urlscan.io logo urlscan.io
SecurityTrails logo

occamsec.com Open in urlscan Pro
104.154.87.116  Public Scan

Go To Rescan Add Verdict Report
URL: https://occamsec.com/scattered-spider-iocs/
Submission: On August 24 via manual from NO — Scanned from NO
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 2 countries across 11 domains to perform 50 HTTP transactions. The main IP is 104.154.87.116, located in Council Bluffs, United States and belongs to GOOGLE, US. The main domain is occamsec.com.
TLS certificate: Issued by R3 on August 11th 2023. Valid for: 3 months.
This is the only time occamsec.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
33 104.154.87.116 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2400:52e0:1e0... 200325 (BUNNYCDN)
1 18.66.97.10 16509 (AMAZON-02)
2 35.171.30.244 14618 (AMAZON-AES)
1 52.222.236.122 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
50 13
33    104.154.87.116 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 116.87.154.104.bc.googleusercontent.com
occamsec.com
2    2606:4700::6810:be59 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-scripts.com
1    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2400:52e0:1e00::1080:1 (Germany)

ASN200325 (BUNNYCDN, SI)
cdn.usefathom.com
1    18.66.97.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-10.fra56.r.cloudfront.net
static.hotjar.com
2    35.171.30.244 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-171-30-244.compute-1.amazonaws.com
lltrck.com
1    52.222.236.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-122.fra56.r.cloudfront.net
script.hotjar.com
1    2606:4700::6811:fba8 (United States)

ASN13335 (CLOUDFLARENET, US)
js.usemessages.com
1    2606:4700::6810:4dba (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
1    2606:4700:4400::ac40:991b (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
1    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)
api.hubspot.com
track.hubspot.com
Apex Domain
Subdomains		 Transfer
33 occamsec.com
occamsec.com
1 MB
3 hubspot.com
api.hubspot.com — Cisco Umbrella Rank: 4874
track.hubspot.com — Cisco Umbrella Rank: 2345
2 KB
2 lltrck.com
lltrck.com — Cisco Umbrella Rank: 29324
7 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 740
script.hotjar.com — Cisco Umbrella Rank: 946
59 KB
2 usefathom.com
cdn.usefathom.com — Cisco Umbrella Rank: 17444
3 KB
2 hs-scripts.com
js.hs-scripts.com — Cisco Umbrella Rank: 2439
2 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
251 B
1 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 2212
20 KB
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 2207
21 KB
1 usemessages.com
js.usemessages.com — Cisco Umbrella Rank: 4796
22 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 48
89 KB
50 11
Domain Requested by
33 occamsec.com occamsec.com
2 api.hubspot.com js.usemessages.com
2 lltrck.com occamsec.com
2 cdn.usefathom.com occamsec.com
2 js.hs-scripts.com occamsec.com
1 track.hubspot.com
1 www.google-analytics.com www.googletagmanager.com
1 js.hs-banner.com js.hs-scripts.com
1 js.hs-analytics.net js.hs-scripts.com
1 js.usemessages.com js.hs-scripts.com
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com occamsec.com
1 www.googletagmanager.com occamsec.com
50 13

This site contains links to these domains. Also see Links.

Domain
www.incenter.ai
www.linkedin.com
twitter.com
wordpress.org
Subject Issuer Validity Valid
occamsec.com
R3		 2023-08-11 -
2023-11-09		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-03 -
2024-05-02		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
cdn.usefathom.com
R3		 2023-07-18 -
2023-10-16		 3 months crt.sh
*.hotjar.com
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
lltrck.com
Amazon RSA 2048 M02		 2023-07-26 -
2024-08-23		 a year crt.sh
hubspot.com
Cloudflare Inc ECC CA-3		 2023-02-05 -
2024-02-05		 a year crt.sh

This page contains 1 frames:

Primary Page: https://occamsec.com/scattered-spider-iocs/
Frame ID: 23ABBAD34A3CEA3087CD453A0C2E3F00
Requests: 52 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Scattered Spider IOCs - OccamSec

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

50
Requests

98 %
HTTPS

67 %
IPv6

11
Domains

13
Subdomains

13
IPs

2
Countries

1803 kB
Transfer

3538 kB
Size

13
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

50 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
occamsec.com/scattered-spider-iocs/ 		75 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://occamsec.com/scattered-spider-iocs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.154.87.116 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
116.87.154.104.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
4a70fd772afe10b9f95c7928b7a208770b82d3320d0e504f5dcb01087a4f19e0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

cache-control
max-age=15552000, must-revalidate
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 24 Aug 2023 19:58:08 GMT
last-modified
Mon, 15 May 2023 09:09:10 GMT
link
<https://occamsec.com/wp-json/>; rel="https://api.w.org/" <https://occamsec.com/wp-json/wp/v2/posts/1983>; rel="alternate"; type="application/json" <https://occamsec.com/?p=1983>; rel=shortlink
server
nginx
vary
Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache
MISS
x-cache-group
normal
x-cacheable
YES:15552000.000
x-powered-by
WP Engine
x-wpe-request-id
50b190d9621bd830ea67dbb1d96d5919
style.min.css
occamsec.com/wp-includes/css/dist/block-library/ 		102 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://occamsec.com/wp-includes/css/dist/block-library/style.min.css?ver=6.3
Requested by
Host: occamsec.com
URL: https://occamsec.com/scattered-spider-iocs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.154.87.116 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
116.87.154.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://occamsec.com/scattered-spider-iocs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:58:09 GMT
content-encoding
br
last-modified
Wed, 19 Jul 2023 11:13:55 GMT
server
nginx
etag
W/"64b7c573-19824"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-wpe-request-id
c35cd14db9ae1107a71f7a560a3e437e
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style.css
occamsec.com/wp-content/uploads/maxmegamenu/ 		65 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://occamsec.com/wp-content/uploads/maxmegamenu/style.css?ver=de0a43
Requested by
Host: occamsec.com
URL: https://occamsec.com/scattered-spider-iocs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.154.87.116 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
116.87.154.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
54e767d74be23a35bdda6c396e15bf8d20b194ebd8112ca28cabb31f80452418

