www.welivesecurity.com
Open in
urlscan Pro
2a02:26f0:1700:16::b856:fbd4
Public Scan
URL:
https://www.welivesecurity.com/en/eset-research/sponsor-batch-filed-whiskers-ballistic-bobcats-scan-strike-backdoor/
Submission: On September 12 via api from TR — Scanned from DE
Submission: On September 12 via api from TR — Scanned from DE
Summary
This website contacted 13 IPs
in 3 countries
across 9 domains to perform 75 HTTP transactions.
The main IP is 2a02:26f0:1700:16::b856:fbd4, located in
Frankfurt am Main, Germany and
belongs to AKAMAI-ASN1, NL.
The main domain is www.welivesecurity.com.
The Cisco Umbrella rank of the primary domain is 368422.
TLS certificate: Issued by Thawte ECC CA 2018 on January 24th 2023. Valid for: a year.
This is the only time www.welivesecurity.com was scanned on urlscan.io!
TLS certificate: Issued by Thawte ECC CA 2018 on January 24th 2023. Valid for: a year.
This is the only time www.welivesecurity.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 19 | 2a02:26f0:170... 2a02:26f0:1700:16::b856:fbd4 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
| 12 | 52.142.86.50 52.142.86.50 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 1 | 199.232.196.134 199.232.196.134 | 54113 (FASTLY) (FASTLY) | |
| 2 | 2a00:1450:400... 2a00:1450:4001:811::2008 | 15169 (GOOGLE) (GOOGLE) | |
| 3 | 2a00:1450:400... 2a00:1450:4001:800::200e | 15169 (GOOGLE) (GOOGLE) | |
| 2 | 2620:1ec:46::45 2620:1ec:46::45 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 4 | 151.101.192.134 151.101.192.134 | 54113 (FASTLY) (FASTLY) | |
| 3 | 199.232.192.134 199.232.192.134 | 54113 (FASTLY) (FASTLY) | |
| 1 | 2001:4860:480... 2001:4860:4802:34::36 | 15169 (GOOGLE) (GOOGLE) | |
| 18 | 2600:9000:205... 2600:9000:2057:200:6:8656:f5c0:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:80e::200a | 15169 (GOOGLE) (GOOGLE) | |
| 5 | 2a00:1450:400... 2a00:1450:4001:801::2003 | 15169 (GOOGLE) (GOOGLE) | |
| 75 | 13 |
19
2a02:26f0:1700:16::b856:fbd4
(Frankfurt am Main, Germany)
ASN20940 (AKAMAI-ASN1, NL)
ASN20940 (AKAMAI-ASN1, NL)
| www.welivesecurity.com |
12
52.142.86.50
(Dublin, Ireland)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| web-assets.esetstatic.com |
2
2a00:1450:4001:811::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
3
2a00:1450:4001:800::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.google-analytics.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 19 |
welivesecurity.com
www.welivesecurity.com — Cisco Umbrella Rank: 368422 |
2 MB |
| 18 |
disquscdn.com
c.disquscdn.com — Cisco Umbrella Rank: 5453 |
358 KB |
| 14 |
esetstatic.com
web-assets.esetstatic.com cdn.esetstatic.com — Cisco Umbrella Rank: 684176 |
546 KB |
| 8 |
disqus.com
welivesecurity.disqus.com disqus.com — Cisco Umbrella Rank: 1230 tempest.services.disqus.com Failed referrer.disqus.com — Cisco Umbrella Rank: 7774 |
56 KB |
| 5 |
gstatic.com
fonts.gstatic.com |
81 KB |
| 4 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 49 region1.google-analytics.com — Cisco Umbrella Rank: 1977 |
21 KB |
| 2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62 |
180 KB |
| 1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 58 |
