: W/"5e58db0c-1aeba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VZI8LKAgEqZyS0UbKvTDnUUwoGt1XfAO52wfSxWASWJ%2BNgBy3A4KH9wKUdRvV2np6uoRClyjVZRgElpfappuxBlSWg60QS2YvNJQiJaB9yBIaxiWB9cHwerG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 5f182a4fad1c0621-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ScrollToPlugin.min.js Show response
yoroi.company/wp-content/plugins/slick-menu/assets/vendors/greensock/ 2 KB
1 KB 160ms
160ms Script
application/javascript 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://yoroi.company/wp-content/plugins/slick-menu/assets/vendors/greensock/ScrollToPlugin.min.js?ver=1.2.7

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

806548b84857dbb3a3243a0d7c0aedc2afd647bf96b48de90985df9591ca4a4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 11:31:14 GMT
x-ac: 1.hhn _atomic_dca
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-encoding: br
cf-request-id: 0662f8c5d500000621df1f6000000001
last-modified: Fri, 28 Feb 2020 09:19:08 GMT
server: cloudflare
etag: W/"5e58db0c-9fd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=S5gwwHz0mZd0NNEnx9Qd69N8jF7SWVX1F72XoiLAg9ZcTEaSn6EoEHTUFWncQVFtwt0nWxY9OV4AshZ8IcgaljPe1jREL8n7m%2BokiWsSvPbIm4K5bWqaK6rx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 5f182a4fbd370621-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 body-scroll-lock.min.js Show response
yoroi.company/wp-content/plugins/slick-menu/assets/vendors/body-scroll-lock/ 3 KB
1 KB 46ms
40ms Script
application/javascript 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://yoroi.company/wp-content/plugins/slick-menu/assets/vendors/body-scroll-lock/body-scroll-lock.min.js?ver=1.2.7

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d947b55573f76b9876038798590599aef4ec471cd0b44a41438b02ae00fcee5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 11:31:14 GMT
x-ac: 1.hhn _atomic_dca
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 58032
status: 200
content-encoding: br
cf-request-id: 0662f8c5f900000621080d5000000001
last-modified: Fri, 28 Feb 2020 09:19:08 GMT
server: cloudflare
etag: W/"5e58db0c-b15"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SONVwPVg4wRSl6syEQR%2FCMpIIxvoFGJ83bYl7BlW5anBxM3jVqT1T%2B7RXL3%2FmeovqWYtvplQELaojduqAWy3tfeAE%2BJ8fE%2FQsOSsbGysBn0fQWBNpoNtblJs"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 5f182a4ffdda0621-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 utils.min.js Show response
yoroi.company/wp-content/plugins/slick-menu/assets/js/ 18 KB
7 KB 47ms
41ms Script
application/javascript 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://yoroi.company/wp-content/plugins/slick-menu/assets/js/utils.min.js?ver=1.2.7

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72056b7312d491a672a34df38cc3b593a84575235819a88239e5b8330bd5dea8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 11:31:14 GMT
x-ac: 1.hhn _atomic_dca
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 58032
status: 200
content-encoding: br
cf-request-id: 0662f8c5f900000621e3b5b000000001
last-modified: Fri, 28 Feb 2020 09:19:08 GMT
server: cloudflare
etag: W/"5e58db0c-490c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iq97aCqrFXlzdovFY5kiBCRoV0CMqYXXfTAZrXohQ6MZIciOp8GpGGdh3Pf5aRKyvdXO%2BkOaf9rJkrMWEXEKDRDWXC5nUQOMtz8IsSVxc9J0I1oQXqQ3%2BGLN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 5f182a4ffddc0621-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 slickmenu.min.js Show response
yoroi.company/wp-content/plugins/slick-menu/assets/js/ 34 KB
8 KB 48ms
42ms Script
application/javascript 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://yoroi.company/wp-content/plugins/slick-menu/assets/js/slickmenu.min.js?ver=1.2.7

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35a207ef97e50fe3d9090292bb653b8f9a676bba3b961fd9242f97af39b8b768

