URL: https://threatintelligence.guardicore.com/domain/as13285.net
Submission: On June 14 via manual from US — Scanned from DE

Summary

This website contacted 56 IPs in 5 countries across 43 domains to perform 138 HTTP transactions. The main IP is 34.95.107.128, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is threatintelligence.guardicore.com.
TLS certificate: Issued by GTS CA 1D4 on June 11th 2022. Valid for: 3 months.
This is the only time threatintelligence.guardicore.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
37 34.95.107.128 15169 (GOOGLE)
2 23.32.58.227 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a02:26f0:f7:... 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:ef:... 20940 (AKAMAI-ASN1)
6 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.98 15169 (GOOGLE)
1 143.204.89.12 16509 (AMAZON-02)
1 2a02:26f0:f7:... 20940 (AKAMAI-ASN1)
1 4 2620:1ec:c11:... 8068 (MICROSOFT...)
1 199.232.188.157 54113 (FASTLY)
2 2a03:2880:f01... 32934 (FACEBOOK)
8 96.16.137.162 16625 (AKAMAI-AS)
4 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2 143.204.89.68 16509 (AMAZON-02)
3 3 2620:1ec:22::14 8068 (MICROSOFT...)
1 13.107.43.14 8068 (MICROSOFT...)
1 3 37.252.173.215 29990 (ASN-APPNEX)
1 2a02:26f0:170... 20940 (AKAMAI-ASN1)
1 143.204.89.5 16509 (AMAZON-02)
2 2a03:2880:f11... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 13.32.121.127 16509 (AMAZON-02)
2 3.235.80.119 14618 (AMAZON-AES)
3 99.81.187.183 16509 (AMAZON-02)
1 2600:9000:215... 16509 (AMAZON-02)
1 104.244.42.133 13414 (TWITTER)
1 104.244.42.131 13414 (TWITTER)
4 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 54.76.37.156 16509 (AMAZON-02)
1 143.204.89.13 16509 (AMAZON-02)
2 5 193.0.160.128 54312 (ROCKETFUEL)
1 54.229.11.213 16509 (AMAZON-02)
1 1 142.250.186.66 15169 (GOOGLE)
1 37.252.173.38 29990 (ASN-APPNEX)
1 69.173.144.139 26667 (RUBICONPR...)
1 2 52.215.108.43 16509 (AMAZON-02)
1 3.124.210.90 16509 (AMAZON-02)
1 2.18.235.93 16625 (AKAMAI-AS)
1 35.157.38.154 16509 (AMAZON-02)
2 35.244.174.68 15169 (GOOGLE)
1 18.210.53.250 14618 (AMAZON-AES)
1 2 69.192.160.245 16625 (AKAMAI-AS)
1 104.90.192.27 16625 (AKAMAI-AS)
1 2 185.94.180.125 35220 (SPOTX-AMS)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 18.156.126.13 16509 (AMAZON-02)
1 63.35.239.153 16509 (AMAZON-02)
1 2 52.29.193.101 16509 (AMAZON-02)
2 2 151.101.194.49 54113 (FASTLY)
2 2620:1ec:27::... 8075 (MICROSOFT...)
2 35.172.122.116 14618 (AMAZON-AES)
1 2 20.234.93.27 8075 (MICROSOFT...)
3 20.75.32.255 8075 (MICROSOFT...)