1 KB |
| 0 |
go-mpulse.net
Failed
s.go-mpulse.net Failed |
|
| 75 | 9 |
| Domain | Requested by | |
|---|---|---|
| 19 | www.welivesecurity.com |
www.welivesecurity.com
|
| 18 | c.disquscdn.com |
disqus.com
c.disquscdn.com |
| 12 | web-assets.esetstatic.com |
www.welivesecurity.com
|
| 5 | fonts.gstatic.com |
fonts.googleapis.com
|
| 4 | disqus.com |
welivesecurity.disqus.com
c.disquscdn.com |
| 3 | referrer.disqus.com |
www.welivesecurity.com
|
| 3 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
| 2 | cdn.esetstatic.com |
www.googletagmanager.com
|
| 2 | www.googletagmanager.com |
www.welivesecurity.com
www.googletagmanager.com |
| 1 | fonts.googleapis.com |
client
|
| 1 | region1.google-analytics.com |
www.googletagmanager.com
|
| 1 | welivesecurity.disqus.com |
www.welivesecurity.com
|
| 0 | tempest.services.disqus.com Failed |
welivesecurity.disqus.com
|
| 0 | s.go-mpulse.net Failed |
www.welivesecurity.com
|
| 75 | 14 |
This site contains links to these domains. Also see Links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| www.welivesecurity.com Thawte ECC CA 2018 |
2023-01-24 - 2024-02-02 |
a year | crt.sh |
| api.cms.eset.com R3 |
2023-09-02 - 2023-12-01 |
3 months | crt.sh |
| *.disqus.com Sectigo RSA Domain Validation Secure Server CA |
2023-04-13 - 2024-04-20 |
a year | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2023-08-14 - 2023-11-06 |
3 months | crt.sh |
| cdn.esetstatic.com Thawte RSA CA 2018 |
2022-11-11 - 2023-11-11 |
a year | crt.sh |
| a.disquscdn.com Amazon RSA 2048 M01 |
2023-08-31 - 2024-09-27 |
a year | crt.sh |
| upload.video.google.com GTS CA 1C3 |
2023-08-14 - 2023-11-06 |
3 months | crt.sh |
| *.gstatic.com GTS CA 1C3 |
2023-08-14 - 2023-11-06 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://www.welivesecurity.com/en/eset-research/sponsor-batch-filed-whiskers-ballistic-bobcats-scan-strike-backdoor/
Frame ID: A6250C5F8FE8B1AE3FBFCE6FD09BB78F
Requests: 46 HTTP requests in this frame
Frame:
https://s.go-mpulse.net/boomerang/7R9SM-QGSYF-QDLJK-UETXR-SPM6B
Frame ID: A8BE5CCFDFFC7826E5146063FA7B4AED
Requests: 1 HTTP requests in this frame
Frame:
https://disqus.com/embed/comments/?base=default&f=welivesecurity&t_i=Sponsor%20with%20batch-filed%20whiskers%3A%20Ballistic%20Bobcat%E2%80%99s%20scan%20and%20strike%20backdoor&t_u=https%3A%2F%2Fwww.welivesecurity.com%2Fen%2Feset-research%2Fsponsor-batch-filed-whiskers-ballistic-bobcats-scan-strike-backdoor%2F&t_e=29809&t_d=Sponsor%20with%20batch-filed%20whiskers%3A%20Ballistic%20Bobcat%E2%80%99s%20scan%20and%20strike%20backdoor&t_t=29809&s_o=default&l=en
Frame ID: D5361D9CEF433E3FA5F9149B6B5835A1
Requests: 29 HTTP requests in this frame
Screenshot
Page Title
Sponsor with batch-filed whiskers: Ballistic Bobcat’s scan and strike backdoorDetected technologies
Vue.js
(JavaScript Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <[^>]+\sdata-v(?:ue)?-
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googletagmanager\.com/ns\.html[^>]+></iframe>
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Page Statistics
40 Outgoing links
These are links going to different origins than the main page.
