Submitted URL: https://get-pdfs.com/twitter/livres/124801/675
Effective URL: https://multimedia-vault.net/en_us/unlock-content-now?&subid=c5b6d907-2e24-4f68-a5cd-80aebde35ba0&networkid=200347&publisher=...
Submission: On December 18 via api from US — Scanned from US

Summary

This website contacted 8 IPs in 1 countries across 10 domains to perform 29 HTTP transactions. The main IP is 2606:4700:3032::6815:5fc7, located in United States and belongs to CLOUDFLARENET, US. The main domain is multimedia-vault.net.
TLS certificate: Issued by GTS CA 1P5 on November 27th 2023. Valid for: 3 months.
This is the only time multimedia-vault.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 162.244.32.180 14576 (HOSTING-S...)
1 1 34.96.122.41 396982 (GOOGLE-CL...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 54.162.153.222 14618 (AMAZON-AES)
3 2606:4700:303... 13335 (CLOUDFLAR...)
13 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:e2:... 13335 (CLOUDFLAR...)
3 2607:f8b0:400... 15169 (GOOGLE)
4 2606:4700:e2:... 13335 (CLOUDFLAR...)
29 8
Apex Domain
Subdomains
Transfer
13 content-loads.com
cdn.content-loads.com — Cisco Umbrella Rank: 410616
190 KB
5 trk-keingent.com
trk-keingent.com — Cisco Umbrella Rank: 28022
event.trk-keingent.com — Cisco Umbrella Rank: 67447
3 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
3 multimedia-vault.net
multimedia-vault.net
5 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
147 KB
2 get-pdfs.com
get-pdfs.com
976 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
1 bluelinknow.com
go.bluelinknow.com
686 B
1 u1pmt.com
t.u1pmt.com
729 B
1 a2adjk.com
www.a2adjk.com
571 B
29 10
Domain Requested by
13 cdn.content-loads.com multimedia-vault.net
cdn.content-loads.com
4 event.trk-keingent.com cdn.content-loads.com
3 www.google-analytics.com www.googletagmanager.com
cdn.content-loads.com
3 multimedia-vault.net get-pdfs.com
cdn.content-loads.com
2 www.googletagmanager.com multimedia-vault.net
www.googletagmanager.com
2 get-pdfs.com get-pdfs.com
1 trk-keingent.com cdn.content-loads.com
1 fonts.googleapis.com cdn.content-loads.com
1 go.bluelinknow.com 1 redirects
1 t.u1pmt.com 1 redirects
1 www.a2adjk.com 1 redirects
29 11

This site contains no links.

Subject Issuer Validity Valid
sipimu.in
R3
2023-12-12 -
2024-03-11
3 months crt.sh
multimedia-vault.net
GTS CA 1P5
2023-11-27 -
2024-02-25
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-01-27 -
2024-01-26
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
trk-keingent.com
GTS CA 1P5
2023-12-01 -
2024-02-29
3 months crt.sh

This page contains 1 frames:

Primary Page: https://multimedia-vault.net/en_us/unlock-content-now?&subid=c5b6d907-2e24-4f68-a5cd-80aebde35ba0&networkid=200347&publisher=185721076bb&isNewTr=1&stream=Fancy%20Bear%20Goes%20Phishing%20%20-%20The%20Dark%20History%20of%20the%20Information%20Age,%20in%20Five%20Extraordinary%20Hacks
Frame ID: D8AD590CB94B274F01BACEB5A97106E4
Requests: 27 HTTP requests in this frame

Screenshot

Page Title

Unlock your favorite content now!

Page URL History Show full URLs

  1. https://get-pdfs.com/twitter/livres/124801/675 Page URL
  2. http://get-pdfs.com/r.php?g=livres&i=124801&fr=twitter.com&d=2023-11-07&v=&n=&r= Page URL
  3. https://www.a2adjk.com/cmp/MPTTX41/5ZK2T/?source_id=bb&sub1=Fancy+Bear+Goes+Phishing++-+The+Dark+Hi... HTTP 302
    https://t.u1pmt.com/click?pid=347&offer_id=686&ref_id=a32687fdc87b47fca100b14d2e5681b6&sub1=1857... HTTP 302
    https://go.bluelinknow.com/t/clk?id=vKH9LMLsvqfyVwC2&s1=658061d2067ca00001853c3f&s2=185721076bb&s8=Fanc... HTTP 302
    https://multimedia-vault.net/en_us/unlock-content-now?&subid=c5b6d907-2e24-4f68-a5cd-80aebde35ba0&network... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtag/js