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 11:31:14 GMT
x-ac: 1.hhn _atomic_dca
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 58032
status: 200
content-encoding: br
cf-request-id: 0662f8c5f900000621f2859000000001
last-modified: Fri, 28 Feb 2020 09:19:08 GMT
server: cloudflare
etag: W/"5e58db0c-8618"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=W1Q41Ei4m38Yclyb5QVhN4N5FW2BeadPHfc0ttlpr%2Fb8UE15To0oL45wH9bFdT%2FZ7h28v3fhC3Lnp49FrccbUbqImf3O6685PgHNkt%2Bzy3tPYHH0Jq52rLj9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 5f182a4ffddd0621-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 frontend.min.js Show response
yoroi.company/wp-content/plugins/slick-menu/assets/js/ 22 KB
7 KB 49ms
43ms Script
application/javascript 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://yoroi.company/wp-content/plugins/slick-menu/assets/js/frontend.min.js?ver=1.2.7

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b66da3f27a3aa48171829b9e331147187ceb6a4f38b444808525de6bb0bf604

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 11:31:14 GMT
x-ac: 1.hhn _atomic_dca
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 58032
status: 200
content-encoding: br
cf-request-id: 0662f8c5f900000621f1bb2000000001
last-modified: Fri, 28 Feb 2020 09:19:08 GMT
server: cloudflare
etag: W/"5e58db0c-567d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5dB0W0aPBTDxCVqmrfLnSlwg%2Bd9WK00soqZHSqH069vATQnrijgVohXF%2FdG%2FVYo583ASvrhRKbbYCreyY80kASNB56hI0WuIHn00AknMmC8c5TEzbZAeoUMU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 5f182a4ffdde0621-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 926
date: Fri, 13 Nov 2020 11:15:48 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Fri, 13 Nov 2020 13:15:48 GMT

GET
H2 200 QGYsz_wNahGAdqQ43Rh_fKDptfpA4Q.woff2
fonts.gstatic.com/s/worksans/v8/ 44 KB
44 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/worksans/v8/QGYsz_wNahGAdqQ43Rh_fKDptfpA4Q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans:100,200,300,400,500,600,700,800,900|Work+Sans:100,200,300,400,500,600,700,800,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbfcf009369ed480448ca6b89f9586d80ecc4d150fbe317db5a27ad43617a8c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://yoroi.company
Referer: https://fonts.googleapis.com/css?family=Work+Sans:100,200,300,400,500,600,700,800,900|Work+Sans:100,200,300,400,500,600,700,800,900
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 12 Nov 2020 19:30:33 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Jun 2020 02:42:54 GMT
server: sffe
age: 57641
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45196
x-xss-protection: 0
expires: Fri, 12 Nov 2021 19:30:33 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/rCr6uVkhcBxHr-Uhry4bcSYc/ 335 KB
130 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/rCr6uVkhcBxHr-Uhry4bcSYc/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LfTr-AUAAAAANb_RvhTeWu00N_K6josD9XFY1OD&ver=3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8b4b2ca6272d6a145c9d5e85a0adf9413875ff9e231a92eabe9f6e947dc9354

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://yoroi.company
Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 10:40:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3064
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133476
x-xss-protection: 0
last-modified: Mon, 09 Nov 2020 05:27:47 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 13 Nov 2021 10:40:10 GMT

GET
H3-Q050 200 anchor
www.google.com/recaptcha/api2/ Frame C278 0
0 67ms
52ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfTr-AUAAAAANb_RvhTeWu00N_K6josD9XFY1OD&co=aHR0cHM6Ly95b3JvaS5jb21wYW55OjQ0Mw..&hl=en&v=rCr6uVkhcBxHr-Uhry4bcSYc&size=invisible&cb=wb00ade6y9oc