URL: https://research.checkpoint.com/2022/apt35-exploits-log4j-vulnerability-to-distribute-new-modular-powershell-toolkit/
Title: Iran-aligned advanced persistent threat group
Title: Iran-aligned advanced persistent threat group
Search URL Search Domain Scan URL
URL: https://www.cisa.gov/uscert/ncas/alerts/aa21-321a
Title: CISA reported in November 2021
Title: CISA reported in November 2021
Search URL Search Domain Scan URL
URL: https://www.cybereason.com/blog/research/powerless-trojan-iranian-apt-phosphorus-adds-new-powershell-backdoor-for-espionage
Title: PowerLess backdoor
Title: PowerLess backdoor
Search URL Search Domain Scan URL
URL: https://documentation.help/PuTTY/plink-usage.html
Title: Plink
Title: Plink
Search URL Search Domain Scan URL
URL: https://github.com/Ne0nd0g/merlin-agent
Title: Merlin agent
Title: Merlin agent
Search URL Search Domain Scan URL
URL: https://github.com/Ne0nd0g/merlin
Title: open-source post-exploitation C&C server and agent written in Go
Title: open-source post-exploitation C&C server and agent written in Go
Search URL Search Domain Scan URL
URL: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26855
Title: CVE-2021-26855
Title: CVE-2021-26855
Search URL Search Domain Scan URL
URL: https://github.com/IHosseini083/Host2IP
Title: hostname to an IP address
Title: hostname to an IP address
Search URL Search Domain Scan URL
URL: https://github.com/kost/revsocks
Title: RevSocks
Title: RevSocks
Search URL Search Domain Scan URL
URL: http://adn.bioinfo.uqam.ca/armadillo/index.html
Title: Armadillo PE packer
Title: Armadillo PE packer
Search URL Search Domain Scan URL
URL: https://github.com/ginuerzh/gost
Title: GOST
Title: GOST
Search URL Search Domain Scan URL
URL: https://github.com/jpillora/chisel
Title: Chisel
Title: Chisel
Search URL Search Domain Scan URL
URL: https://enigmaprotector.com/
Title: Enigma Protector software protection
Title: Enigma Protector software protection
Search URL Search Domain Scan URL
URL: https://www.nirsoft.net/utils/web_browser_password.html
Title: password recovery tool
Title: password recovery tool
Search URL Search Domain Scan URL
URL: https://github.com/chop-dbhi/sql-extractor
Title: tool
Title: tool
Search URL Search Domain Scan URL
URL: https://docs.microsoft.com/en-us/sysinternals/downloads/procdump
Title: ProcDump
Title: ProcDump
Search URL Search Domain Scan URL
URL: https://docs.microsoft.com/en-us/windows/win32/wmisdk/wmic
Title: WMIC
Title: WMIC
Search URL Search Domain Scan URL
URL: https://www.eset.com/int/business/services/threat-intelligence/?utm_source=welivesecurity.com&utm_medium=referral&utm_campaign=wls-research&utm_content=sponsor-batch-filed-whiskers-ballistic-bobcats-scan-strike-backdoor/
Title: ESET Threat Intelligence
Title: ESET Threat Intelligence
Search URL Search Domain Scan URL
URL: https://attack.mitre.org/resources/versions/
Title: version 13
Title: version 13
Search URL Search Domain Scan URL
URL: https://attack.mitre.org/versions/v13/techniques/T1595/
Title: T1595
Title: T1595
Search URL Search Domain Scan URL
URL: https://attack.mitre.org/versions/v13/techniques/T1587/001/
Title: T1587.001
Title: T1587.001
Search URL Search Domain Scan URL
URL: https://attack.mitre.org/versions/v13/techniques/T1588/002/
Title: T1588.002
Title: T1588.002
Search URL Search Domain Scan URL
URL: https://attack.mitre.org/versions/v13/techniques/T1190/
Title: T1190
Title: T1190
Search URL Search Domain Scan URL
URL: https://attack.mitre.org/versions/v13/techniques/T1059/003/
Title: T1059.003
Title: T1059.003
Search URL Search Domain Scan URL
URL: https://attack.mitre.org/versions/v13/techniques/T1569/002/
Title: T1569.002
Title: T1569.002
Search URL Search Domain Scan URL
URL: https://attack.mitre.org/versions/v13/techniques/T1543/003/
Title: T1543.003
Title: T1543.003
Search URL Search Domain Scan URL
URL: https://attack.mitre.org/versions/v13/techniques/T1078/003/
Title: T1078.003
Title: T1078.003
Search URL Search Domain Scan URL
URL: https://attack.mitre.org/versions/v13/techniques/T1140/
Title: T1140
Title: T1140
Search URL Search Domain Scan URL
URL: https://attack.mitre.org/versions/v13/techniques/T1027/
Title: T1027
Title: T1027
Search URL Search Domain Scan URL
URL: https://attack.mitre.org/versions/v13/techniques/T1555/003/
Title: T1555.003
Title: T1555.003
Search URL Search Domain Scan URL
URL: https://attack.mitre.org/versions/v13/techniques/T1018/
Title: T1018
Title: T1018