Page Statistics

29
Requests

93 %
HTTPS

73 %
IPv6

10
Domains

11
Subdomains

8
IPs

1
Countries

369 kB
Transfer

1144 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://get-pdfs.com/twitter/livres/124801/675 Page URL
  2. http://get-pdfs.com/r.php?g=livres&i=124801&fr=twitter.com&d=2023-11-07&v=&n=&r= Page URL
  3. https://www.a2adjk.com/cmp/MPTTX41/5ZK2T/?source_id=bb&sub1=Fancy+Bear+Goes+Phishing++-+The+Dark+History+of+the+Information+Age%2C+in+Five+Extraordinary+Hacks HTTP 302
    https://t.u1pmt.com/click?pid=347&offer_id=686&ref_id=a32687fdc87b47fca100b14d2e5681b6&sub1=185721076bb&sub8=Fancy+Bear+Goes+Phishing++-+The+Dark+History+of+the+Information+Age%2C+in+Five+Extraordinary+Hacks HTTP 302
    https://go.bluelinknow.com/t/clk?id=vKH9LMLsvqfyVwC2&s1=658061d2067ca00001853c3f&s2=185721076bb&s8=Fancy%20Bear%20Goes%20Phishing%20%20-%20The%20Dark%20History%20of%20the%20Information%20Age,%20in%20Five%20Extraordinary%20Hacks HTTP 302
    https://multimedia-vault.net/en_us/unlock-content-now?&subid=c5b6d907-2e24-4f68-a5cd-80aebde35ba0&networkid=200347&publisher=185721076bb&isNewTr=1&stream=Fancy%20Bear%20Goes%20Phishing%20%20-%20The%20Dark%20History%20of%20the%20Information%20Age,%20in%20Five%20Extraordinary%20Hacks Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
675
get-pdfs.com/twitter/livres/124801/
189 B
384 B
Document
General
Full URL
https://get-pdfs.com/twitter/livres/124801/675
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
162.244.32.180 Santa Clara, United States, ASN14576 (HOSTING-SOLUTIONS, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 18 Dec 2023 15:14:25 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
r.php
get-pdfs.com/
267 B
592 B
Document
General
Full URL
http://get-pdfs.com/r.php?g=livres&i=124801&fr=twitter.com&d=2023-11-07&v=&n=&r=
Requested by
Host: get-pdfs.com
URL: https://get-pdfs.com/twitter/livres/124801/675
Protocol
HTTP/1.1
Server
162.244.32.180 Santa Clara, United States, ASN14576 (HOSTING-SOLUTIONS, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 18 Dec 2023 15:14:25 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Primary Request unlock-content-now
multimedia-vault.net/en_us/
Redirect Chain
  • https://www.a2adjk.com/cmp/MPTTX41/5ZK2T/?source_id=bb&sub1=Fancy+Bear+Goes+Phishing++-+The+Dark+History+of+the+Information+Age%2C+in+Five+Extraordinary+Hacks
  • https://t.u1pmt.com/click?pid=347&offer_id=686&ref_id=a32687fdc87b47fca100b14d2e5681b6&sub1=185721076bb&sub8=Fancy+Bear+Goes+Phishing++-+The+Dark+History+of+the+Information+Age%2C+in+Five+Extraordi...
  • https://go.bluelinknow.com/t/clk?id=vKH9LMLsvqfyVwC2&s1=658061d2067ca00001853c3f&s2=185721076bb&s8=Fancy%20Bear%20Goes%20Phishing%20%20-%20The%20Dark%20History%20of%20the%20Information%20Age,%20in%...
  • https://multimedia-vault.net/en_us/unlock-content-now?&subid=c5b6d907-2e24-4f68-a5cd-80aebde35ba0&networkid=200347&publisher=185721076bb&isNewTr=1&stream=Fancy%20Bear%20Goes%20Phishing%20%20-%20The...
16 KB
5 KB
Document
General
Full URL
https://multimedia-vault.net/en_us/unlock-content-now?&subid=c5b6d907-2e24-4f68-a5cd-80aebde35ba0&networkid=200347&publisher=185721076bb&isNewTr=1&stream=Fancy%20Bear%20Goes%20Phishing%20%20-%20The%20Dark%20History%20of%20the%20Information%20Age,%20in%20Five%20Extraordinary%20Hacks
Requested by
Host: get-pdfs.com
URL: http://get-pdfs.com/r.php?g=livres&i=124801&fr=twitter.com&d=2023-11-07&v=&n=&r=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:5fc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d90de6eb3d1990d6dabe460d101d80570c10b92fb75537c6b5235046cc561afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
http://get-pdfs.com/r.php?g=livres&i=124801&fr=twitter.com&d=2023-11-07&v=&n=&r=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83785b069ca30a12-MIA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 18 Dec 2023 15:14:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ftXProOHzWksP3G%2BRhcr6tmgKR%2Fq4AhyOfrv1B7EIyROWxbKnSjnaVIP4SidN5lE2FGHTRBclBVDVtpbGD1geqhDM9Yx2uhpeup%2BlKniRoyDWdiqL%2FYSDMZPnh1vX5hd%2FHKtF4QcA57Ge6LdTpTtirfwcg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload

Redirect headers

cache-control
no-transform
content-language
en
content-length
0
content-type
text/html; charset=utf-8
date
Mon, 18 Dec 2023 15:14:26 GMT
location
https://multimedia-vault.net/en_us/unlock-content-now?&subid=c5b6d907-2e24-4f68-a5cd-80aebde35ba0&networkid=200347&publisher=185721076bb&isNewTr=1&stream=Fancy%20Bear%20Goes%20Phishing%20%20-%20The%20Dark%20History%20of%20the%20Information%20Age,%20in%20Five%20Extraordinary%20Hacks
server
nginx/1.14.2
vary
Accept-Language, Cookie, Origin
x-frame-options
SAMEORIGIN
styles.css
cdn.content-loads.com/prod/landings/assets/layout28/layout28/styles/main/
74 KB
16 KB
Stylesheet
General
Full URL
https://cdn.content-loads.com/prod/landings/assets/layout28/layout28/styles/main/styles.css
Requested by
Host: multimedia-vault.net
URL: https://multimedia-vault.net/en_us/unlock-content-now?&subid=c5b6d907-2e24-4f68-a5cd-80aebde35ba0&networkid=200347&publisher=185721076bb&isNewTr=1&stream=Fancy%20Bear%20Goes%20Phishing%20%20-%20The%20Dark%20History%20of%20the%20Information%20Age,%20in%20Five%20Extraordinary%20Hacks
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:980 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e45ef089970f573a7177bf070676731edf0a1697a43ede84179b2a6531b5fab