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rCr6uVkhcBxHr-Uhry4bcSYc/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Qu2BBKx4ZENfxbdLaVI4sg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LfTr-AUAAAAANb_RvhTeWu00N_K6josD9XFY1OD&co=aHR0cHM6Ly95b3JvaS5jb21wYW55OjQ0Mw..&hl=en&v=rCr6uVkhcBxHr-Uhry4bcSYc&size=invisible&cb=wb00ade6y9oc
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 13 Nov 2020 11:31:14 GMT
content-security-policy: script-src 'report-sample' 'nonce-Qu2BBKx4ZENfxbdLaVI4sg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 9941
server: GSE
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST collect
www.google-analytics.com/j/ 0
0

GET
H2 200 refill Show response
yoroi.company/wp-json/contact-form-7/v1/contact-forms/223/ 2 B
659 B 518ms
517ms XHR
application/json 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://yoroi.company/wp-json/contact-form-7/v1/contact-forms/223/refill

Requested by

Host: yoroi.company
URL: https://yoroi.company/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nananana: Batcache-Set
date: Fri, 13 Nov 2020 11:31:15 GMT
x-ac: 1.hhn _atomic_dca
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
host-header: WordPress.com
content-encoding: br
vary: Accept-Encoding, Cookie, Origin
cf-request-id: 0662f8c79f00000621651de000000001
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
allow: GET
x-robots-tag: noindex
last-modified: Fri, 13 Nov 2020 11:31:15 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wxAK5YFsUQXJyTe6ioZkuG%2Blf1B6q2A6l9F%2Bux4lao1mTOnUCLz4LLS%2BdPYxzewVJoMhso7SBwn1dk9cu1%2F7UgPEHCErdUfnxy3c3H3lFYoTOLyGifJ7mkx2"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=UTF-8
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
cache-control: max-age=300, must-revalidate
cf-ray: 5f182a529bd50621-FRA
link: <https://yoroi.company/wp-json/>; rel="https://api.w.org/"

GET
H3-Q050 200 anchor
www.google.com/recaptcha/api2/ Frame C0D1 0
0 111ms
110ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfTr-AUAAAAANb_RvhTeWu00N_K6josD9XFY1OD&co=aHR0cHM6Ly95b3JvaS5jb21wYW55OjQ0Mw..&hl=en&v=rCr6uVkhcBxHr-Uhry4bcSYc&size=invisible&cb=wb00ade6y9oc

Requested by

Host: yoroi.company
URL: https://yoroi.company/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SrRvPpsWQEWgUshxEVii7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LfTr-AUAAAAANb_RvhTeWu00N_K6josD9XFY1OD&co=aHR0cHM6Ly95b3JvaS5jb21wYW55OjQ0Mw..&hl=en&v=rCr6uVkhcBxHr-Uhry4bcSYc&size=invisible&cb=wb00ade6y9oc
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 13 Nov 2020 11:31:15 GMT
content-security-policy: script-src 'report-sample' 'nonce-SrRvPpsWQEWgUshxEVii7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 10062
server: GSE
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 boom.gif
pixel.wp.com/ 0
51 B 46ms
14ms Image
text/plain 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/boom.gif?bilmur=1&cumulative_layout_shift=0.594&largest_contentful_paint=2430&provider=wordpress.com&service=atomic&effective_connection_type=4g&host_name=yoroi.company&url_path=%2Fresearch%2Fcyber-criminal-espionage-operation-insists-on-italian-manufacturing%2F&navtime_dns=14&navtime_tcp=20&navtime_tls=32&navtime_ttfb=900&navtime_download=924&navtime_load=2939&navtime_dcl=2342&start_render=2004&first_contentful_paint=2430&resource_size=1222569&resource_transferred=391591&js_size=394416&js_transferred=129323&resource_cache_percent=0&js_cache_percent=0&last_resource_end=2938
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Fri, 13 Nov 2020 11:31:17 GMT
cache-control: no-cache
server: nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/j/collect?v=1&_v=j87&aip=1&a=712289938&t=pageview&_s=1&dl=https%3A%2F%2Fyoroi.company%2Fresearch%2Fcyber-criminal-espionage-operation-insists-on-italian-manufacturing%2F&ul=en-us&de=UTF-8&dt=Cyber-Criminal%20espionage%20Operation%20insists%20on%20Italian%20Manufacturing%20-%20Yoroi&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1940971820&gjid=816746194&cid=599628395.1605267075&tid=UA-54504571-1&_gid=1094552375.1605267075&_r=1&_slc=1&z=553232376