Search URL Search Domain Scan URL
URL: https://attack.mitre.org/versions/v13/techniques/T1001/
Title: T1001
Title: T1001
Search URL Search Domain Scan URL
URL: https://www.facebook.com/sharer/sharer.php?u=https://www.welivesecurity.com/en/eset-research/sponsor-batch-filed-whiskers-ballistic-bobcats-scan-strike-backdoor/
Search URL Search Domain Scan URL
URL: https://www.linkedin.com/shareArticle?mini=true&url=https://www.welivesecurity.com/en/eset-research/sponsor-batch-filed-whiskers-ballistic-bobcats-scan-strike-backdoor/
Search URL Search Domain Scan URL
URL: https://twitter.com/intent/tweet?url=https://www.welivesecurity.com/en/eset-research/sponsor-batch-filed-whiskers-ballistic-bobcats-scan-strike-backdoor/
Search URL Search Domain Scan URL
URL: https://www.eset.com/?utm_source=welivesecurity.com&utm_medium=referral&utm_campaign=autotagging&utm_content=eset-research&utm_term=en
Title: ESET
Title: ESET
Search URL Search Domain Scan URL
URL: https://www.facebook.com/eset/
Search URL Search Domain Scan URL
URL: https://youtube.com/esetglobal
Search URL Search Domain Scan URL
URL: https://twitter.com/ESET
Search URL Search Domain Scan URL
URL: https://www.linkedin.com/company/eset
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
75 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
www.welivesecurity.com/en/eset-research/sponsor-batch-filed-whiskers-ballistic-bobcats-scan-strike-backdoor/ |
291 KB 41 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
FedraSansAltPro-BookLF-405f3258.woff
www.welivesecurity.com/build/assets/ |
163 KB 167 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
FedraSansAltPro-BoldLF-31f4bc72.woff
www.welivesecurity.com/build/assets/ |
162 KB 166 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
FedraSansAltPro-DemiLF-8885b886.woff
www.welivesecurity.com/build/assets/ |
164 KB 168 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ballistic-bobcat-sponsoring-access-backdoor.jpeg
web-assets.esetstatic.com/tn/-x425/wls/2023/2023-8/ |
50 KB 51 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
article-header-f26fbc4e.js
www.welivesecurity.com/build/assets/ |
428 B 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
app-4334a940.css
www.welivesecurity.com/build/assets/ |
296 KB 36 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Adam-Burgher.jpg
web-assets.esetstatic.com/tn/-x45/wls/2021/06/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
map-apt42-1.png
web-assets.esetstatic.com/wls/2023/2023-8/ |
102 KB 103 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
map-apt42.png
web-assets.esetstatic.com/wls/2023/2023-8/ |
51 KB 51 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
map-apt42-1-2.png
web-assets.esetstatic.com/wls/2023/2023-8/ |
34 KB 35 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
map-apt42-1-2-3.png
web-assets.esetstatic.com/wls/2023/2023-8/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
map-apt42-1-2-3-4.png
web-assets.esetstatic.com/wls/2023/2023-8/ |
25 KB 26 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
map-apt42-1-2-3-4-5.png
web-assets.esetstatic.com/wls/2023/2023-8/ |
27 KB 28 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
eset-threat-intelligence.png
web-assets.esetstatic.com/wls/2022/12/ |
83 KB 84 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fantasy-agrius-wiper-supply-chain-attack.jpg
web-assets.esetstatic.com/tn/-x82/wls/2022/12/ |
4 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
moustache-bouncer-1920x1080.jpeg
web-assets.esetstatic.com/tn/-x82/wls/2023/2023-8/ |
4 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
eset-research-backdoordiplomacy-quarian-turian-apt.jpg
web-assets.esetstatic.com/tn/-x82/wls/2021/06/ |
5 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
threat_report-62ed83aa.webp
www.welivesecurity.com/build/assets/ |
19 KB 23 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
app-7a4ecde0.js
www.welivesecurity.com/build/assets/ |
80 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
search-7d9f58b7.js
www.welivesecurity.com/build/assets/ |
276 KB 88 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
_commonjsHelpers-042e6b4d.js
www.welivesecurity.com/build/assets/ |
725 B 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
prism-40494b65.css
www.welivesecurity.com/build/assets/ |
2 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
prism-40d1b0a4.js
www.welivesecurity.com/build/assets/ |
