urlscan.io logo urlscan.io
SecurityTrails logo

d34qgc04.eu1.hubspotlinks.com Open in urlscan Pro
172.65.220.77  Public Scan

Go To Rescan Add Verdict Report
URL: https://d34qgc04.eu1.hubspotlinks.com/Ctc/W4+113/d34QgC04/MVG3vC7Rh8LW5mhN0d4d3r5sW4HyYrL5prNXcN5d8yQ83qn9gW7lCdLW6lZ3kNW6Xh5lj6TMK6MN...
Submission Tags: falconsandbox
Submission: On December 11 via api from US — Scanned from PL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 3 HTTP transactions. The main IP is 172.65.220.77, located in United States and belongs to CLOUDFLARENET, US. The main domain is d34qgc04.eu1.hubspotlinks.com.
TLS certificate: Issued by WE1 on December 10th 2024. Valid for: 3 months.
This is the only time d34qgc04.eu1.hubspotlinks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 172.65.220.77 13335 (CLOUDFLAR...)
1 3 104.26.12.152 13335 (CLOUDFLAR...)
3 2
Apex Domain
Subdomains		 Transfer
3 countercraftsec.com
www.countercraftsec.com
3 KB
2 hubspotlinks.com
d34qgc04.eu1.hubspotlinks.com
4 KB
3 2
Domain Requested by
3 www.countercraftsec.com 1 redirects d34qgc04.eu1.hubspotlinks.com
2 d34qgc04.eu1.hubspotlinks.com 1 redirects
3 2

This site contains no links.

Subject Issuer Validity Valid
hubspotlinks.com
WE1		 2024-12-10 -
2025-03-10		 3 months crt.sh
countercraftsec.com
WE1		 2024-10-14 -
2025-01-12		 3 months crt.sh

This page contains 1 frames:

Frame: https://www.countercraftsec.com/blog/?utm_campaign=Black%20Hat%20MEA%202024&utm_medium=email&_hsenc=p2ANqtz--m4ZxS8wTgI2OHK7i_9dk7QLhtZHzCWQkakcb_veGCUifzbkYytk6FR-Wz1aPOv-Mo3Mguc4toDzpYnGSHOXqqC0De2g&_hsmi=100514600&utm_content=100514600&utm_source=hs_email
Frame ID: 9E9EB6B8ED0084F1368FF3ABF5CF836C
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

3
Requests

67 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

5 kB
Transfer

8 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://d34qgc04.eu1.hubspotlinks.com/events/public/v1/encoded/track/tc/W4+113/d34QgC04/MVG3vC7Rh8LW5mhN0d4d3r5sW4HyYrL5prNXcN5d8yQ83qn9gW7lCdLW6lZ3kNW6Xh5lj6TMK6MN1fp5xt9pXnDW8tM4V32kWZ3VW7_HwMZ78wwGPW3K5qvK912pfyW84970g2BvPB8W59f52H5F5BMJW5MYTkq1ttR-8W6XkwMF7R_DCSN3bXHx28mPmQW1wy31W74j_9fVmDtCb4zJWPkN1wGDfXdvHpRW8jN3ph8wJ5Z1VBmgX798FyPDW94xnQC47yxDHW1qwCg13h9fy3W8DyNMV1TMZn4W3J4SRF4NTPB-W3FSgPj2mHSQCVt5hSX6M8PHLW91Y3MK36BCtXW147xq-3xW40fN4T4ndzSqL9zdc6xfl04?_ud=7ce60a97-f624-4af3-b6e2-53c4a30acbc9&_jss=1&_fl=8&_pl=5&_hc=28&_lg=en-US,en&_plt=Linux%20x86_64&_scr=1600,1200 HTTP 307
  • https://www.countercraftsec.com/blog/?utm_campaign=Black%20Hat%20MEA%202024&utm_medium=email&_hsenc=p2ANqtz--m4ZxS8wTgI2OHK7i_9dk7QLhtZHzCWQkakcb_veGCUifzbkYytk6FR-Wz1aPOv-Mo3Mguc4toDzpYnGSHOXqqC0De2g&_hsmi=100514600&utm_content=100514600&utm_source=hs_email
Request Chain 1
  • https://www.countercraftsec.com/favicon.ico HTTP 302
  • https://www.countercraftsec.com/resources/cropped-CounterCraft-Favicon-1-32x32.png