Verdicts & Comments Add Verdict or Comment

102 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.yoroi.company/	1970-01-19 13:54:27	Name: _gat Value: 1
.yoroi.company/	1970-01-20 07:25:39	Name: _ga Value: GA1.2.599628395.1605267075
.yoroi.company/	1970-01-19 13:55:53	Name: _gid Value: GA1.2.1094552375.1605267075
.yoroi.company/	1970-01-19 14:37:39	Name: __cfduid Value: d0fba4c1a5abc1239469b8ae359169a3a1605267072

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/(Line 1161) Message: %c 🛡️ YOROI® 🛡️ font-weight: bold; color: #c40030; font-size: 80px; text-align: center

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
fonts.googleapis.com
fonts.gstatic.com
lh3.googleusercontent.com
lh4.googleusercontent.com
lh5.googleusercontent.com
lh6.googleusercontent.com
pixel.wp.com
s0.wp.com
www.google-analytics.com
www.google.com
www.gstatic.com
yoroi.company
www.google-analytics.com
192.0.76.3
192.0.77.32
2606:4700:3035::681f:45d6
2a00:1450:4001:801::2003
2a00:1450:4001:801::200e
2a00:1450:4001:803::2001
2a00:1450:4001:809::2004
2a00:1450:4001:81d::2003
2a00:1450:4001:81e::2001
2a00:1450:4001:81f::200a
2a04:4e42:3::621
0393ca3e78ea20df43fe2aeb0b0edfaa8207dec4555bbc7afe49acc07a16eafd
048e7b54fbc9022c80b0bf1144f55baaf814f91fe575515dbd4263634317013f
0be502b9446e16b338d36ccadac232f4a68ab74655f98fec415ccdbbccbf5729
0efbb0e114f9f0dd7d5b2205243474376ea75b11a72086412f9dccda5f3868ed
11afa87705977e06be751fce8cebbeecc0c93e5b5d90d0055ab3936a57eac385
125ec330f66081e7dc9f2814e9ec18f4e2d0baa1936d497375eedfda7ac12e5c
1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e
1c594062728319da3ecaa98c4c0b930b07d5e64207eb6e4987d4fcbff9134768
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1dc6d2d43514d1d8956877d1f2ef347cd5abdb8ecf8e47aba59d87b8a6da49bb
23e7c9ba61971cd992dc23560b8ae84b4c6e7292c7ad1a33c490ef4255f5b36a
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2a2cf9a938c52aa4159c61435eae29f96a0abbbe0528afe1f98a63d9431218ea
2deb67a6ea5e9e0e254330515f7aa291a07618b72715a63971274378cd4d06c4
35a207ef97e50fe3d9090292bb653b8f9a676bba3b961fd9242f97af39b8b768
3c23e9a47403b2586844292fbc79cc03567ceba2f285cbfdbe0dc57814ce88af
4460f1596174d06cca957fdaca2c71e1a377cf1d6f07ee4c75ffb3bf3fc97a03
49cf0f2de45929d5674df4377cfc2363324674ca4dfdef454bc1dfeebcec9ca5
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
50c5ded8f5b1d438955ba152608e8355210da6b23a4e84fb34b4397087f5c2a3
52f668d0c674f4029e8e4ff528bcc1e51307e6568c03c9c6a4d3ba6c9ac1302e
547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a
57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37
5ea057066074e145942ce7d17112e74a6f88850c8d450ada79c920e78263ee94
5fd50e41f2ce65b53589fb6ca59a03d2fc269d65db66f8c0b29fc5bc8ba84d08
619141470330575142621c135c649a73bcb592cda6834dfe9e1da185d1066880