66 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
article-e3625c4c.css
www.welivesecurity.com/build/assets/ |
23 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
article-36d9172f.js
www.welivesecurity.com/build/assets/ |
140 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
7R9SM-QGSYF-QDLJK-UETXR-SPM6B
s.go-mpulse.net/boomerang/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
671 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
FedraSansAltPro-MediumLF-261e3ac5.woff
www.welivesecurity.com/build/assets/ |
166 KB 170 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
FedraSansAltPro-BookItalicLF-4cad214a.woff
www.welivesecurity.com/build/assets/ |
162 KB 166 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
FedraSansAltPro-BoldItalicLF-ec9eb351.woff
www.welivesecurity.com/build/assets/ |
169 KB 173 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Consolas-58a1668c.woff
www.welivesecurity.com/build/assets/ |
260 KB 264 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
7R9SM-QGSYF-QDLJK-UETXR-SPM6B
s.go-mpulse.net/boomerang/ Frame A8BE |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
embed.js
welivesecurity.disqus.com/ |
78 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
FedraSansAltPro-LightLF-ec800a5b.woff
www.welivesecurity.com/build/assets/ |
159 KB 163 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gtm.js
www.googletagmanager.com/ |
315 KB 102 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
218 KB 78 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
app.min.css
cdn.esetstatic.com/cookie-consent/v3/ |
20 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
app.min.js
cdn.esetstatic.com/cookie-consent/v3/ |
380 KB 139 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
disqus.com/embed/comments/ Frame D536 |
8 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
/
tempest.services.disqus.com/ads-iframe/taboola/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
/
tempest.services.disqus.com/ads-iframe/taboola/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
event.gif
referrer.disqus.com/juggler/ |
43 B 339 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
event.gif
referrer.disqus.com/juggler/ |
43 B 339 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
www.google-analytics.com/j/ |
3 B 213 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
region1.google-analytics.com/g/ |
0 259 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
lounge.load.f9c4c75bd5c23dc9bd1f32eaaba242db.js
c.disquscdn.com/next/embed/ Frame D536 |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
common.bundle.f2a270bb37834887ad900431f6cb27eb.js
c.disquscdn.com/next/embed/ Frame D536 |
280 KB 93 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
lounge.dbc47866f009f9d6f1556cd58214d9a3.css
c.disquscdn.com/next/embed/styles/ Frame D536 |
233 KB 33 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
collect
www.google-analytics.com/ |
35 B 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
lounge.bundle.574713473abf916854d0e3a42b4a248d.js
c.disquscdn.com/next/embed/ Frame D536 |
513 KB 129 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
config.js
disqus.com/next/ Frame D536 |
19 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
details
disqus.com/api/3.0/forums/ Frame D536 |
4 KB 4 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css2
fonts.googleapis.com/ Frame D536 |
11 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
loadReactions
disqus.com/api/3.0/threadReactions/ Frame D536 |
1 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
avatar92.jpg
c.disquscdn.com/uploads/forums/215/2520/ Frame D536 |
3 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame D536 |
13 KB 13 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
loader.ba7c86e8b4b6135bb668d05223f8f127.gif
c.disquscdn.com/next/embed/assets/img/ Frame D536 |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
email.727e30eb9b6c1e85cb010b9c8eb04c7e.svg
c.disquscdn.com/next/embed/assets/img/ Frame D536 |
840 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
privacy.8c96be6b50de1c3fab838c5f050e0be5.svg
c.disquscdn.com/next/embed/assets/img/ Frame D536 |
891 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
warning.3bc0b4bff6c268a4ceaf404014b9be42.svg
c.disquscdn.com/next/embed/assets/img/ Frame D536 |
605 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sprite.ad630a07080a45451f139a7487853ff8.png