Request headers

accept-language
en-US,en;q=0.9
Referer
https://multimedia-vault.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 15:14:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4840
cf-polished
origSize=94269
cf-bgj
minify
last-modified
Wed, 06 Sep 2023 14:22:07 GMT
server
cloudflare
etag
W/"64f88b0f-1703d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JSygAbD%2FKKIrMV1fWTkTb0ykoS5vgmDHuuO2NcIJOUgB1Gw6essu7bzYO1ojmWXgOWJ2LjqOgcGCvYCrMMDIMduxjyuW%2FWjqqi7umcsCPQX5%2FZM8S%2F9sCv0cnw6RJcXwjetp7CspuedikKqzK%2FSgwId24A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
83785b093c6a7430-MIA
layout.css
cdn.content-loads.com/prod/landings/assets/layout28/layout28/styles/layout/
17 KB
4 KB
Stylesheet
General
Full URL
https://cdn.content-loads.com/prod/landings/assets/layout28/layout28/styles/layout/layout.css
Requested by
Host: multimedia-vault.net
URL: https://multimedia-vault.net/en_us/unlock-content-now?&subid=c5b6d907-2e24-4f68-a5cd-80aebde35ba0&networkid=200347&publisher=185721076bb&isNewTr=1&stream=Fancy%20Bear%20Goes%20Phishing%20%20-%20The%20Dark%20History%20of%20the%20Information%20Age,%20in%20Five%20Extraordinary%20Hacks
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:980 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b298fa6fc903ba304243a8bfe3f6366c78eea754e60166bb1178affa1bdc492

Request headers

accept-language
en-US,en;q=0.9
Referer
https://multimedia-vault.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 15:14:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4840
cf-polished
origSize=21326
cf-bgj
minify
last-modified
Wed, 06 Sep 2023 14:22:07 GMT
server
cloudflare
etag
W/"64f88b0f-534e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vcWynfIkWTOsNIMGWCYVAIdc%2FKtxkV6984nAFJgiPUWEKQIwBLtH6CCeL2u%2B6xNMegHfpwXCioVckqV5VsXhZjNLfBhYxEuFQhGDYRM450kFfqxCCPk5756mAbcpGmP%2Fx%2Bd1WYti6yJ8XjXkobZ001fQww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
83785b093c6f7430-MIA
unlimited-soft.css
cdn.content-loads.com/prod/landings/assets/layout28/layout28/styles/brands/
10 KB
2 KB
Stylesheet
General
Full URL
https://cdn.content-loads.com/prod/landings/assets/layout28/layout28/styles/brands/unlimited-soft.css
Requested by
Host: multimedia-vault.net
URL: https://multimedia-vault.net/en_us/unlock-content-now?&subid=c5b6d907-2e24-4f68-a5cd-80aebde35ba0&networkid=200347&publisher=185721076bb&isNewTr=1&stream=Fancy%20Bear%20Goes%20Phishing%20%20-%20The%20Dark%20History%20of%20the%20Information%20Age,%20in%20Five%20Extraordinary%20Hacks
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:980 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1eaee480993414a7e5efd302d2ba98922b0d8e7372c8484dcfa7b25094290fe9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://multimedia-vault.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 15:14:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4840
cf-polished
origSize=12316
cf-bgj
minify
last-modified
Wed, 06 Sep 2023 14:22:07 GMT
server
cloudflare
etag
W/"64f88b0f-301c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P1jDq71UhaUuQie7I%2BA67%2BNzJb4icv9248mztB8ZziYOr08YoZwEmJwL%2BHX%2BfUo1pWcsUbiC0IjB%2BzP3e2fX%2BP%2FXdFLFdqgQB0t7LixA3Dhyt0iDSRS9KIlXcdmdWi%2Bov5O%2FCbDvzu81FHLQaQVKHSkxcg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
83785b093c697430-MIA
js
www.googletagmanager.com/gtag/
186 KB
68 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-195162716-6
Requested by
Host: multimedia-vault.net
URL: https://multimedia-vault.net/en_us/unlock-content-now?&subid=c5b6d907-2e24-4f68-a5cd-80aebde35ba0&networkid=200347&publisher=185721076bb&isNewTr=1&stream=Fancy%20Bear%20Goes%20Phishing%20%20-%20The%20Dark%20History%20of%20the%20Information%20Age,%20in%20Five%20Extraordinary%20Hacks
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9cc171d97e2b3aef462fe458065dec7fbaaf7d8c1c4965e8ca7c320889ce8832
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://multimedia-vault.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 15:14:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
68971
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 18 Dec 2023 15:14:27 GMT
18e8c55ad549933e62ee40b8c7adbdd0.png
cdn.content-loads.com/prod/landings/en_us/unlock-content-now/images/
3 KB
3 KB
Image
General
Full URL
https://cdn.content-loads.com/prod/landings/en_us/unlock-content-now/images/18e8c55ad549933e62ee40b8c7adbdd0.png
Requested by
Host: multimedia-vault.net
URL: https://multimedia-vault.net/en_us/unlock-content-now?&subid=c5b6d907-2e24-4f68-a5cd-80aebde35ba0&networkid=200347&publisher=185721076bb&isNewTr=1&stream=Fancy%20Bear%20Goes%20Phishing%20%20-%20The%20Dark%20History%20of%20the%20Information%20Age,%20in%20Five%20Extraordinary%20Hacks
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:980 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69bec757694a537e73efba217eaca74df87935a063fe5c6a25f22c7e196f6520