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://occamsec.com/scattered-spider-iocs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:58:09 GMT
content-encoding
br
last-modified
Mon, 15 May 2023 10:49:12 GMT
server
nginx
etag
W/"64620e28-10475"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-wpe-request-id
749f5db19e6aa432d35810755d429cf7
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
dashicons.min.css
occamsec.com/wp-includes/css/ 		58 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://occamsec.com/wp-includes/css/dashicons.min.css?ver=6.3
Requested by
Host: occamsec.com
URL: https://occamsec.com/scattered-spider-iocs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.154.87.116 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
116.87.154.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://occamsec.com/scattered-spider-iocs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:58:09 GMT
content-encoding
br
last-modified
Wed, 03 Mar 2021 21:16:22 GMT
server
nginx
etag
W/"603ffca6-e688"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-wpe-request-id
2494fa57a79f5f2fac4e88c3164138af
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style.css
occamsec.com/wp-content/themes/doccamsec/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://occamsec.com/wp-content/themes/doccamsec/style.css?ver=1.0.0
Requested by
Host: occamsec.com
URL: https://occamsec.com/scattered-spider-iocs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.154.87.116 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
116.87.154.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
5cd5e13e951c6911d68156b5fa553f11399ccb90ffedfcebd3cd4dc9856dff60

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://occamsec.com/scattered-spider-iocs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:58:09 GMT
content-encoding
br
last-modified
Mon, 15 May 2023 10:49:16 GMT
server
nginx
etag
W/"64620e2c-3614"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-wpe-request-id
2a1274524e8b7b2cc3f66fe4b422ea06
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
main.css
occamsec.com/wp-content/themes/doccamsec/assets/css/ 		966 KB
416 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://occamsec.com/wp-content/themes/doccamsec/assets/css/main.css?ver=6.3
Requested by
Host: occamsec.com
URL: https://occamsec.com/scattered-spider-iocs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.154.87.116 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
116.87.154.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
223b69faa213723385b406744f661903b99e4c366abf830920fc1fbe495baba4

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://occamsec.com/scattered-spider-iocs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:58:09 GMT
content-encoding
br
last-modified
Mon, 15 May 2023 10:49:16 GMT
server
nginx
etag
W/"64620e2c-f16b7"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-wpe-request-id
702b2276ed83aa2217e37e6b974f1ec7
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
animate.min.css
occamsec.com/wp-content/themes/doccamsec/assets/css/ 		54 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://occamsec.com/wp-content/themes/doccamsec/assets/css/animate.min.css?ver=6.3
Requested by
Host: occamsec.com
URL: https://occamsec.com/scattered-spider-iocs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.154.87.116 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
116.87.154.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
28b4c5c949bf53b79235cb7623e28d719e7e3b8587b1af376cadf89b7b865ac5

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://occamsec.com/scattered-spider-iocs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:58:09 GMT
content-encoding
br
last-modified
Mon, 15 May 2023 10:49:16 GMT
server
nginx
etag
W/"64620e2c-d8e2"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-wpe-request-id
c93449ef09aebd93b368bda34a63ecbf
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style1.css
occamsec.com/wp-content/themes/doccamsec/assets/css/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://occamsec.com/wp-content/themes/doccamsec/assets/css/style1.css?ver=6.3
Requested by
Host: occamsec.com
URL: https://occamsec.com/scattered-spider-iocs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.154.87.116 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
116.87.154.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
7eb84f0775ab955e0bd9c090e09330649cd592b25ae7d0c72516f16853fd4b60

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://occamsec.com/scattered-spider-iocs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:58:09 GMT
content-encoding
br
last-modified
Mon, 15 May 2023 10:49:16 GMT
server
nginx
etag
W/"64620e2c-1619"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-wpe-request-id
2dbc8933786f99e86964b12836bfa679
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style2.css
occamsec.com/wp-content/themes/doccamsec/assets/css/ 		39 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://occamsec.com/wp-content/themes/doccamsec/assets/css/style2.css?ver=6.3
Requested by
Host: occamsec.com
URL: https://occamsec.com/scattered-spider-iocs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.154.87.116 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
116.87.154.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
ebd4ae571ad8059eb549f8236720a418cb9d1d13b9d6773aa97ec2b0ce411cf3

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://occamsec.com/scattered-spider-iocs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:58:09 GMT
content-encoding
br
last-modified
Mon, 15 May 2023 11:12:44 GMT
server
nginx
etag
W/"646213ac-9ae1"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-wpe-request-id
b61939e348ecec15e843e1428815e585
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
KING_styles.css
occamsec.com/wp-content/themes/doccamsec/assets/css/ 		40 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://occamsec.com/wp-content/themes/doccamsec/assets/css/KING_styles.css?ver=1689239704
Requested by
Host: occamsec.com
URL: https://occamsec.com/scattered-spider-iocs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.154.87.116 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
116.87.154.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
b2cee83abea36ee081be0e8ba0a333e6b4134b383004c6f1afb99ff0df26b3a3

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://occamsec.com/scattered-spider-iocs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:58:09 GMT
content-encoding
br
last-modified
Thu, 13 Jul 2023 09:15:04 GMT
server
nginx
etag
W/"64afc098-a1a6"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-wpe-request-id
9d900007369e15f57a6ba70f92810711
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
gdpr-main.css
occamsec.com/wp-content/plugins/gdpr-cookie-compliance/dist/styles/ 		85 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://occamsec.com/wp-content/plugins/gdpr-cookie-compliance/dist/styles/gdpr-main.css?ver=4.12.6
Requested by
Host: occamsec.com
URL: https://occamsec.com/scattered-spider-iocs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.154.87.116 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
116.87.154.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
ee03ca80fc937d6ca1b81c8be5e977dc79607f89522363679028724f990b3991

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://occamsec.com/scattered-spider-iocs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:58:09 GMT
content-encoding
br
last-modified
Thu, 24 Aug 2023 08:18:57 GMT
server
nginx
etag
W/"64e71271-155a7"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-wpe-request-id
4cdff52d8a6233babc2c297dd645ea15
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
gdpr_cc_addon.css
occamsec.com/wp-content/plugins/gdpr-cookie-compliance-addon/assets/css/ 		13 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://occamsec.com/wp-content/plugins/gdpr-cookie-compliance-addon/assets/css/gdpr_cc_addon.css?ver=3.2.8
Requested by
Host: occamsec.com
URL: https://occamsec.com/scattered-spider-iocs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.154.87.116 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
116.87.154.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
e9ebca871891f9bddbe990b9ee19620b2762bafa0b93b588b350342417597268