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request MVG3vC7Rh8LW5mhN0d4d3r5sW4HyYrL5prNXcN5d8yQ83qn9gW7lCdLW6lZ3kNW6Xh5lj6TMK6MN1fp5xt9pXnDW8tM4V32kWZ3VW7_HwMZ78wwGPW3K5qvK912pfyW84970g2BvPB8W59f52H5F5BMJW5MYTkq1ttR-8W6XkwMF7R_DCSN3bXHx28mPmQW1wy31W...
d34qgc04.eu1.hubspotlinks.com/Ctc/W4+113/d34QgC04/ 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d34qgc04.eu1.hubspotlinks.com/Ctc/W4+113/d34QgC04/MVG3vC7Rh8LW5mhN0d4d3r5sW4HyYrL5prNXcN5d8yQ83qn9gW7lCdLW6lZ3kNW6Xh5lj6TMK6MN1fp5xt9pXnDW8tM4V32kWZ3VW7_HwMZ78wwGPW3K5qvK912pfyW84970g2BvPB8W59f52H5F5BMJW5MYTkq1ttR-8W6XkwMF7R_DCSN3bXHx28mPmQW1wy31W74j_9fVmDtCb4zJWPkN1wGDfXdvHpRW8jN3ph8wJ5Z1VBmgX798FyPDW94xnQC47yxDHW1qwCg13h9fy3W8DyNMV1TMZn4W3J4SRF4NTPB-W3FSgPj2mHSQCVt5hSX6M8PHLW91Y3MK36BCtXW147xq-3xW40fN4T4ndzSqL9zdc6xfl04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.220.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
false
cf-cache-status
DYNAMIC
cf-ray
8f050e280bb4bf1b-WAW
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Wed, 11 Dec 2024 11:15:10 GMT
referrer-policy
no-referrer
server
cloudflare
vary
origin
x-content-type-options
nosniff
x-envoy-upstream-service-time
4
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
fra04/event-tracking-td/envoy-proxy-76fcdf744c-5pd68
x-evy-trace-virtual-host
all
x-hubspot-correlation-id
68cf58ac-83f6-4c59-9aaf-30800c46308b
x-request-id
68cf58ac-83f6-4c59-9aaf-30800c46308b
x-robots-tag
none
/
www.countercraftsec.com/blog/
Redirect Chain
  • https://d34qgc04.eu1.hubspotlinks.com/events/public/v1/encoded/track/tc/W4+113/d34QgC04/MVG3vC7Rh8LW5mhN0d4d3r5sW4HyYrL5prNXcN5d8yQ83qn9gW7lCdLW6lZ3kNW6Xh5lj6TMK6MN1fp5xt9pXnDW8tM4V32kWZ3VW7_HwMZ78...
  • https://www.countercraftsec.com/blog/?utm_campaign=Black%20Hat%20MEA%202024&utm_medium=email&_hsenc=p2ANqtz--m4ZxS8wTgI2OHK7i_9dk7QLhtZHzCWQkakcb_veGCUifzbkYytk6FR-Wz1aPOv-Mo3Mguc4toDzpYnGSHOXqqC0D...
0
1020 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.countercraftsec.com/blog/?utm_campaign=Black%20Hat%20MEA%202024&utm_medium=email&_hsenc=p2ANqtz--m4ZxS8wTgI2OHK7i_9dk7QLhtZHzCWQkakcb_veGCUifzbkYytk6FR-Wz1aPOv-Mo3Mguc4toDzpYnGSHOXqqC0De2g&_hsmi=100514600&utm_content=100514600&utm_source=hs_email
Requested by
Host: d34qgc04.eu1.hubspotlinks.com
URL: https://d34qgc04.eu1.hubspotlinks.com/Ctc/W4+113/d34QgC04/MVG3vC7Rh8LW5mhN0d4d3r5sW4HyYrL5prNXcN5d8yQ83qn9gW7lCdLW6lZ3kNW6Xh5lj6TMK6MN1fp5xt9pXnDW8tM4V32kWZ3VW7_HwMZ78wwGPW3K5qvK912pfyW84970g2BvPB8W59f52H5F5BMJW5MYTkq1ttR-8W6XkwMF7R_DCSN3bXHx28mPmQW1wy31W74j_9fVmDtCb4zJWPkN1wGDfXdvHpRW8jN3ph8wJ5Z1VBmgX798FyPDW94xnQC47yxDHW1qwCg13h9fy3W8DyNMV1TMZn4W3J4SRF4NTPB-W3FSgPj2mHSQCVt5hSX6M8PHLW91Y3MK36BCtXW147xq-3xW40fN4T4ndzSqL9zdc6xfl04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; upgrade-insecure-requests
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://d34qgc04.eu1.hubspotlinks.com/Ctc/W4+113/d34QgC04/MVG3vC7Rh8LW5mhN0d4d3r5sW4HyYrL5prNXcN5d8yQ83qn9gW7lCdLW6lZ3kNW6Xh5lj6TMK6MN1fp5xt9pXnDW8tM4V32kWZ3VW7_HwMZ78wwGPW3K5qvK912pfyW84970g2BvPB8W59f52H5F5BMJW5MYTkq1ttR-8W6XkwMF7R_DCSN3bXHx28mPmQW1wy31W74j_9fVmDtCb4zJWPkN1wGDfXdvHpRW8jN3ph8wJ5Z1VBmgX798FyPDW94xnQC47yxDHW1qwCg13h9fy3W8DyNMV1TMZn4W3J4SRF4NTPB-W3FSgPj2mHSQCVt5hSX6M8PHLW91Y3MK36BCtXW147xq-3xW40fN4T4ndzSqL9zdc6xfl04
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0
cf-apo-via
origin,qs
cf-cache-status
BYPASS
cf-edge-cache
cache,platform=wordpress
cf-ray
8f050e2a7968dca8-FRA
content-encoding
br
content-security-policy
frame-ancestors 'none'; upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Wed, 11 Dec 2024 11:15:11 GMT
expect-ct
enforce; max-age=604800
expires
Wed, 11 Dec 2024 11:15:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
interest-cohort=()
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zgszRz9%2F3i3vWIwd7GOiwX4vFvMYWKBWyvQrQYLDfwVCzIsiCEIQ%2B8nWeMQ6Ku71sfa5fI0BPgsyyYQVqkBXDzTYGbUCNlMSgUf1iKHPyDRzpzxxNXmRUm1b8vCvrCJcbkJQK0BtWwh1"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfCacheStatus;desc="BYPASS" cfL4;desc="?proto=TCP&rtt=17310&min_rtt=16685&rtt_var=3139&sent=7&recv=10&lost=0&retrans=0&sent_bytes=4008&recv_bytes=2558&delivery_rate=256813&cwnd=255&unsent_bytes=0&cid=ae89e213b8484e3d&ts=216&x=0"
strict-transport-security
max-age=15552000
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-served-by
www.countercraftsec.com
x-xss-protection
1; mode=block