Request headers

accept-language
en-US,en;q=0.9
Referer
https://multimedia-vault.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 15:14:27 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Sep 2023 08:46:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
619
etag
"64f1a4fa-ca3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ug39kzVGtw7%2FNGcrcDM5eCO4A1GjKIB5DP7RDNPsBaR7uXTnpUf830vvEO9EET%2FAUGtLBXFtKe0JilEu5CRvchDTLcLY5huk%2FSKh7EC0mB1fsAQKBeHcrygtYfoQA4Um%2F8OBhTiJ8we5IwXmpnQSOob1hQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83785b093c707430-MIA
content-length
3235
2f40fa92fce11c340f70807da03ac0b2.png
cdn.content-loads.com/prod/landings/en_us/unlock-content-now/images/
971 B
1 KB
Image
General
Full URL
https://cdn.content-loads.com/prod/landings/en_us/unlock-content-now/images/2f40fa92fce11c340f70807da03ac0b2.png
Requested by
Host: multimedia-vault.net
URL: https://multimedia-vault.net/en_us/unlock-content-now?&subid=c5b6d907-2e24-4f68-a5cd-80aebde35ba0&networkid=200347&publisher=185721076bb&isNewTr=1&stream=Fancy%20Bear%20Goes%20Phishing%20%20-%20The%20Dark%20History%20of%20the%20Information%20Age,%20in%20Five%20Extraordinary%20Hacks
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:980 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44990fb54269fdec9302792e2c01543679151dbfb279e63089e28656884b3794

Request headers

accept-language
en-US,en;q=0.9
Referer
https://multimedia-vault.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 15:14:27 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Sep 2023 08:46:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6208
etag
"64f1a4fa-3cb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FipkMc76AVgIBAi0I4vmsEfg%2Bg1dIFsCtcJ0YYhHIYtF7Pgg02uOCnW7PCukP%2F0C9YVKhjcGPOU%2BEUwCL3d3Bn2gEDFe%2Bys0iyse%2BcrIIBrYkPN3X7ItI%2BkTaa%2F3FVjFfxqooT3EPsr%2BP7Qu32WopfoCow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83785b093c717430-MIA
content-length
971
card-success-img.png
cdn.content-loads.com/prod/landings/assets/layout28/layout28/images/common/
5 KB
6 KB
Image
General
Full URL
https://cdn.content-loads.com/prod/landings/assets/layout28/layout28/images/common/card-success-img.png
Requested by
Host: multimedia-vault.net
URL: https://multimedia-vault.net/en_us/unlock-content-now?&subid=c5b6d907-2e24-4f68-a5cd-80aebde35ba0&networkid=200347&publisher=185721076bb&isNewTr=1&stream=Fancy%20Bear%20Goes%20Phishing%20%20-%20The%20Dark%20History%20of%20the%20Information%20Age,%20in%20Five%20Extraordinary%20Hacks
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:980 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df5b88dcdde24064831192cf91da1261929edd43ccd2109c9f48a657b6347dca

Request headers

accept-language
en-US,en;q=0.9
Referer
https://multimedia-vault.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 15:14:27 GMT
cf-cache-status
HIT
last-modified
Wed, 06 Sep 2023 14:22:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64f88b0f-159c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tePMzoyAQ%2BzHKbrTiINuHkXCjm1FV5iyX3Ljz3PEKaWPTbLFLoO%2B1O%2FN5JXGIUv0UM6%2BHArGENtOqM3Is%2FLWVcacuqrJenPKBX4lAhEUEg8isrxtSGehQyBP8z9vKpj6t92KSHXq%2Bfx5qZRiVD7QG2%2B7fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83785b097cd67430-MIA
content-length
5532
card-declined-img.png
cdn.content-loads.com/prod/landings/assets/layout28/layout28/images/common/
5 KB
6 KB
Image
General
Full URL
https://cdn.content-loads.com/prod/landings/assets/layout28/layout28/images/common/card-declined-img.png
Requested by
Host: multimedia-vault.net
URL: https://multimedia-vault.net/en_us/unlock-content-now?&subid=c5b6d907-2e24-4f68-a5cd-80aebde35ba0&networkid=200347&publisher=185721076bb&isNewTr=1&stream=Fancy%20Bear%20Goes%20Phishing%20%20-%20The%20Dark%20History%20of%20the%20Information%20Age,%20in%20Five%20Extraordinary%20Hacks
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:980 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8b45a0089c9ee6f6e4afd93b2468f0e2b6e970d02745747ebc93440e6baacc1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://multimedia-vault.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 15:14:27 GMT
cf-cache-status
HIT
last-modified
Wed, 06 Sep 2023 14:22:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64f88b0f-15cc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XUp34YLooGoU5DOnTl2AlVayEsXiq%2BGicaYKvZkPd2L59kSb%2BOET%2FP0IRYRL2BnBni5IUF7LtE%2ByIe%2FJNl1B%2BVlRul3gZHE7BFOxOByaKbM9ayI5baAPqQdp4TdtJtNL6qvwvPeFQArLMDxbDUh04zGRCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83785b097cd77430-MIA
content-length
5580
email-existed-img.png
cdn.content-loads.com/prod/landings/assets/layout28/layout28/images/common/
6 KB
6 KB
Image
General
Full URL
https://cdn.content-loads.com/prod/landings/assets/layout28/layout28/images/common/email-existed-img.png
Requested by
Host: multimedia-vault.net
URL: https://multimedia-vault.net/en_us/unlock-content-now?&subid=c5b6d907-2e24-4f68-a5cd-80aebde35ba0&networkid=200347&publisher=185721076bb&isNewTr=1&stream=Fancy%20Bear%20Goes%20Phishing%20%20-%20The%20Dark%20History%20of%20the%20Information%20Age,%20in%20Five%20Extraordinary%20Hacks
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:980 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f1ad81b346d3ee6d36229c7542e9bbd051e58de0c434b7f97cd01bddcd9d678