c.disquscdn.com/next/embed/assets/img/ Frame D536 |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
c.disquscdn.com/next/embed/assets/font/ Frame D536 |
8 KB 8 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D536 |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D536 |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D536 |
17 KB 17 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D536 |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D536 |
17 KB 17 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
upvote-512x512.png
c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/ Frame D536 |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
funny-512x512.png
c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/ Frame D536 |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
love-512x512.png
c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/ Frame D536 |
12 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
surprised-512x512.png
c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/ Frame D536 |
7 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
angry-512x512.png
c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/ Frame D536 |
20 KB 21 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sad-512x512.png
c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/ Frame D536 |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
event.gif
referrer.disqus.com/juggler/ Frame D536 |
43 B 339 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- s.go-mpulse.net
- URL
- https://s.go-mpulse.net/boomerang/7R9SM-QGSYF-QDLJK-UETXR-SPM6B
- Domain
- s.go-mpulse.net
- URL
- https://s.go-mpulse.net/boomerang/7R9SM-QGSYF-QDLJK-UETXR-SPM6B
- Domain
- tempest.services.disqus.com
- URL
- https://tempest.services.disqus.com/ads-iframe/taboola/?position=top&shortname=welivesecurity&experiment=prebidbidisrequired&variant=active&service=dynamic&anchorColor=%230d6efd&colorScheme=light&sourceUrl=https%3A%2F%2Fwww.welivesecurity.com%2Fen%2Feset-research%2Fsponsor-batch-filed-whiskers-ballistic-bobcats-scan-strike-backdoor%2F&typeface=sans-serif&canonicalUrl=https%3A%2F%2Fwww.welivesecurity.com%2Fen%2Feset-research%2Fsponsor-batch-filed-whiskers-ballistic-bobcats-scan-strike-backdoor%2F&disqus_version=current
- Domain
- tempest.services.disqus.com
- URL
- https://tempest.services.disqus.com/ads-iframe/taboola/?position=bottom&shortname=welivesecurity&experiment=prebidbidisrequired&variant=active&service=dynamic&anchorColor=%230d6efd&colorScheme=light&sourceUrl=https%3A%2F%2Fwww.welivesecurity.com%2Fen%2Feset-research%2Fsponsor-batch-filed-whiskers-ballistic-bobcats-scan-strike-backdoor%2F&typeface=sans-serif&canonicalUrl=https%3A%2F%2Fwww.welivesecurity.com%2Fen%2Feset-research%2Fsponsor-batch-filed-whiskers-ballistic-bobcats-scan-strike-backdoor%2F&disqus_version=current
Verdicts & Comments Add Verdict or Comment
35 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| documentPictureInPicture object| $current_language object| BOOMR_mq string| BOOMR_API_key object| BOOMR number| BOOMR_lstart function| disqus_config object| dataLayer number| uidEvent object| __VUE_INSTANCE_SETTERS__ boolean| __INTLIFY_PROD_DEVTOOLS__ boolean| __VUE_I18N_FULL_INSTALL__ boolean| __VUE_I18N_LEGACY_API__ boolean| __VUE__ object| DISQUS object| Prism object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady string| myDomain object| links object| gaplugins object| gaGlobal object| gaData object| regeneratorRuntime boolean| cookie_debug number| BOOMR_onload object| $cookiebar3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .welivesecurity.com/ | Name: _gid Value: GA1.2.780495654.1694484673 |
|
| .welivesecurity.com/ | Name: _ga Value: GA1.2.1302522921.1694484673 |
|
| .welivesecurity.com/ | Name: _ga_FBY6B30C4M Value: GS1.1.1694484672.1.0.1694484673.0.0.0 |