138 56
Apex Domain
Subdomains
Transfer
37 guardicore.com
threatintelligence.guardicore.com
483 KB
11 clicktale.net
cdnssl.clicktale.net — Cisco Umbrella Rank: 5158
q-aus1.clicktale.net — Cisco Umbrella Rank: 5951
c.clicktale.net — Cisco Umbrella Rank: 4795
k-aus1.clicktale.net — Cisco Umbrella Rank: 5582
74 KB
9 6sc.co
j.6sc.co — Cisco Umbrella Rank: 8285
c.6sc.co — Cisco Umbrella Rank: 12139
ipv6.6sc.co — Cisco Umbrella Rank: 8556
b.6sc.co — Cisco Umbrella Rank: 5440
15 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 595
c.clarity.ms — Cisco Umbrella Rank: 1161
b.clarity.ms — Cisco Umbrella Rank: 5699
26 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 60
20 KB
5 rfihub.com
20838322p.rfihub.com
a.rfihub.com — Cisco Umbrella Rank: 3359
p.rfihub.com — Cisco Umbrella Rank: 796
7 KB
5 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
stats.g.doubleclick.net — Cisco Umbrella Rank: 125
cm.g.doubleclick.net — Cisco Umbrella Rank: 217
4 KB
5 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 677
script.hotjar.com — Cisco Umbrella Rank: 992
vars.hotjar.com — Cisco Umbrella Rank: 1037
in.hotjar.com — Cisco Umbrella Rank: 1674
ws35.hotjar.com — Cisco Umbrella Rank: 61054
68 KB
5 typekit.net
use.typekit.net — Cisco Umbrella Rank: 637
p.typekit.net — Cisco Umbrella Rank: 782
83 KB
4 google.de
www.google.de — Cisco Umbrella Rank: 5111
870 B
4 google.com
www.google.com — Cisco Umbrella Rank: 9
736 B
4 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 435
ib.adnxs.com — Cisco Umbrella Rank: 247
4 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 370
www.linkedin.com — Cisco Umbrella Rank: 527
px4.ads.linkedin.com — Cisco Umbrella Rank: 5965
3 KB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 389
c.bing.com — Cisco Umbrella Rank: 229
13 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 687
607 B
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 303
1 KB
2 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 530
1 KB
2 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 623
2 KB
2 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 344
107 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 212
2 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 91
388 B
2 rezync.com
live.rezync.com — Cisco Umbrella Rank: 1741
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 158
109 KB
2 gstatic.com
fonts.gstatic.com
46 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
2 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 96
124 KB
2 creativecloud.com
webfonts.creativecloud.com — Cisco Umbrella Rank: 79979
33 KB
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 468
337 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 459
377 B
1 tremorhub.com
partners.tremorhub.com — Cisco Umbrella Rank: 1068
183 B
1 addthis.com
x.dlx.addthis.com — Cisco Umbrella Rank: 1199
191 B
1 rtactivate.com
bpi.rtactivate.com — Cisco Umbrella Rank: 1979
109 B
1 serving-sys.com
bs.serving-sys.com — Cisco Umbrella Rank: 1172
105 B
1 media.net
contextual.media.net — Cisco Umbrella Rank: 553
616 B
1 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1079
344 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 358
239 B
1 hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 2428
257 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 554
354 B
1 t.co
t.co — Cisco Umbrella Rank: 466
337 B
1 rfihub.net
c1.rfihub.net — Cisco Umbrella Rank: 5423
6 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 681
14 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 953
3 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 133
15 KB
138 43
Domain Requested by
37 threatintelligence.guardicore.com threatintelligence.guardicore.com
6 b.6sc.co threatintelligence.guardicore.com
6 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 www.google.de threatintelligence.guardicore.com
4 www.google.com threatintelligence.guardicore.com
4 cdnssl.clicktale.net threatintelligence.guardicore.com
cdnssl.clicktale.net
4 use.typekit.net threatintelligence.guardicore.com
3 b.clarity.ms www.clarity.ms
3 p.rfihub.com 2 redirects threatintelligence.guardicore.com
3 c.clicktale.net threatintelligence.guardicore.com
3 secure.adnxs.com 1 redirects j.6sc.co
threatintelligence.guardicore.com
3 bat.bing.com www.googletagmanager.com
bat.bing.com
threatintelligence.guardicore.com
2 c.clarity.ms 1 redirects
2 k-aus1.clicktale.net cdnssl.clicktale.net
2 www.clarity.ms bat.bing.com
www.clarity.ms
2 sync-tm.everesttech.net 2 redirects
2 x.bidswitch.net 1 redirects threatintelligence.guardicore.com
2 sync.search.spotxchange.com 1 redirects threatintelligence.guardicore.com
2 dsum-sec.casalemedia.com 1 redirects threatintelligence.guardicore.com
2 idsync.rlcdn.com threatintelligence.guardicore.com
2 dpm.demdex.net 1 redirects threatintelligence.guardicore.com
2 q-aus1.clicktale.net cdnssl.clicktale.net