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://occamsec.com/scattered-spider-iocs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:58:09 GMT
content-encoding
br
last-modified
Mon, 15 May 2023 10:49:23 GMT
server
nginx
etag
W/"64620e33-35e5"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-wpe-request-id
f8a8c4e8a7f48d61396671f6b19ec3e7
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery.min.js
occamsec.com/wp-includes/js/jquery/ 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://occamsec.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Requested by
Host: occamsec.com
URL: https://occamsec.com/scattered-spider-iocs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.154.87.116 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
116.87.154.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://occamsec.com/scattered-spider-iocs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:58:09 GMT
content-encoding
br
last-modified
Fri, 26 May 2023 11:33:35 GMT
server
nginx
etag
W/"6470990f-155ba"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-wpe-request-id
920db43ba40a4e2b0624741ece359cf1
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery-migrate.min.js
occamsec.com/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://occamsec.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: occamsec.com
URL: https://occamsec.com/scattered-spider-iocs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.154.87.116 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
116.87.154.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://occamsec.com/scattered-spider-iocs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:58:09 GMT
content-encoding
br
last-modified
Fri, 09 Jun 2023 05:49:24 GMT
server
nginx
etag
W/"6482bd64-3509"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-wpe-request-id
0da8138368d39916c90baea7f3296fc6
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
5380872.js
js.hs-scripts.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/5380872.js
Requested by
Host: occamsec.com
URL: https://occamsec.com/scattered-spider-iocs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:be59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e67058111278bf60a5c4d5a9af5f08896f42af5cccbc15520ef0891b4f24424
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://occamsec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:58:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
c8708614-8f44-4a04-a2f9-9dfde2da35da
x-envoy-upstream-service-time
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
c8708614-8f44-4a04-a2f9-9dfde2da35da
last-modified
Thu, 24 Aug 2023 19:58:10 GMT
server
cloudflare
x-trace
2B8BF851ADF04457E3D1A55AC6EC810663EFE6772C000000000000000000
vary
origin, Accept-Encoding
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://occamsec.com
x-evy-trace-virtual-host
all
cache-control
public, max-age=60
access-control-allow-credentials
true
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-6c94986c56-59h8s
cf-ray
7fbe2b210ecdb505-OSL
expires
Thu, 24 Aug 2023 19:59:10 GMT
js
www.googletagmanager.com/gtag/ 		265 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-41GWFS49N0
Requested by
Host: occamsec.com
URL: https://occamsec.com/scattered-spider-iocs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5250b94977b0c68062cdf4bf2c489c20d236266d19677b226e5f08fadb10c022
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://occamsec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:58:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90420
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 24 Aug 2023 19:58:10 GMT
black.svg
occamsec.com/wp-content/uploads/2021/04/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://occamsec.com/wp-content/uploads/2021/04/black.svg
Requested by
Host: occamsec.com
URL: https://occamsec.com/scattered-spider-iocs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.154.87.116 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
116.87.154.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
ea2acefbe98c7eb05b20a2eba08deacb1075fc030ff0e4d75d7a27cee4af0e60

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://occamsec.com/scattered-spider-iocs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:58:10 GMT
content-encoding
br
last-modified
Mon, 15 May 2023 10:49:14 GMT
server
nginx
etag
W/"64620e2a-1d98"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-wpe-request-id
1ccfdad1ee31f7ff1a4bf4c7b5e10e08
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
white_yellow.svg
occamsec.com/wp-content/uploads/2021/04/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://occamsec.com/wp-content/uploads/2021/04/white_yellow.svg
Requested by
Host: occamsec.com
URL: https://occamsec.com/scattered-spider-iocs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.154.87.116 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
116.87.154.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
9723f1b59a7e99709f5092e2656fe8975d0857179ec43eefdd57aeac28cb80d5

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://occamsec.com/scattered-spider-iocs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:58:10 GMT
content-encoding
br
last-modified
Mon, 15 May 2023 10:49:15 GMT
server
nginx
etag
W/"64620e2b-1dc1"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-wpe-request-id
faecfca8ec2d1f05b9ba3343ee1b6cf3
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
black_yellow.svg
occamsec.com/wp-content/uploads/2021/04/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://occamsec.com/wp-content/uploads/2021/04/black_yellow.svg
Requested by
Host: occamsec.com
URL: https://occamsec.com/scattered-spider-iocs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.154.87.116 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
116.87.154.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
adda31e4875613091e6604082a0bcd61a3543bab8573f8b19898210dedc55a7d

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://occamsec.com/scattered-spider-iocs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:58:10 GMT
content-encoding
br
last-modified
Mon, 15 May 2023 10:49:14 GMT
server
nginx
etag
W/"64620e2a-1dc1"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-wpe-request-id
f1ddd9b1164ab17aa336516bff2adb7a
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
black_white.svg
occamsec.com/wp-content/uploads/2021/04/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://occamsec.com/wp-content/uploads/2021/04/black_white.svg
Requested by
Host: occamsec.com
URL: https://occamsec.com/scattered-spider-iocs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.154.87.116 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
116.87.154.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
47b90942d3672527a734d46b2b4553297bfa3d595d648194f6d3d24bf1c4bfe6

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://occamsec.com/scattered-spider-iocs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:58:10 GMT
content-encoding
br
last-modified
Mon, 15 May 2023 10:49:14 GMT
server
nginx
etag
W/"64620e2a-1dbe"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-wpe-request-id
65c2366b48f18f3a6656f1bfcd8175b0
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
white_orange.svg
occamsec.com/wp-content/uploads/2021/04/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://occamsec.com/wp-content/uploads/2021/04/white_orange.svg
Requested by
Host: occamsec.com
URL: https://occamsec.com/scattered-spider-iocs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.154.87.116 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
116.87.154.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
4c3284ff936ef66a30ada60b2f76e7fc90a5b6167604cda07ba182cd7448e0e7

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://occamsec.com/scattered-spider-iocs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:58:10 GMT
content-encoding
br
last-modified
Mon, 15 May 2023 10:49:15 GMT
server
nginx
etag
W/"64620e2b-1dc1"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-wpe-request-id
99c41e923eb75e8e484a2114d7dcd099
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
white-1.svg
occamsec.com/wp-content/uploads/2021/04/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://occamsec.com/wp-content/uploads/2021/04/white-1.svg
Requested by
Host: occamsec.com
URL: https://occamsec.com/scattered-spider-iocs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.154.87.116 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
116.87.154.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
577f55df30a6241110e131830fdd35001132bc23bde58dfe4f8f619de964cd21

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://occamsec.com/scattered-spider-iocs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:58:10 GMT
content-encoding
br
last-modified
Mon, 15 May 2023 10:49:15 GMT
server
nginx
etag
W/"64620e2b-1d8a"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-wpe-request-id
921eafc12a10ddc468d627c50694753b
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
full-transparent.png
occamsec.com/wp-content/themes/doccamsec/assets/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://occamsec.com/wp-content/themes/doccamsec/assets/images/full-transparent.png
Requested by
Host: occamsec.com
URL: https://occamsec.com/scattered-spider-iocs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.154.87.116 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
116.87.154.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
fede46f08675971eaf91f3ab8de4c272e0622f3830a6228ae9cdaffcc78c7668