62aecf5afa3266b749d56fd10300316d07ae7b5d995b4b862bf8e629bb950093
65158a29c17b7bd93fcb3409b97eda74a7c090d932a9ce494adb9f82d737894d
6b66da3f27a3aa48171829b9e331147187ceb6a4f38b444808525de6bb0bf604
6cf390024b9fb02ae1756d257499f568393acc60c76ae6b13ce986a46f396e34
72056b7312d491a672a34df38cc3b593a84575235819a88239e5b8330bd5dea8
797aa2ba5e3eb09bebee4a64989f3a5554e475a203c55ba08b82c99a09767914
806548b84857dbb3a3243a0d7c0aedc2afd647bf96b48de90985df9591ca4a4a
818b6cee88115de0ce32e93ec25d7ff9d675199286ff470d71117a3d97b2991a
81d95e3d8d470a9de65b68baab1200d56b39a812e7717d7d294910a37d635dd3
873ec0a245593ff878fd6a363dd4ce3ef3d2292eaea64cd332d163f2cb7543d0
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
9124a6fd00e218d97037cdcbc7ea4c40c73d95bd19da2a6a477789f1daa0bf7f
97470c6fac60d3431c7309907a10d67d0356b563c7bab67f7a44301d4164ac38
97982680a892d29f743ce32b99fb340cc4a186769e56380998145868781f4ebe
98619b62f2320249ce5e6850e5e5e5040d348b2f9a80467a7d0306069134d35e
a5e4f9b4fcb23c33ecee407b2b25cd0216c141a6e169d78dcef21437fe9fa699
aef711d1643073ab593de1d958ee854d6f63339cb216eda43666fb9dfcebffd0
af73c24ded3f2637540ae5b80bacf564d968a70443f4a405182fb42c8a19c91b
bbd10de48b5659ee4ad78af5514039eb393580d9ffc2e4cf6d9b24fb63532520
bf4d20b28de8c7f77428b24325ec3afb39b6f7e277f6b61666f3a0a17cc3b42b
c63a636fec47c33c1f90b009d2f95830d3492083c04e429cda86914834714967
cbfcf009369ed480448ca6b89f9586d80ecc4d150fbe317db5a27ad43617a8c8
cd26fabb30132bf676ebbea7cab03130fb76d6b6b3458ca43633f43ac66629c7
d51089ba164e46643145dc475cce83e53896a1e6541c68b20d841c1ab24e65b9
d947b55573f76b9876038798590599aef4ec471cd0b44a41438b02ae00fcee5b
dc1a3a3bf97eada084f65b5d87085ddb8d3a76a9e450c6a41211e1698048de91
dc51ed5137587b9033d06b65d9456d6d69dc52a4005cc51b2d23f85e69d4f8c8
e0bb1538283f86489fcc078facca1890f8c564ac5584ef68f444be7c454b1bae
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
f349f68dd834591897a2b648193d96446427a388772b17163e166c17bf4bb5f4
f498badc611203564d7b2dbe60aa71a8cfd99f33dd2f1dd339659ee637cfda98
f8b4b2ca6272d6a145c9d5e85a0adf9413875ff9e231a92eabe9f6e947dc9354
fbf8ab57db7f9981bd71d79c7daaa01a3c578ffa0aa8e9b4a9b2bfe2e9927427
ffada9a789139fda6ea91b3db07de8109264ba27a849900c80b80430cb3b9186

yoroi.company Open in urlscan Pro 2606:4700:3035::681f:45d6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

64 Requests

98 %HTTPS

82 %IPv6

8 Domains

13 Subdomains

12 IPs

3 Countries

1851 kBTransfer

3032 kBSize

4 Cookies

6 Outgoing links

Redirected requests

64 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

yoroi.company Open in urlscan Pro
2606:4700:3035::681f:45d6 Public Scan

Screenshot
Live screenshot

Full Image

64
Requests

98 %
HTTPS

82 %
IPv6

8
Domains

13
Subdomains

12
IPs

3
Countries

1851 kB
Transfer

3032 kB
Size

4
Cookies

64 HTTP transactions
0 data transactions