Request headers

accept-language
en-US,en;q=0.9
Referer
https://multimedia-vault.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 15:14:27 GMT
cf-cache-status
HIT
last-modified
Wed, 06 Sep 2023 14:22:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64f88b0f-177e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tFAjB1wW2g55GiZFTeHSvDsG%2Bhtb0pyKGUl8VX6EkGBjY2Y7%2FDZQhX7%2BaNL3kOoVrLm8bt%2BkUVUDeF1Aoc9ANb%2BfZG2GObv0KihV9EvpfAy1ENX4XB14zs7fjKOy1TEu%2Fkflx7%2FODwrac42UwTCyRalhZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83785b0a7e177430-MIA
content-length
6014
vendors.js
cdn.content-loads.com/prod/landings/assets/common/common/dist/
468 KB
116 KB
Script
General
Full URL
https://cdn.content-loads.com/prod/landings/assets/common/common/dist/vendors.js
Requested by
Host: multimedia-vault.net
URL: https://multimedia-vault.net/en_us/unlock-content-now?&subid=c5b6d907-2e24-4f68-a5cd-80aebde35ba0&networkid=200347&publisher=185721076bb&isNewTr=1&stream=Fancy%20Bear%20Goes%20Phishing%20%20-%20The%20Dark%20History%20of%20the%20Information%20Age,%20in%20Five%20Extraordinary%20Hacks
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:980 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7bc04b5c156dc9ff348d767fe5a0097f4d208485593e1663e2323460d0f38a21

Request headers

accept-language
en-US,en;q=0.9
Referer
https://multimedia-vault.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 15:14:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2607
cf-polished
origSize=479186
cf-bgj
minify
last-modified
Mon, 18 Dec 2023 11:58:45 GMT
server
cloudflare
etag
W/"658033f5-74fd2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NkogdJp%2FJslzznW1qF6AXhJ2DYoFejRJy38uJTkl9C2%2FW%2BQFCJuD0HaJoa9UKhjWy1eBKQXUrndU9l2kaRqDj7s6Zw9DcvKP3hBPiNV8ow9LP%2B6hiboT4GMfo9wIODqMc%2FS5QzYYnSBXl8ngqBOW0REBHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
83785b0b4f467430-MIA
bundle.js
cdn.content-loads.com/prod/landings/assets/common/common/dist/
45 KB
14 KB
Script
General
Full URL
https://cdn.content-loads.com/prod/landings/assets/common/common/dist/bundle.js
Requested by
Host: multimedia-vault.net
URL: https://multimedia-vault.net/en_us/unlock-content-now?&subid=c5b6d907-2e24-4f68-a5cd-80aebde35ba0&networkid=200347&publisher=185721076bb&isNewTr=1&stream=Fancy%20Bear%20Goes%20Phishing%20%20-%20The%20Dark%20History%20of%20the%20Information%20Age,%20in%20Five%20Extraordinary%20Hacks
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:980 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
588c4321edb781037bae2049647d3b6dcd52ad445225360ef246c3243633b980

Request headers

accept-language
en-US,en;q=0.9
Referer
https://multimedia-vault.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 15:14:27 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 18 Dec 2023 11:58:45 GMT
server
cloudflare
age
2607
etag
W/"658033f5-b4ca"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rHeiSlDeTgMLNwXGQloTSr4sr3WUtfKqY7PY%2FiausC5qe%2Fams%2FU57fQwvnjr6WHE8eKOQv4q9T72F4%2FP8oEG%2F95N2xUuy%2BJpoVyGOHQoFtrTOrcsIzjoO76QnixRP38gEPDbttNDxTS5ATKc1dxIAebG5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
83785b0b4f487430-MIA
scripts.js
cdn.content-loads.com/prod/landings/assets/layout28/layout28/js/
213 B
487 B
Script
General
Full URL
https://cdn.content-loads.com/prod/landings/assets/layout28/layout28/js/scripts.js
Requested by
Host: multimedia-vault.net
URL: https://multimedia-vault.net/en_us/unlock-content-now?&subid=c5b6d907-2e24-4f68-a5cd-80aebde35ba0&networkid=200347&publisher=185721076bb&isNewTr=1&stream=Fancy%20Bear%20Goes%20Phishing%20%20-%20The%20Dark%20History%20of%20the%20Information%20Age,%20in%20Five%20Extraordinary%20Hacks
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:980 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24fb42315d0ae1815b03842655cb8c712a1237ebaa3e93b14997704e4bdca2e2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://multimedia-vault.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 15:14:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4839
cf-polished
origSize=279
cf-bgj
minify
last-modified
Wed, 06 Sep 2023 14:22:07 GMT
server
cloudflare
etag
W/"64f88b0f-117"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4KZ6h7GuBIIQd19gPfoTVix7vGekYdr%2B%2B1%2BJBPfV2rOwtVV2cwaOxAF9cSxa35%2BHUrmSnRYSim4Z2bm6UUofGqdmMpl2HVuMfM8gT2OmN5bSM4Yhr%2FfcMoTgTgCQQG9Qfcz5HA4AuHtKDpqDmn5oIinD6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
83785b0b4f497430-MIA
css
fonts.googleapis.com/
8 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Requested by
Host: cdn.content-loads.com
URL: https://cdn.content-loads.com/prod/landings/assets/layout28/layout28/styles/main/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.content-loads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 18 Dec 2023 15:14:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 18 Dec 2023 14:46:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 18 Dec 2023 15:14:27 GMT
poppins-600.woff2
cdn.content-loads.com/prod/landings/assets/layout28/layout28/fonts/poppins/
8 KB
8 KB
Font
General
Full URL
https://cdn.content-loads.com/prod/landings/assets/layout28/layout28/fonts/poppins/poppins-600.woff2
Requested by
Host: cdn.content-loads.com
URL: https://cdn.content-loads.com/prod/landings/assets/layout28/layout28/styles/brands/unlimited-soft.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:980 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b