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://occamsec.com/scattered-spider-iocs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:58:10 GMT
last-modified
Mon, 15 May 2023 10:49:16 GMT
server
nginx
etag
"64620e2c-2822"
vary
Accept-Encoding
x-wpe-request-id
9d2d5446ab40b632d0a5d8e550e58113
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
10274
crest-logo-larger.png
occamsec.com/wp-content/uploads/2023/05/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://occamsec.com/wp-content/uploads/2023/05/crest-logo-larger.png
Requested by
Host: occamsec.com
URL: https://occamsec.com/scattered-spider-iocs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.154.87.116 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
116.87.154.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
cfa21728828e425aaf8672076996ae10034b3c1534483f356680b8bdf27ecc4a

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://occamsec.com/scattered-spider-iocs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:58:10 GMT
last-modified
Mon, 15 May 2023 10:49:12 GMT
server
nginx
etag
"64620e28-3268"
vary
Accept-Encoding
x-wpe-request-id
cb2713e8c96a1de70a78483b00359197
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
12904
5380872.js
js.hs-scripts.com/ 		1 KB
700 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/5380872.js?integration=WordPress&ver=10.2.1
Requested by
Host: occamsec.com
URL: https://occamsec.com/scattered-spider-iocs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:be59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e18ceab464c0cc7751f5f95c48191c4c26634dfb13a088ccc0def55287e57e9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://occamsec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:58:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
88bc0b15-f222-44e5-a052-a3ea0b0e4810
x-envoy-upstream-service-time
42
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
88bc0b15-f222-44e5-a052-a3ea0b0e4810
last-modified
Thu, 24 Aug 2023 19:58:10 GMT
server
cloudflare
x-trace
2B99306ABFAA03DAA5BC52178C1688E7FA20B0F4E3000000000000000000
vary
origin, Accept-Encoding
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://occamsec.com
x-evy-trace-virtual-host
all
cache-control
public, max-age=60
access-control-allow-credentials
true
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-6c94986c56-xr6zl
cf-ray
7fbe2b210ed0b505-OSL
expires
Thu, 24 Aug 2023 19:59:10 GMT
lity.js
occamsec.com/wp-content/themes/doccamsec/assets/js/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://occamsec.com/wp-content/themes/doccamsec/assets/js/lity.js?ver=6.3
Requested by
Host: occamsec.com
URL: https://occamsec.com/scattered-spider-iocs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.154.87.116 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
116.87.154.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
349c85784ff65d159cfa8a3ed7ee22bfe0287abeaa1254b7aa8dac760a8a823a

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://occamsec.com/scattered-spider-iocs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:58:09 GMT
content-encoding
br
last-modified
Mon, 15 May 2023 10:49:16 GMT
server
nginx
etag
W/"64620e2c-4564"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-wpe-request-id
448640a26bc3d6b613c0b88f01d5e28a
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
slick.min.js
occamsec.com/wp-content/themes/doccamsec/assets/js/ 		42 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://occamsec.com/wp-content/themes/doccamsec/assets/js/slick.min.js?ver=6.3
Requested by
Host: occamsec.com
URL: https://occamsec.com/scattered-spider-iocs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.154.87.116 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
116.87.154.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://occamsec.com/scattered-spider-iocs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:58:10 GMT
content-encoding
br
last-modified
Mon, 15 May 2023 10:49:16 GMT
server
nginx
etag
W/"64620e2c-a76f"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-wpe-request-id
6a7febdfc8b76b8bc249e5d2ab5df47a
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
main.js
occamsec.com/wp-content/themes/doccamsec/assets/js/ 		25 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://occamsec.com/wp-content/themes/doccamsec/assets/js/main.js?ver=1689239734
Requested by
Host: occamsec.com
URL: https://occamsec.com/scattered-spider-iocs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.154.87.116 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
116.87.154.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
cd8c10a711a97ecc9a0af6e0f0ef5adcf44d9aa4486f0f0286ef6c461b154621

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://occamsec.com/scattered-spider-iocs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:58:10 GMT
content-encoding
br
last-modified
Thu, 13 Jul 2023 09:15:34 GMT
server
nginx
etag
W/"64afc0b6-65a7"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-wpe-request-id
6e944e147c4400a42a758cd2ad153bc8
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
main.js
occamsec.com/wp-content/plugins/gdpr-cookie-compliance/dist/scripts/ 		60 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://occamsec.com/wp-content/plugins/gdpr-cookie-compliance/dist/scripts/main.js?ver=4.12.6
Requested by
Host: occamsec.com
URL: https://occamsec.com/scattered-spider-iocs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.154.87.116 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
116.87.154.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
89e11befadb453147740e47b21db4b639b8dff43259487ccd25c7e61c39906c6

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://occamsec.com/scattered-spider-iocs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:58:10 GMT
content-encoding
br
last-modified
Thu, 24 Aug 2023 08:18:57 GMT
server
nginx
etag
W/"64e71271-ee9f"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-wpe-request-id
ba6f8f1549a921ba482bd8a85c4feaa0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
gdpr_cc_addon.js
occamsec.com/wp-content/plugins/gdpr-cookie-compliance-addon/assets/js/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://occamsec.com/wp-content/plugins/gdpr-cookie-compliance-addon/assets/js/gdpr_cc_addon.js?ver=3.2.8
Requested by
Host: occamsec.com
URL: https://occamsec.com/scattered-spider-iocs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.154.87.116 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
116.87.154.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
d07a47cbe2868855178d2d737fe185edf0beb18a7555b7d7c3f67ac0f0f8e4c8

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://occamsec.com/scattered-spider-iocs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:58:10 GMT
content-encoding
br
last-modified
Mon, 15 May 2023 10:49:23 GMT
server
nginx
etag
W/"64620e33-2dcd"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-wpe-request-id
29b41753ef7ae52a85c7f644423e0f4c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
hoverIntent.min.js
occamsec.com/wp-includes/js/ 		1 KB
1005 B 		Script
General
Check archive.org
Download Go to
Full URL
https://occamsec.com/wp-includes/js/hoverIntent.min.js?ver=1.10.2
Requested by
Host: occamsec.com
URL: https://occamsec.com/scattered-spider-iocs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.154.87.116 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
116.87.154.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://occamsec.com/scattered-spider-iocs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:58:10 GMT
content-encoding
br
last-modified
Fri, 08 Apr 2022 20:07:18 GMT
server
nginx
etag
W/"625095f6-5db"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-wpe-request-id
ed9de5c7e3aa18dc20774110572cb230
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
maxmegamenu.js
occamsec.com/wp-content/plugins/megamenu/js/ 		32 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://occamsec.com/wp-content/plugins/megamenu/js/maxmegamenu.js?ver=3.2.2
Requested by
Host: occamsec.com
URL: https://occamsec.com/scattered-spider-iocs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.154.87.116 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
116.87.154.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
c532d1d7922f4b22b44f24f25d0a2317013412a19376a543eb130db19fdbeb33