16 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Content-Security-Policy | default-src 'none'; child-src https://disqus.com https://vars.hotjar.com; connect-src 'self' http://ad.doubleclick.net https://*.akamaihd.net https://*.akstat.io https://*.eset.com https://*.hotjar.com https://*.hotjar.io https://adservice.google.com https://captcha.eset.com https://captcha.welivesecurity.com https://cc.welivesecurity.com https://cdn.esetstatic.com https://cdn.linkedin.oribi.io https://in.hotjar.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://trial-eum-clientnsv4-s.akamaihd.net https://trial-eum-clienttons-s.akamaihd.net https://vc.hotjar.io https://ws22.hotjar.com https://ws32.hotjar.com https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://www.opinionstage.com wss://*.hotjar.com wss://ws1.hotjar.com; font-src 'self' data: https://script.hotjar.com; frame-src 'self' https://*.slideshare.net https://bid.g.doubleclick.net https://c.disquscdn.com https://disqus.com https://m.facebook.com https://open.spotify.com/ https://platform.twitter.com https://player.vimeo.com https://share.transistor.fm https://tpc.googlesyndication.com https://vars.hotjar.com https://www.facebook.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.podbean.com https://www.screencast.com https://www.slideshare.net https://www.youtube-nocookie.com https://www.youtube.com; img-src 'self' data: https://*.ads.linkedin.com https://*.esetstatic.com https://adservice.google.com https://analytics.twitter.com https://c.disquscdn.com https://captcha.welivesecurity.com https://connect.facebook.net https://googleads.g.doubleclick.net https://px.ads.linkedin.com https://referrer.disqus.com https://region1.google-analytics.com https://script.hotjar.com https://secure.eset.com https://syndication.twitter.com https://t.co https://twitter.com https://www.facebook.com https://www.google-analytics.com https://www.google.al https://www.google.ba https://www.google.bf https://www.google.bg https://www.google.by https://www.google.ca https://www.google.cd https://www.google.ch https://www.google.co.ao https://www.google.co.il https://www.google.co.in https://www.google.co.jp https://www.google.co.ke https://www.google.co.ls https://www.google.co.ma https://www.google.co.tz https://www.google.co.za https://www.google.com.af https://www.google.com.au https://www.google.com.bd https://www.google.com.bh https://www.google.com.br https://www.google.com.co https://www.google.com.do https://www.google.com.eg https://www.google.com.gi https://www.google.com.gt https://www.google.com.hk https://www.google.com.kw https://www.google.com.ly https://www.google.com.mx https://www.google.com.ni https://www.google.com.pe https://www.google.com.ph https://www.google.com.pk https://www.google.com.sa https://www.google.com.sl https://www.google.com.tr https://www.google.com.tw https://www.google.com.vn https://www.google.cv https://www.google.cz https://www.google.es https://www.google.fi https://www.google.ge https://www.google.gm https://www.google.gy https://www.google.hn https://www.google.hr https://www.google.ie https://www.google.it https://www.google.je https://www.google.jo https://www.google.kg https://www.google.lt https://www.google.lu https://www.google.lv https://www.google.md https://www.google.mw https://www.google.no https://www.google.ps https://www.google.rs https://www.google.sk https://www.google.tg https://www.google.tn https://www.googletagmanager.com https://www.hotjar.com https://www.linkedin.com https://www.youtube.com; manifest-src 'none'; media-src 'self' https://web-assets.esetstatic.com; object-src 'self' https://content.screencast.com; prefetch-src https://c.disquscdn.com https://disqus.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://a.disquscdn.com https://assets.esetstatic.com https://cdn.esetstatic.com https://connect.facebook.net https://googleads.g.doubleclick.net https://platform.twitter.com https://script.hotjar.com https://snap.licdn.com https://static.ads-twitter.com https://static.hotjar.com https://tpc.googlesyndication.com https://welivesecurity.disqus.com https://www.google-analytics.com https://www.google.ie https://www.google.nl https://www.googleadservices.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.youtube.com; style-src 'self' 'unsafe-inline' https://assets.esetstatic.com https://c.disquscdn.com https://cdn.esetstatic.com; worker-src 'none'; report-uri https://www-welivesecurity-com.api.cspconsole.com/v1/csp/report; report-to default; |
| Strict-Transport-Security | max-age=15724800 |
| X-Content-Type-Options | nosniff |
| X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
c.disquscdn.com
cdn.esetstatic.com
disqus.com
fonts.googleapis.com
fonts.gstatic.com
referrer.disqus.com
region1.google-analytics.com
s.go-mpulse.net
tempest.services.disqus.com
web-assets.esetstatic.com
welivesecurity.disqus.com
www.google-analytics.com
www.googletagmanager.com
www.welivesecurity.com
s.go-mpulse.net
tempest.services.disqus.com
151.101.192.134
199.232.192.134
199.232.196.134