Request headers

Referer
https://cdn.content-loads.com/prod/landings/assets/layout28/layout28/styles/brands/unlimited-soft.css
Origin
https://multimedia-vault.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 15:14:27 GMT
cf-cache-status
HIT
last-modified
Wed, 06 Sep 2023 14:22:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2872
etag
"64f88b0f-1f34"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FHKal3hRbij83suT7ZDSyHRmzIoSBsEBkWtMmhA%2BwkJdOJbtn%2FBWyb0Wo%2F8NCATNVUKOfvmsmbNBQBb8%2BHGQhATD34Q3VxxcmYyDcZpMhugoGBJ44tKjjFd05eCUTQuOYWEBJldN7vbrnf9SXvQPvvJIaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83785b0bac3374ba-MIA
content-length
7988
poppins-regular.woff2
cdn.content-loads.com/prod/landings/assets/layout28/layout28/fonts/poppins/
8 KB
8 KB
Font
General
Full URL
https://cdn.content-loads.com/prod/landings/assets/layout28/layout28/fonts/poppins/poppins-regular.woff2
Requested by
Host: cdn.content-loads.com
URL: https://cdn.content-loads.com/prod/landings/assets/layout28/layout28/styles/brands/unlimited-soft.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:980 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c

Request headers

Referer
https://cdn.content-loads.com/prod/landings/assets/layout28/layout28/styles/brands/unlimited-soft.css
Origin
https://multimedia-vault.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 15:14:27 GMT
cf-cache-status
HIT
last-modified
Wed, 06 Sep 2023 14:22:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4611
etag
"64f88b0f-1edc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hxnSwqgbYrB2Al2dYSaaqKvJxtk5vJverLm0H%2BVvKSjH%2FUQ%2FmQAkxUGgRmlDR6SMWhS7QH6D5zu7RQxmVkc66eNaB5Z%2FPmo6RooKXulpDKzZl2lOQE7WK3ELH%2FkT6FTc7wdg0KxZ4I8CANN%2BQPxcqikI%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83785b0bac3474ba-MIA
content-length
7900
w2dqyovgpj
trk-keingent.com/scripts/push/script/
7 KB
3 KB
Script
General
Full URL
https://trk-keingent.com/scripts/push/script/w2dqyovgpj?url=multimedia-vault.net
Requested by
Host: cdn.content-loads.com
URL: https://cdn.content-loads.com/prod/landings/assets/common/common/dist/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8626 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2ffce98b87c38c4611a30810ae8132f4d5ab1c42d32cf5f278e05f8ec45a01e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://multimedia-vault.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 15:14:27 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6831
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 18 Dec 2023 13:20:36 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/javascript;charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t8G0oBweJMvIVYAAlT22VKueTvGrXY7kBkM6X00N4QIdM8xtryc7J%2FlDGwjfc5m20OlFhz5VItG9x1139%2B%2B8PI5VgFkIpBbzEWJlt1logzeoknArwhWzIRFPFCm%2BPLCLNAK%2BeMJgOuy3b0GsdvAl"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray
83785b0c6936222d-MIA
expires
0
prefill
multimedia-vault.net/lead/
64 B
399 B
XHR
General
Full URL
https://multimedia-vault.net/lead/prefill
Requested by
Host: cdn.content-loads.com
URL: https://cdn.content-loads.com/prod/landings/assets/common/common/dist/vendors.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:5fc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58a8c78e450324ab7e738926547a4fefe1a2d59801c07d7c96ba6e48c53d248b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://multimedia-vault.net/en_us/unlock-content-now?&subid=c5b6d907-2e24-4f68-a5cd-80aebde35ba0&networkid=200347&publisher=185721076bb&isNewTr=1&stream=Fancy%20Bear%20Goes%20Phishing%20%20-%20The%20Dark%20History%20of%20the%20Information%20Age,%20in%20Five%20Extraordinary%20Hacks
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 18 Dec 2023 15:14:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gVw0o7J4O00GLPRZ07XVhxrmpZhuTyLefF55I%2FX8gxMNj83qgZc802bDlQqyid8ErylejuYztTHIS8LKQyZsrZZEmn%2BGPiCb26V3Jry6HSjtEy1yk%2FQ2n191bwF6%2FR%2BWQXixEfWchmU%2F1Rf9j5GHL2rHNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=UTF-8
cf-ray
83785b0c3d420a12-MIA
alt-svc
h3=":443"; ma=86400
track
multimedia-vault.net/web-push/
0
0
Fetch
General
Full URL
https://multimedia-vault.net/web-push/track
Requested by
Host: cdn.content-loads.com
URL: https://cdn.content-loads.com/prod/landings/assets/common/common/dist/vendors.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5fc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://multimedia-vault.net/en_us/unlock-content-now?&subid=c5b6d907-2e24-4f68-a5cd-80aebde35ba0&networkid=200347&publisher=185721076bb&isNewTr=1&stream=Fancy%20Bear%20Goes%20Phishing%20%20-%20The%20Dark%20History%20of%20the%20Information%20Age,%20in%20Five%20Extraordinary%20Hacks
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
application/json