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://occamsec.com/scattered-spider-iocs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:58:10 GMT
content-encoding
br
last-modified
Mon, 15 May 2023 10:49:22 GMT
server
nginx
etag
W/"64620e32-8077"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-wpe-request-id
e39b53628383ba24c2c69d2914305324
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
script.js
cdn.usefathom.com/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.usefathom.com/script.js
Requested by
Host: occamsec.com
URL: https://occamsec.com/scattered-spider-iocs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
19ddbd3f35a8f49ec6c6b5074c782c5b9324b8fda7859ee5f632d10e95c02e81

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://occamsec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:58:10 GMT
content-encoding
br
cdn-edgestorageid
1082
x-vapor-base64-encode
True
cdn-cachedat
07/27/2023 17:14:40
cdn-pullzone
506217
last-modified
Tue, 25 Jul 2023 16:46:29 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
aa90c48b-f401-4fa1-aac1-c94c8f3ae560
cache-control
public, max-age=0
cdn-requestid
c0124bd3700f9919e8ae0bb143dbaf9a
cdn-requestcountrycode
NO
cdn-status
200
cdn-requestpullsuccess
True
OccamSec-Logo-Maze-K_yellow-dot-RGB-300x300.png
occamsec.com/wp-content/uploads/2022/04/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://occamsec.com/wp-content/uploads/2022/04/OccamSec-Logo-Maze-K_yellow-dot-RGB-300x300.png
Requested by
Host: occamsec.com
URL: https://occamsec.com/scattered-spider-iocs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.154.87.116 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
116.87.154.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
821b1009e22f85255ee49d1d16d11939e386f3eda9dfcd90801a974d1b93b307

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://occamsec.com/scattered-spider-iocs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:58:10 GMT
last-modified
Mon, 15 May 2023 10:49:13 GMT
server
nginx
etag
"64620e29-479b"
vary
Accept-Encoding
x-wpe-request-id
ac550dad9043afed614c5107c74298db
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
18331
e85964df-e130-468e-a734-f27944deb0a5
https://occamsec.com/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://occamsec.com/e85964df-e130-468e-a734-f27944deb0a5
Requested by
Host: occamsec.com
URL: https://occamsec.com/scattered-spider-iocs/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
no-NO,no;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
hotjar-3526541.js
static.hotjar.com/c/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-3526541.js?sv=5
Requested by
Host: occamsec.com
URL: https://occamsec.com/scattered-spider-iocs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-10.fra56.r.cloudfront.net
Software
/
Resource Hash
cd73903eaa4c2f68097d3cef99d065829214039a39c0f160f664ee35cc089792
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://occamsec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Thu, 24 Aug 2023 19:58:10 GMT
via
1.1 bbd2abbdb134a9d53c0a12f6566e69fe.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
etag
W/d095aa61c81dd58eb124da0fdb5597d7
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
x-amz-cf-id
E9f3FHknzRGfADhRm_nzv6bCFmM74PpyXPUQb5rhPvVDzN4wX56sag==
lt-v3.js
lltrck.com/scripts/ 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lltrck.com/scripts/lt-v3.js?llid=34682
Requested by
Host: occamsec.com
URL: https://occamsec.com/scattered-spider-iocs/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.30.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-30-244.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
111f6d9f597c61d24c2c3718ab2e7f9fefbc10df2b630dfb84956c418600cbae
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://occamsec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:58:10 GMT
cache-control
public, max-age=172800
strict-transport-security
max-age=2592000
server
Kestrel
content-length
6882
content-type
text/javascript
calendar.svg
occamsec.com/html/build/static/images/ 		548 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://occamsec.com/html/build/static/images/calendar.svg
Requested by
Host: occamsec.com
URL: https://occamsec.com/wp-content/themes/doccamsec/assets/css/main.css?ver=6.3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.154.87.116 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
116.87.154.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://occamsec.com/wp-content/themes/doccamsec/assets/css/main.css?ver=6.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type
text/html
date
Thu, 24 Aug 2023 19:58:10 GMT
content-encoding
br
server
nginx
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
x-wpe-request-id
094397ee80aa82517f14b32145602ee7
abstract-network-IOC.png
occamsec.com/wp-content/uploads/2023/05/ 		858 KB
859 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://occamsec.com/wp-content/uploads/2023/05/abstract-network-IOC.png
Requested by
Host: occamsec.com
URL: https://occamsec.com/scattered-spider-iocs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.154.87.116 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
116.87.154.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
470c86240e009d21e781d3fe4a63c2d2a5a4a195412992ec37d16b1449daf10b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://occamsec.com/scattered-spider-iocs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:58:10 GMT
last-modified
Mon, 15 May 2023 10:49:12 GMT
server
nginx
etag
"64620e28-d68f7"
vary
Accept-Encoding
x-wpe-request-id
032d041b31ac25ab7e83f53fe26aed93
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
878839
truncated
/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7f5e9fa0fd9a80271f24c964a45e02e8027d761eb8ee1ea7aa104b77691c62f0

Request headers

Referer
Origin
https://occamsec.com
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type
application/font-woff2;charset=utf-8
truncated
/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
581c3d26f73511b30d5719b02011f0427970610f210795a0e84685cbf7aef037

Request headers

Referer
Origin
https://occamsec.com
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type
application/font-woff2;charset=utf-8
truncated
/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
59bac91d2928b66c61164d706a17e50327e821312a2939572f511255d1147dd7