Redirect headers

access-control-allow-credentials
false
cf-cache-status
DYNAMIC
cf-ray
8f050e28fd0ebf1b-WAW
date
Wed, 11 Dec 2024 11:15:10 GMT
link
<https://www.countercraftsec.com/blog/?utm_campaign=Black%20Hat%20MEA%202024&utm_medium=email&_hsenc=p2ANqtz--m4ZxS8wTgI2OHK7i_9dk7QLhtZHzCWQkakcb_veGCUifzbkYytk6FR-Wz1aPOv-Mo3Mguc4toDzpYnGSHOXqqC0De2g&_hsmi=100514600&utm_content=100514600&utm_source=hs_email>; rel="canonical"
location
https://www.countercraftsec.com/blog/?utm_campaign=Black%20Hat%20MEA%202024&utm_medium=email&_hsenc=p2ANqtz--m4ZxS8wTgI2OHK7i_9dk7QLhtZHzCWQkakcb_veGCUifzbkYytk6FR-Wz1aPOv-Mo3Mguc4toDzpYnGSHOXqqC0De2g&_hsmi=100514600&utm_content=100514600&utm_source=hs_email
referrer-policy
no-referrer
server
cloudflare
vary
origin
x-content-type-options
nosniff
x-envoy-upstream-service-time
35
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
fra04/event-tracking-td/envoy-proxy-76fcdf744c-q8n9h
x-evy-trace-virtual-host
all
x-hubspot-correlation-id
9ec03d83-d0c8-46b9-9f16-4be614394f11
x-request-id
9ec03d83-d0c8-46b9-9f16-4be614394f11
x-robots-tag
none
cropped-CounterCraft-Favicon-1-32x32.png
www.countercraftsec.com/resources/
Redirect Chain
  • https://www.countercraftsec.com/favicon.ico
  • https://www.countercraftsec.com/resources/cropped-CounterCraft-Favicon-1-32x32.png
679 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.countercraftsec.com/resources/cropped-CounterCraft-Favicon-1-32x32.png
Protocol
H2
Server
104.26.12.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4ef591686fcadc841760d3b4ad93e9278fcafbe47c8fc49f510f147d21b9408
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';, upgrade-insecure-requests
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.countercraftsec.com/blog/?utm_campaign=Black%20Hat%20MEA%202024&utm_medium=email&_hsenc=p2ANqtz--m4ZxS8wTgI2OHK7i_9dk7QLhtZHzCWQkakcb_veGCUifzbkYytk6FR-Wz1aPOv-Mo3Mguc4toDzpYnGSHOXqqC0De2g&_hsmi=100514600&utm_content=100514600&utm_source=hs_email