2001:4860:4802:34::36
2600:9000:2057:200:6:8656:f5c0:93a1
2620:1ec:46::45
2a00:1450:4001:800::200e
2a00:1450:4001:801::2003
2a00:1450:4001:80e::200a
2a00:1450:4001:811::2008
2a02:26f0:1700:16::b856:fbd4
52.142.86.50
0421af2e4ddea7340d1703f16de8be9871c993721b04a5d3be0fce9aa8cce73e
0589c5845288117448d7aa710af60618b151d78efd1a2653f89a0b57f7eb3de8
068753b8f09b32ad8a3283199c7252090d0076a56924df724dda72828ae31b95
079767d1e1f7fb68698e4015d2ccd28cd11a6c2f5da5f70620f9abf2e69482ac
0bc3f92dc96660c065730c77963fb93c77d4a188cac56dfb42027c021b3bfc69
108cf59bed7ca75530e3d60e2155ef33a7be8cd2ca9435dfeac9102d8a9b7b2c
11c401a81e32b086bea3798c033009907b429fb601411da6ffc266b78184898a
17dfdeb0ea6a4edf44cba4f38a953e89af8094d116796ef91157a2a86a459a1a
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1db3c6e3e3e0bfd9b41166c05b1e9ee28fd2cee985538e86d55d3282f0ccdb81
20a91bd509668238b6af8e16475c5e2611bcd2861d0eec2e0d4f6815e81449bd
261e3ac5dbb4ba8069ecba539a13b971d2e147981f4573e993410d8bd6de0037
2704e5c726dd0d45a31705515f4a2bf97a243631ebce450b50a4dcbdd19ae430
27d64a262c25a8413b75c36c5f2df89d8af29c4297c07506b994ed67fea91a23
29468183b9731a01683ea00107c2985b45e12fb75cc6f358076680a6ff06e74e
2dd4f0de7b9c5040cb096139a80dba2da3afea7b74208b23a1cbc15d3120ab04
31f4bc726f2849a3c8f77f8432b635d2d4529a3ff80b669fc9e21b0ed1c81ea7
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
37550ade1724cca729c232844026303ffc47fe4411565977929110da29cdc20b
40494b653a0f9485c88432191eaace18e7dff8646f45114d6007fe19da129e34
405f32580b4440f0ddf2af9fcfd37fc9a863fde26b57b5623a9b188d61d47166
4334a940c52a819d70930ee33e3b6cbfdc4b72bf9d2021c8cb064239fc7f5718
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
4cad214a2eeb48599ea314d32d2685f6554fe548be21add2f606db059530506e
4dbc45bd7ed8caf2aeeae8de34e519d874987d5285c79b5b4a93a1d670a929c4
4e14ce1bd0d4433eee84cbb16196a7a051126f07af888ef7f9d252120f32f907
4f36f428f56fa9cb889a0a81ce9946382bc01e4b13fdd34a5132e623c819d6d0
52b23ed5afe0b2149a5c454ef1ff3431139c2fc9bbc55755269e28684a9df443
547d64d9586e701e83fd750596ba4ad00437294bbb2377e68d38823b0d097911
58a1668cd118c21300e88b973c712f2dbc95a8cae66ee0f92f45c976db327dcf
595bb48603d501412762f295f3b659ebe9486a08f91e871bdc6999a1755e434e
5ccf555a71073c89180947bce7328adf72a3ba726c04548356c916f61e5fcd2b
61779c74768b5eb298860ceb7d7cf06f2b228fdc53df72b530490a792a5b8a59
62ed83aaae9dfcb27b61d8119a0682a3f9f7e24fe8daf7049bd8709ed84ee8f1
644fbb688b94c602990a4988d379d439a5151ea782e06496cb6347cbbb64e49d
6572478fbf8e29ee8109a22286fd9f82330fae739c518b58d5f37df25e17ea37
6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8885b88667beb8538140ecc550853e59d12e85fbd73dd70d4487b6cc757d8a2b
8b67a0820b92ad626dd7204b203736274c68fa2cb1a107077d571e60f6dedf96
8f392bee1d2418d564d359de53a54a262c74c466d8be343a77e8ce7acfd636c5
956f61e41e263b6074a58cbcb2eb181014e8c8e277388ebd98cc0d59921577f4
9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3
9776fb3c3366aeb04a550162caf3ac80ae37cf0e8aa0f36b59a4ddfe17af623d
9abd76a570978a6e72fbed97f1142cb2e7b4fa20b22a1241fefbce251416bf7e
a657bedd3bc0c106f7cfa5fe6556a0b7e175870d33bd7da9ef67ffcffbafda69
a7b3b6d6219d7bb276d43efada986ac176beee5b9369dc61812a2b67ce41bf14
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
bb6dab2748e75bde396e720d8cc053ef2f9106444c6ba361f9c08b0be9e15d71
bb8a336cfb6fcec28ed454e668fd8a8cd440cb81544266cdb2cc79824fc49166
cf1a7be1e5208f16ac7fd06435fdc6949a3e1751ed6c8745d2c18059ab45f9ad
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1dd2f076f939dfd22b022f127eefd5024ff03e6bdf4c6dba944768742d8ec5c
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
db865c8f3642f3485829c0ee0008fe04a32cc66af70867b39f60395a7fed3984
ddc6aec4144b67f0a2a12d687f3c4b8a9faf7c445847d0e25dcb5bd1a9ba9018
ddf0e65e326bc99627ac2d1df7babf8780bb64fe4fa08bb1a0e5d772fb2e3c94
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3136ed18810649908a21e1af3d5ed10eb6f0b06f8e7653362e2303870aaf8b8
e3625c4c1b10a8e8b5fb271f45549d6d68e0a9c462062fc927709ea7ab285ca5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e422b07ca1550e55cd90a518e910fd3cfb4d9337ea6092357f9761aa77ac9e33
e9ba1c6efe3620ee2dd5ccbccfdb69e603461c6affbeeeddacd5f8cef46696fa
ec800a5bcb2d4e57adcc0c7ec3d69427ac3e392d4a0302891dd76fb80ffd0bfd
ec9eb3515b0c462b663eb6e45a8c8d3de6993077cac8f05f30fbce263d1659c3
ed915d2176566b841f0e01e7632ce7a20b023cbcb4f5976a6015284fccd8a865
f0d3cfcb7df16f94bd2549e5bc55f04fc316c9843c3bd4a9ad87313f66b66f78
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615