Request headers

Referer
Origin
https://occamsec.com
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type
application/font-woff2;charset=utf-8
modules.14b820ab47d618317075.js
script.hotjar.com/ 		223 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.14b820ab47d618317075.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3526541.js?sv=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-122.fra56.r.cloudfront.net
Software
/
Resource Hash
55c4d362579276afb8524a825c6e998ebebf2fe7af36b454c71291c7cebfc447
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://occamsec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 09:22:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
age
124564
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
55646
last-modified
Wed, 23 Aug 2023 09:21:33 GMT
etag
"acd31f178f50b6cbf2246edb86e5753a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
9vkg5LvLd36Kto2NvVpoq6JTYhIaSZqdaJxrU7RmDohIGc7j0Q5dJg==
conversations-embed.js
js.usemessages.com/ 		76 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.usemessages.com/conversations-embed.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5380872.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:fba8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92cb228fb9440bac15485ceee66c5d2b1f193b347cedd8213f1d645e30dc8238
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://occamsec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:58:10 GMT
x-amz-version-id
G1jwIt6bVkEDEnfUjwKjWJwoMKSCPoJL
via
1.1 bcfffcf7e0fc8cd9cfe4125369a9f036.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
x-amz-cf-pop
IAD12-P3
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
6585cce8-4dd2-4ec5-b2c6-c9bd48f6e52f
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.13860/bundles/project.js&cfRay=7fb437ab4ed71c0a-ARN
x-cache
Hit from cloudfront
cache-tag
staticjsapp-conversations-embed-web-prod,staticjsapp-prod
content-encoding
br
age
344
x-envoy-upstream-service-time
0
x-amz-replication-status
COMPLETED
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
6585cce8-4dd2-4ec5-b2c6-c9bd48f6e52f
last-modified
Wed, 23 Aug 2023 02:48:58 UTC
server
cloudflare
etag
W/"4d30bb46d9e67baa74eca1312aaec601"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-hs-cache-status
HIT
x-evy-trace-virtual-host
all
cache-control
max-age=600
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-57ff77fcd-4skbg
cf-ray
7fbe2b22c8180b4d-OSL
x-amz-cf-id
ubdHFisW99o2xh3aMBGqcZaAJtvGVTrUejCRKIXiMHILWfwIjQ8qLA==
x-hs-target-asset
conversations-embed/static-1.13860/bundles/project.js
5380872.js
js.hs-analytics.net/analytics/1692906900000/ 		66 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1692906900000/5380872.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5380872.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4dba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bb26a65047a38977860a683b3eff8ace26e85680299df3a757d84b920dad8da

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://occamsec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:58:10 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
47Z1TYWKPK1F2AW8
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
9009d7de-a31f-4da6-8201-f666346b31b7
x-envoy-upstream-service-time
103
x-amz-id-2
kRx8PknnB8obN7JYO2Van2h1LO5ih5D9ZvslhzdV/WTkmwAwwp//2EQJPahtFHZ5j/WaM52oT8Mv30I95QLTcARootBIq3sChNjvnunK44I=
x-evy-trace-listener
listener_https
x-request-id
9009d7de-a31f-4da6-8201-f666346b31b7
x-evy-trace-route-configuration
listener_https/all
last-modified
Mon, 14 Aug 2023 15:35:42 GMT
server
cloudflare
etag
W/"ddb0839b393085e6010590d2994b9b99"
vary
origin, Accept-Encoding
content-type
text/javascript
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-ww4tr
cache-control
max-age=300,public
access-control-allow-credentials
false
cf-ray
7fbe2b22c92b0b61-OSL
expires
Thu, 24 Aug 2023 20:03:10 GMT
banner.js
js.hs-banner.com/v2/5380872/ 		65 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/v2/5380872/banner.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5380872.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d6704439de9041bf659c321fe9a7181d6e0afb026b566de343436bf5c24e478