Response headers

date
Mon, 18 Dec 2023 15:14:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8iSssxXTukLBpzVDuLVfNw4jKJskpoHicJ7i0aBmTUYfL%2BCw4e801kux4x9lBJgN%2Fkfbtb3UthEzZeEj7GdMH7JOHsdUAUGaR0OEAurwQNBB%2BbOx6fFervorziEepLM0YynrRqZrO1BGCMDid%2FdHV5FQLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
83785b0cafbf370a-MIA
alt-svc
h3=":443"; ma=86400
js
www.googletagmanager.com/gtag/
224 KB
79 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-CK9NSGSVJF&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-195162716-6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7da9afe1c270a583b14105ac7154fa925b82b0b6f8a06c2e64ed56f63abf38c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://multimedia-vault.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 15:14:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81180
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 18 Dec 2023 15:14:28 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-195162716-6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::8a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://multimedia-vault.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 18 Dec 2023 15:08:19 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
369
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 18 Dec 2023 17:08:19 GMT
02eyjqn0ek
event.trk-keingent.com/register/event_log/
0
0
Preflight
General
Full URL
https://event.trk-keingent.com/register/event_log/02eyjqn0ek
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8726 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://multimedia-vault.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
83785b0e59a74c04-MIA
content-length
0
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
date
Mon, 18 Dec 2023 15:14:28 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IshSKuWKhsHKRKoK6pRvoUK4DuMJ0BkQknma2swk9WfNWEuh9jOum6mbjzMDuKcCQ65VvJGr8CgxmbogJbQLqsQYV97yAv6ppARVRgjdlge%2B%2F09C5Yhfvvfdzw8qOmqEwxXlIH8eX1m2ZOnTzHtSudGU7jP8"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
02eyjqn0ek
event.trk-keingent.com/register/event_log/
0
0
Fetch
General
Full URL
https://event.trk-keingent.com/register/event_log/02eyjqn0ek
Requested by
Host: cdn.content-loads.com
URL: https://cdn.content-loads.com/prod/landings/assets/common/common/dist/vendors.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8726 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://multimedia-vault.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
application/json

Response headers

expires
0
date
Mon, 18 Dec 2023 15:14:28 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k0O5b4gBOgIavhtC9tlhHNdZovabUNLP9tC%2BnCpjh%2Fhpiz%2FBKFhWpw1OpgZquQCOQNj91Apn6yNfcjK%2BVzTNEL%2BsuHDoPFdKdaU7XxLVqbcNSM3YlSgCqns49PeTk2UplR6ipCr2PpCrOIrEijX15kg%2BUF53"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray
83785b0eba104c04-MIA
x-pushplatformapp-params
02eyjqn0ek
event.trk-keingent.com/register/event_log/
0
0
Preflight
General
Full URL
https://event.trk-keingent.com/register/event_log/02eyjqn0ek
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8726 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://multimedia-vault.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
83785b0e59a94c04-MIA
content-length
0
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
date
Mon, 18 Dec 2023 15:14:28 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tttNDr46nsk6nscAW0RjRomRBR%2BXKYihB170d4i8G345NZqqCWJL%2Bj4YYPmAGqPM95MmbYaoIhxO5LFxw70ODWh58SyNBQaSNzTmTkp9lYjEAxjEA51vpQ8sOv%2BbICYEZvaE8Woqbwohrdula5t758vN9iAu"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
02eyjqn0ek
event.trk-keingent.com/register/event_log/
0
0
Fetch
General
Full URL
https://event.trk-keingent.com/register/event_log/02eyjqn0ek
Requested by
Host: cdn.content-loads.com
URL: https://cdn.content-loads.com/prod/landings/assets/common/common/dist/vendors.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8726 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://multimedia-vault.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
application/json

Response headers

expires
0
date
Mon, 18 Dec 2023 15:14:28 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KiewLQGp3BbZ7WWQKBe%2B4oxt1Wx%2BiYa9obaGogpMHNI%2FQblTjCZGxBrL7cxSuEtW6E7S0Ve2WCPnFbBl5EgyO7V4tDksGIy4Zzr0G2aAUSv4yEGXUsdy7VqIi75CVz%2Fx4XjNJAkbPsz4hMW2nIZ54L%2F04WvR"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray
83785b0eba174c04-MIA
x-pushplatformapp-params
collect
www.google-analytics.com/g/
0
174 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-CK9NSGSVJF&gtm=45je3bt0v9124051649&_p=1702912467708&gcd=11l1l1l1l1&dma=0&cid=1749668770.1702912468&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1702912468&sct=1&seg=0&dl=https%3A%2F%2Fmultimedia-vault.net%2Fen_us%2Funlock-content-now%3F%26subid%3Dc5b6d907-2e24-4f68-a5cd-80aebde35ba0%26networkid%3D200347%26publisher%3D185721076bb%26isNewTr%3D1%26stream%3DFancy%2520Bear%2520Goes%2520Phishing%2520%2520-%2520The%2520Dark%2520History%2520of%2520the%2520Information%2520Age%2C%2520in%2520Five%2520Extraordinary%2520Hacks&dr=http%3A%2F%2Fget-pdfs.com%2F&dt=Unlock%20your%20favorite%20content%20now!&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2227
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CK9NSGSVJF&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::8a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://multimedia-vault.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 15:14:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://multimedia-vault.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
1 B
91 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=380646561&t=pageview&_s=1&dl=https%3A%2F%2Fmultimedia-vault.net%2Fen_us%2Funlock-content-now%3F%26subid%3Dc5b6d907-2e24-4f68-a5cd-80aebde35ba0%26networkid%3D200347%26publisher%3D185721076bb%26isNewTr%3D1%26stream%3DFancy%2520Bear%2520Goes%2520Phishing%2520%2520-%2520The%2520Dark%2520History%2520of%2520the%2520Information%2520Age%2C%2520in%2520Five%2520Extraordinary%2520Hacks&dr=http%3A%2F%2Fget-pdfs.com%2F&ul=en-us&de=UTF-8&dt=Unlock%20your%20favorite%20content%20now!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=360599900&gjid=1597453753&cid=1749668770.1702912468&tid=UA-195162716-6&_gid=640790622.1702912468&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma=0&jsscut=1&z=404078677
Requested by
Host: cdn.content-loads.com
URL: https://cdn.content-loads.com/prod/landings/assets/common/common/dist/vendors.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::8a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://multimedia-vault.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 15:14:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://multimedia-vault.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| LandingConfig string| backRedirect string| clickToSmsCode string| externalId number| landingHotjar boolean| isAllowed string| landingJson string| formJson function| gtag object| dataLayer object| webpackChunkassets function| Inputmask object| __SENTRY__ function| $ function| jQuery function| Landing function| EmailComplete function| Validator function| Form function| urlBase64ToUint8Array function| pullUrlParams function| push_subscribe function| push_subscribe_promise function| setIfNull function| logPushEvent function| push_unsubscribe function| push_init function| setSessionId function| setUtm function| getSessionId function| getUrlVars function| getDomainName function| getStore object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaGlobal object| gaplugins object| gaData