Response headers

cf-cache-status
HIT
age
135216
expect-ct
enforce; max-age=604800
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eDnP7NEQ8SzaGUZup3W4TqGlctmBN8296%2FtXdMSazzpVt87slQkVn3dcNe5dNVmRQmPLY3o1wTCJ1o3oO1p93iljj%2FmbA4Q8NQqBCzRA650qRRIiGIaBvO7CyKikb7yCK3jLxmAPBX6L"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Tue, 08 Apr 2025 21:41:35 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=21213&min_rtt=16640&rtt_var=9500&sent=15&recv=17&lost=0&retrans=0&sent_bytes=5672&recv_bytes=3059&delivery_rate=256813&cwnd=258&unsent_bytes=0&cid=ae89e213b8484e3d&ts=467&x=0"
date
Wed, 11 Dec 2024 11:15:11 GMT
content-type
image/png
last-modified
Tue, 10 Sep 2024 08:53:20 GMT
x-served-by
www.countercraftsec.com
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000
vary
Accept-Encoding
content-security-policy
frame-ancestors 'none';, upgrade-insecure-requests
cache-control
max-age=10368000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8f050e2cd800dca8-FRA
permissions-policy
interest-cohort=()
accept-ranges
bytes
content-length
679
x-xss-protection
1; mode=block
server
cloudflare

Redirect headers

cf-edge-cache
cache,platform=wordpress
cf-cache-status
MISS
expect-ct
enforce; max-age=604800
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=99%2FSQRl2OyB7gS7GrXsHEfn%2FgMQIkxhloS6MzTt9ERIydBH6ZzYLWJSZn5XVDMn8k3RxkgHGNYf9xnXDvXCJbwgJrhIFQG%2Fzw7QEYR%2FrhZ%2F4N%2BCdpJFwnfmwEJXu2yvGHoiA5ofgW98m"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Wed, 11 Dec 2024 11:15:11 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=22612&min_rtt=16685&rtt_var=12577&sent=11&recv=13&lost=0&retrans=0&sent_bytes=5094&recv_bytes=2936&delivery_rate=256813&cwnd=258&unsent_bytes=0&cid=ae89e213b8484e3d&ts=401&x=0"
date
Wed, 11 Dec 2024 11:15:11 GMT
content-type
text/html; charset=UTF-8
x-served-by
www.countercraftsec.com
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-redirect-by
WordPress
strict-transport-security
max-age=15552000
content-security-policy
frame-ancestors 'none';, upgrade-insecure-requests
cache-control
max-age=14400
location
https://www.countercraftsec.com/resources/cropped-CounterCraft-Favicon-1-32x32.png
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8f050e2bbcb7dca8-FRA
permissions-policy
interest-cohort=()
x-xss-protection
1; mode=block
server
cloudflare

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Domain/Path Name / Value
www.countercraftsec.com/ Name: wordpress_google_apps_login
Value: 74f1e58004bd574e74bf387b6449162a

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d34qgc04.eu1.hubspotlinks.com
www.countercraftsec.com
104.26.12.152
172.65.220.77
c4ef591686fcadc841760d3b4ad93e9278fcafbe47c8fc49f510f147d21b9408
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855