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://occamsec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:58:10 GMT
x-amz-version-id
qSXrvGqDMOUD61yZauFzPcZKCw6l0Hc5
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
47Z729DQCB9RRNR3
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
92c1e285-1e9b-485e-ad9f-07446edb7007
x-envoy-upstream-service-time
28
x-amz-id-2
tv+WNU0FRuqmfYl7823RmRcUAgrhm2tnOxPwJN5MmYXcze9vINckkOEdPw30SkANX8yw4ZL/Huo=
x-evy-trace-listener
listener_https
x-request-id
92c1e285-1e9b-485e-ad9f-07446edb7007
x-evy-trace-route-configuration
listener_https/all
last-modified
Mon, 31 Jul 2023 22:05:18 GMT
server
cloudflare
etag
W/"1ae7c13549b1bc7567e59a766b5aa5e9"
access-control-max-age
604800
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://occamsec.com
x-evy-trace-virtual-host
all
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300,public
access-control-allow-credentials
true
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-fznd8
vary
origin, Accept-Encoding
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
7fbe2b22dab8b52d-OSL
expires
Thu, 24 Aug 2023 20:03:10 GMT
collect
www.google-analytics.com/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-41GWFS49N0&gtm=45je38n0&_p=916260388&cid=1774818726.1692907090&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1692907090&sct=1&seg=0&dl=https%3A%2F%2Foccamsec.com%2Fscattered-spider-iocs%2F&dt=Scattered%20Spider%20IOCs%20-%20OccamSec&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-41GWFS49N0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://occamsec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 19:58:10 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://occamsec.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
cdn.usefathom.com/ 		43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.usefathom.com/?h=https%3A%2F%2Foccamsec.com&p=%2Fscattered-spider-iocs%2F&r=&sid=UKVMLHUK&qs=%7B%7D&cid=23900170
Requested by
Host: occamsec.com
URL: https://occamsec.com/scattered-spider-iocs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://occamsec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:58:10 GMT
cdn-edgestorageid
1080
x-vapor-base64-encode
True
cdn-cachedat
08/24/2023 19:58:10
cdn-pullzone
506217
content-length
43
pragma
no-cache
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
tk
N
content-type
image/gif
access-control-allow-origin
*
cdn-cache
MISS
cdn-uid
aa90c48b-f401-4fa1-aac1-c94c8f3ae560
cache-control
public, max-age=0
cdn-requestid
370aca90d8b50ff59bee5b5fe9519d15
cdn-requestcountrycode
NO
cdn-status
200
cdn-requestpullsuccess
True
wp-emoji-release.min.js
occamsec.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://occamsec.com/wp-includes/js/wp-emoji-release.min.js?ver=6.3
Requested by
Host: occamsec.com
URL: https://occamsec.com/scattered-spider-iocs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.154.87.116 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
116.87.154.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://occamsec.com/scattered-spider-iocs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:58:10 GMT
content-encoding
br
last-modified
Thu, 02 Feb 2023 00:53:25 GMT
server
nginx
etag
W/"63db0985-4904"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-wpe-request-id
1068b40d4e6500cb20639fb15cae986d
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
public
api.hubspot.com/livechat-public/v1/message/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=5380872&conversations-embed=static-1.13860&mobile=false&messagesUtk=069f2b0e78824a498deba180dd93a3b3&traceId=069f2b0e78824a498deba180dd93a3b3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
x-hubspot-messages-uri
Access-Control-Request-Method
GET
Origin
https://occamsec.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-credentials
false
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin
https://occamsec.com
allow
HEAD,GET,OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7fbe2b23d9af0b4d-OSL
content-length
18
content-type
text/plain; charset=utf-8
date
Thu, 24 Aug 2023 19:58:10 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OkJFl9DFvrcLZdTO%2BRi3xYzQeBfawGM6fzr1kdplrlC8lWiO9ACTq8S1z2WatPcc5te2yjlvwBLiIS5myINFqYX7PS3clpZcRvTplfTcMcR7HkCzRWLnIVOxPH77awuE43QoCHnGvE3fpu0oXg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
origin, Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
6
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-6c94986c56-5gghn
x-evy-trace-virtual-host
all
x-hubspot-correlation-id
40740a5f-c75f-4765-bd02-56336d591862
x-request-id
40740a5f-c75f-4765-bd02-56336d591862
x-trace
2BF3482A634EA088DAB4F41BA5A95F2AADAE9F6F02000000000000000000
public
api.hubspot.com/livechat-public/v1/message/ 		277 B
928 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=5380872&conversations-embed=static-1.13860&mobile=false&messagesUtk=069f2b0e78824a498deba180dd93a3b3&traceId=069f2b0e78824a498deba180dd93a3b3
Requested by
Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d03ef2885fce6da3c8fcf04438869c41c6a73eb18268afdc438e036479aa8ccf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://occamsec.com/
accept-language
no-NO,no;q=0.9
X-HubSpot-Messages-Uri
https://occamsec.com/scattered-spider-iocs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:58:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
e5511f89-89c7-40c0-bed0-d0bbfe39a6ec
x-envoy-upstream-service-time
13
content-length
218
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
e5511f89-89c7-40c0-bed0-d0bbfe39a6ec
server
cloudflare
x-trace
2B869D761017E906DF76D02165F8E24763CF859EAA000000000000000000
vary
origin, Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://occamsec.com
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-6c94986c56-bnvhk
cache-control
no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials
false
x-evy-trace-virtual-host
all
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2wjtcCgK00qrQ1AOUpARhlasnUl%2FJJD8uAvCf3QljyCAOrtubWd8DL5bq854XWk8%2B15EtlhxswByNWYHARtYlRqiJhFrSV9cMtLkm2LM%2B2wrjD%2BGqVVAfgN%2BKQfwVTOI%2BqPgYrsdJIqwBgcxng%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
7fbe2b24fb1b0b4d-OSL
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
tracking
lltrck.com/api/ 		43 B
271 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lltrck.com/api/tracking?_llid=34682&_fd=bIS1dIN7Mz%3AwZ3OicYOmZz6kc31wd3OieISmdnWlMYOxbXSmdj2qc3O%7BMx%3E%3E&_llreferer=&_lluuid=ls7303d2-ea77-477f-be04-edf0e2e242d2&_cl=0&_v=3
Requested by
Host: occamsec.com
URL: https://occamsec.com/scattered-spider-iocs/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.30.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-30-244.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://occamsec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 24 Aug 2023 19:58:10 GMT
strict-transport-security
max-age=2592000
server
Kestrel
content-length
43
content-type
image/gif
__ptq.gif
track.hubspot.com/ 		45 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=4036121453&v=1.1&a=5380872&ct=blog-post&rcu=https%3A%2F%2Foccamsec.com%2Fscattered-spider-iocs%2F&pu=https%3A%2F%2Foccamsec.com%2Fscattered-spider-iocs%2F&t=Scattered+Spider+IOCs+-+OccamSec&cts=1692907090986&vi=70f8ae959197c14ed3f15a45775e7a17&nc=true&u=256109396.70f8ae959197c14ed3f15a45775e7a17.1692907090982.1692907090982.1692907090982.1&b=256109396.1.1692907090982&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://occamsec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:58:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
52940e8c-665b-419d-b531-8102c4b24f70
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
5
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
52940e8c-665b-419d-b531-8102c4b24f70
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1N4%2FQaWTeIav7REa8hUNQxnVIka1mwcDUEIBU5ngH3QsiODHAF4hOpQjmMMqpXKtmSif3ZGqJ1KkIRDRGqFUg0JLCEAdYfTC1RIUyYtGQCkZM3t9gLJHfjjTPnGGeZLokLBz56rzlQsf%2Fe48iiP2"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-8555d4b97d-c27v2
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
7fbe2b27497cb500-OSL
x-robots-tag
none

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture object| _wpemojiSettings undefined| $ function| jQuery object| _hsq function| hj object| _hjSettings function| gtag object| dataLayer string| ajax_call_url number| perpage number| paged function| filterPost boolean| llcookieless object| formalyze object| leadin_wordpress function| lity object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules function| updatemobieunderline object| moove_frontend_gdpr_scripts function| postscribe function| gdpr_lightbox string| gdpr_consent__strict string| gdpr_consent__thirdparty string| gdpr_consent__advanced string| gdpr_consent__cookies object| megamenu object| _hsp object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| fathom boolean| hubspot_live_messages_running object| HubSpotConversations object| llhelper function| ll_formalyze boolean| lloverrideUrl boolean| llinit boolean| lldebug object| _paq function| sanitizeKey boolean| _hstc_loaded object| twemoji object| wp boolean| _hspb_loaded boolean| _hspb_ran boolean| _hstc_ran string| __hsUserToken number| expireDateTime function| GDPR_ON_DOM_CHANGE

13 Cookies

Domain/Path Name / Value
.occamsec.com/ Name: _ga_41GWFS49N0
Value: GS1.1.1692907090.1.0.1692907090.0.0.0
.occamsec.com/ Name: _ga
Value: GA1.1.1774818726.1692907090
.occamsec.com/ Name: _hjSessionUser_3526541
Value: eyJpZCI6IjcxZjRlNGU4LThmODMtNWE1OS05NmYwLTY3YTkzNzhmZWY2MyIsImNyZWF0ZWQiOjE2OTI5MDcwOTA1MjMsImV4aXN0aW5nIjpmYWxzZX0=
.occamsec.com/ Name: _hjFirstSeen
Value: 1
.occamsec.com/ Name: _hjIncludedInSessionSample_3526541
Value: 0
.occamsec.com/ Name: _hjSession_3526541
Value: eyJpZCI6ImRkMDg0MDk0LTliNDEtNDBjYy05MzE1LWQzOTUxODdlMDY2NiIsImNyZWF0ZWQiOjE2OTI5MDcwOTA1MzEsImluU2FtcGxlIjpmYWxzZX0=
.occamsec.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
lltrck.com/ Name: trackalyzer
Value: ls7303d2-ea77-477f-be04-edf0e2e242d2
.occamsec.com/ Name: __hstc
Value: 256109396.70f8ae959197c14ed3f15a45775e7a17.1692907090982.1692907090982.1692907090982.1
.occamsec.com/ Name: hubspotutk
Value: 70f8ae959197c14ed3f15a45775e7a17
.occamsec.com/ Name: __hssrc
Value: 1
.occamsec.com/ Name: __hssc
Value: 256109396.1.1692907090982
.hubspot.com/ Name: __cf_bm
Value: shAyDMYi8WlVJdSYt8P5cFApJO6tcz9xHZjIIA_fYDg-1692907091-0-AY2s7/YWP99oHCYiOigzFRLnPVAUIHGX/A5v/SsQ4hGQUU403sTzLzaXKHgF8J2r6VRLdxd30JgqEfdUmZwzwnM=