13 Cookies

Domain/Path Name / Value
get-pdfs.com/ Name: s
Value: 0
get-pdfs.com/ Name: f
Value: 0
www.a2adjk.com/ Name: uniqueClick_5ZK2T
Value: ca77c3bb-3bd5-49d6-b300-568e4337d044:1702912466
www.a2adjk.com/ Name: transaction_id
Value: a32687fdc87b47fca100b14d2e5681b6
t.u1pmt.com/ Name: afclick
Value: 658061d2067ca00001853c3f
t.u1pmt.com/ Name: afoffers
Value: {"686":1702912466}
go.bluelinknow.com/ Name: uip
Value: "[\"ieF3GRQJ\"\054 {\"OQ2j\": \"dkyvZEA\"}]:1rFFK6:B4KHHXb8LESw9p8aq1n4cDGdSaA"
go.bluelinknow.com/ Name: ydt_a31a0322edef4efaa328c3e667d70925
Value: "[\"c5b6d907-2e24-4f68-a5cd-80aebde35ba0\"]:1rFFK6:nZE25mJvSpMHrCLL00aQN3AbLBM"
multimedia-vault.net/ Name: visitInfo::6573
Value: 10aefaa8ee7f62f642647feed40fef7dc036085b576dd9f0f48339ab890d554aa%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A6573%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%22dbbc5a04777d3167622a76da37c1bcad%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A11%3A%22185721076bb%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22c5b6d907-2e24-4f68-a5cd-80aebde35ba0%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
.multimedia-vault.net/ Name: _ga_CK9NSGSVJF
Value: GS1.1.1702912468.1.0.1702912468.0.0.0
.multimedia-vault.net/ Name: _ga
Value: GA1.2.1749668770.1702912468
.multimedia-vault.net/ Name: _gid
Value: GA1.2.640790622.1702912468
.multimedia-vault.net/ Name: _gat_gtag_UA_195162716_6
Value: 1

1 Console Messages

Source Level URL
Text
other error URL: https://multimedia-vault.net/en_us/unlock-content-now?&subid=c5b6d907-2e24-4f68-a5cd-80aebde35ba0&networkid=200347&publisher=185721076bb&isNewTr=1&stream=Fancy%20Bear%20Goes%20Phishing%20%20-%20The%20Dark%20History%20of%20the%20Information%20Age,%20in%20Five%20Extraordinary%20Hacks
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.content-loads.com
event.trk-keingent.com
fonts.googleapis.com
get-pdfs.com
go.bluelinknow.com
multimedia-vault.net
t.u1pmt.com
trk-keingent.com
www.a2adjk.com
www.google-analytics.com
www.googletagmanager.com
162.244.32.180
2606:4700:20::681a:980
2606:4700:3030::6815:4620
2606:4700:3032::6815:5fc7
2606:4700:e2::ac40:8626
2606:4700:e2::ac40:8726
2607:f8b0:4004:c06::5f
2607:f8b0:4004:c08::8a
2607:f8b0:4004:c17::61
34.96.122.41
54.162.153.222
0b298fa6fc903ba304243a8bfe3f6366c78eea754e60166bb1178affa1bdc492
1eaee480993414a7e5efd302d2ba98922b0d8e7372c8484dcfa7b25094290fe9
24fb42315d0ae1815b03842655cb8c712a1237ebaa3e93b14997704e4bdca2e2
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
44990fb54269fdec9302792e2c01543679151dbfb279e63089e28656884b3794
588c4321edb781037bae2049647d3b6dcd52ad445225360ef246c3243633b980
58a8c78e450324ab7e738926547a4fefe1a2d59801c07d7c96ba6e48c53d248b
69bec757694a537e73efba217eaca74df87935a063fe5c6a25f22c7e196f6520
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e45ef089970f573a7177bf070676731edf0a1697a43ede84179b2a6531b5fab
7bc04b5c156dc9ff348d767fe5a0097f4d208485593e1663e2323460d0f38a21
7da9afe1c270a583b14105ac7154fa925b82b0b6f8a06c2e64ed56f63abf38c3
8f1ad81b346d3ee6d36229c7542e9bbd051e58de0c434b7f97cd01bddcd9d678
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
9cc171d97e2b3aef462fe458065dec7fbaaf7d8c1c4965e8ca7c320889ce8832
a8b45a0089c9ee6f6e4afd93b2468f0e2b6e970d02745747ebc93440e6baacc1
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
d2ffce98b87c38c4611a30810ae8132f4d5ab1c42d32cf5f278e05f8ec45a01e
d90de6eb3d1990d6dabe460d101d80570c10b92fb75537c6b5235046cc561afd
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df5b88dcdde24064831192cf91da1261929edd43ccd2109c9f48a657b6347dca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855