4 Console Messages

Source Level URL
Text
network error URL: https://occamsec.com/html/build/static/images/calendar.svg
Message:
Failed to load resource: the server responded with a status of 404 ()
deprecation warning URL: https://occamsec.com/wp-content/plugins/gdpr-cookie-compliance-addon/assets/js/gdpr_cc_addon.js?ver=3.2.8(Line 83)
Message:
Listener added for a synchronous 'DOMSubtreeModified' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
deprecation warning URL: https://occamsec.com/wp-content/plugins/gdpr-cookie-compliance-addon/assets/js/gdpr_cc_addon.js?ver=3.2.8(Line 83)
Message:
Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
deprecation warning URL: https://occamsec.com/wp-content/plugins/gdpr-cookie-compliance-addon/assets/js/gdpr_cc_addon.js?ver=3.2.8(Line 83)
Message:
Listener added for a synchronous 'DOMNodeRemoved' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubspot.com
cdn.usefathom.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.usemessages.com
lltrck.com
occamsec.com
script.hotjar.com
static.hotjar.com
track.hubspot.com
www.google-analytics.com
www.googletagmanager.com
104.154.87.116
18.66.97.10
2400:52e0:1e00::1080:1
2606:4700:4400::ac40:991b
2606:4700::6810:4dba
2606:4700::6810:be59
2606:4700::6811:fba8
2606:4700::6813:9b53
2a00:1450:4001:80e::2008
2a00:1450:4001:812::200e
35.171.30.244
52.222.236.122
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
111f6d9f597c61d24c2c3718ab2e7f9fefbc10df2b630dfb84956c418600cbae
19ddbd3f35a8f49ec6c6b5074c782c5b9324b8fda7859ee5f632d10e95c02e81
223b69faa213723385b406744f661903b99e4c366abf830920fc1fbe495baba4
28b4c5c949bf53b79235cb7623e28d719e7e3b8587b1af376cadf89b7b865ac5
2e67058111278bf60a5c4d5a9af5f08896f42af5cccbc15520ef0891b4f24424
349c85784ff65d159cfa8a3ed7ee22bfe0287abeaa1254b7aa8dac760a8a823a
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
470c86240e009d21e781d3fe4a63c2d2a5a4a195412992ec37d16b1449daf10b
47b90942d3672527a734d46b2b4553297bfa3d595d648194f6d3d24bf1c4bfe6
4a70fd772afe10b9f95c7928b7a208770b82d3320d0e504f5dcb01087a4f19e0
4c3284ff936ef66a30ada60b2f76e7fc90a5b6167604cda07ba182cd7448e0e7
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5250b94977b0c68062cdf4bf2c489c20d236266d19677b226e5f08fadb10c022
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
54e767d74be23a35bdda6c396e15bf8d20b194ebd8112ca28cabb31f80452418
55c4d362579276afb8524a825c6e998ebebf2fe7af36b454c71291c7cebfc447
577f55df30a6241110e131830fdd35001132bc23bde58dfe4f8f619de964cd21
581c3d26f73511b30d5719b02011f0427970610f210795a0e84685cbf7aef037
59bac91d2928b66c61164d706a17e50327e821312a2939572f511255d1147dd7
5bb26a65047a38977860a683b3eff8ace26e85680299df3a757d84b920dad8da
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5cd5e13e951c6911d68156b5fa553f11399ccb90ffedfcebd3cd4dc9856dff60
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
6d6704439de9041bf659c321fe9a7181d6e0afb026b566de343436bf5c24e478
7eb84f0775ab955e0bd9c090e09330649cd592b25ae7d0c72516f16853fd4b60
7f5e9fa0fd9a80271f24c964a45e02e8027d761eb8ee1ea7aa104b77691c62f0
821b1009e22f85255ee49d1d16d11939e386f3eda9dfcd90801a974d1b93b307
89e11befadb453147740e47b21db4b639b8dff43259487ccd25c7e61c39906c6
8e18ceab464c0cc7751f5f95c48191c4c26634dfb13a088ccc0def55287e57e9
92cb228fb9440bac15485ceee66c5d2b1f193b347cedd8213f1d645e30dc8238
9723f1b59a7e99709f5092e2656fe8975d0857179ec43eefdd57aeac28cb80d5
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
adda31e4875613091e6604082a0bcd61a3543bab8573f8b19898210dedc55a7d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2cee83abea36ee081be0e8ba0a333e6b4134b383004c6f1afb99ff0df26b3a3
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c532d1d7922f4b22b44f24f25d0a2317013412a19376a543eb130db19fdbeb33
cd73903eaa4c2f68097d3cef99d065829214039a39c0f160f664ee35cc089792
cd8c10a711a97ecc9a0af6e0f0ef5adcf44d9aa4486f0f0286ef6c461b154621
cfa21728828e425aaf8672076996ae10034b3c1534483f356680b8bdf27ecc4a
d03ef2885fce6da3c8fcf04438869c41c6a73eb18268afdc438e036479aa8ccf
d07a47cbe2868855178d2d737fe185edf0beb18a7555b7d7c3f67ac0f0f8e4c8
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9ebca871891f9bddbe990b9ee19620b2762bafa0b93b588b350342417597268
ea2acefbe98c7eb05b20a2eba08deacb1075fc030ff0e4d75d7a27cee4af0e60
ebd4ae571ad8059eb549f8236720a418cb9d1d13b9d6773aa97ec2b0ce411cf3
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40
ee03ca80fc937d6ca1b81c8be5e977dc79607f89522363679028724f990b3991
fede46f08675971eaf91f3ab8de4c272e0622f3830a6228ae9cdaffcc78c7668