2 stats.g.doubleclick.net www.google-analytics.com
2 googleads.g.doubleclick.net www.googleadservices.com
2 www.facebook.com threatintelligence.guardicore.com
2 px.ads.linkedin.com 2 redirects
2 live.rezync.com 1 redirects threatintelligence.guardicore.com
2 connect.facebook.net threatintelligence.guardicore.com
connect.facebook.net
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com threatintelligence.guardicore.com
2 www.googletagmanager.com threatintelligence.guardicore.com
2 webfonts.creativecloud.com threatintelligence.guardicore.com
webfonts.creativecloud.com
1 c.bing.com 1 redirects
1 beacon.krxd.net threatintelligence.guardicore.com
1 aa.agkn.com threatintelligence.guardicore.com
1 partners.tremorhub.com threatintelligence.guardicore.com
1 x.dlx.addthis.com threatintelligence.guardicore.com
1 bpi.rtactivate.com threatintelligence.guardicore.com
1 bs.serving-sys.com threatintelligence.guardicore.com
1 contextual.media.net threatintelligence.guardicore.com
1 ps.eyeota.net threatintelligence.guardicore.com
1 pixel.rubiconproject.com threatintelligence.guardicore.com
1 ib.adnxs.com threatintelligence.guardicore.com
1 a.rfihub.com threatintelligence.guardicore.com
1 cm.g.doubleclick.net 1 redirects
1 ws35.hotjar.com script.hotjar.com
1 20838322p.rfihub.com c1.rfihub.net
1 vc.hotjar.io script.hotjar.com
1 in.hotjar.com script.hotjar.com
1 analytics.twitter.com threatintelligence.guardicore.com
1 t.co threatintelligence.guardicore.com
1 c1.rfihub.net threatintelligence.guardicore.com
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 ipv6.6sc.co j.6sc.co
1 c.6sc.co j.6sc.co
1 px4.ads.linkedin.com threatintelligence.guardicore.com
1 www.linkedin.com 1 redirects
1 j.6sc.co threatintelligence.guardicore.com
1 static.ads-twitter.com www.googletagmanager.com
1 snap.licdn.com www.googletagmanager.com
1 static.hotjar.com www.googletagmanager.com
1 www.googleadservices.com www.googletagmanager.com
1 p.typekit.net threatintelligence.guardicore.com
138 64

This site contains links to these domains. Also see Links.

Domain
www.guardicore.com
www.linkedin.com
twitter.com
www.facebook.com
customers.guardicore.com
Subject Issuer Validity Valid
threatintelligence.guardicore.com
GTS CA 1D4
2022-06-11 -
2022-09-09
3 months crt.sh
*.typekit.net
DigiCert TLS RSA SHA256 2020 CA1
2021-12-05 -
2022-12-06
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-05-25 -
2022-08-17
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-05-30 -
2022-08-22
3 months crt.sh
use.typekit.net
DigiCert TLS RSA SHA256 2020 CA1
2022-03-07 -
2023-04-07
a year crt.sh
*.gstatic.com
GTS CA 1C3
2022-05-25 -
2022-08-17
3 months crt.sh
www.googleadservices.com
GTS CA 1C3
2022-05-25 -
2022-08-17
3 months crt.sh
*.hotjar.com
Amazon
2021-11-25 -
2022-12-23
a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA
2022-03-01 -
2023-03-01
a year crt.sh
www.bing.com
Microsoft RSA TLS CA 01
2022-06-10 -
2022-12-10
6 months crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1
2021-07-21 -
2022-07-26
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-03-23 -
2022-06-21
3 months crt.sh
*.6sc.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-03-08 -
2023-03-11
a year crt.sh
*.clicktale.net
DigiCert SHA2 Secure Server CA
2021-10-18 -
2022-10-18
a year crt.sh
*.rezync.com
Amazon
2021-12-26 -
2023-01-23
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2022-02-11 -
2023-03-14
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-05-25 -
2022-08-17
3 months crt.sh
q-aus1.clicktale.net
Amazon
2021-08-11 -
2022-09-09
a year crt.sh
c.clicktale.net
Amazon
2021-09-14 -
2022-10-13
a year crt.sh
*.rfihub.net
Amazon
2021-12-29 -
2023-01-27
a year crt.sh
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-03-07 -
2023-03-06
a year crt.sh
*.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-03-07 -
2023-03-06
a year crt.sh
www.google.com
GTS CA 1C3
2022-05-25 -
2022-08-17
3 months crt.sh
www.google.de
GTS CA 1C3
2022-05-25 -
2022-08-17
3 months crt.sh
*.hotjar.io
Amazon
2021-08-17 -
2022-09-15
a year crt.sh
*.rfihub.com
Sectigo RSA Domain Validation Secure Server CA
2020-06-18 -
2022-06-18
2 years crt.sh
*.google.com
GTS CA 1C3
2022-05-25 -
2022-08-17
3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2022-03-08 -
2023-04-04
a year crt.sh
*.media.net
DigiCert SHA2 Secure Server CA
2022-02-20 -
2023-02-22
a year crt.sh
bs.serving-sys.com
Amazon
2022-04-10 -
2023-05-09
a year crt.sh
rtactivate.com
Amazon
2022-04-13 -
2023-05-12
a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2022-02-03 -
2023-02-25
a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA
2022-02-26 -
2023-03-01
a year crt.sh
*.tremorhub.com
Amazon
2022-03-24 -
2023-04-22
a year crt.sh
*.agkn.com
RapidSSL RSA CA 2018
2020-07-25 -
2022-09-18
2 years crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1
2021-11-03 -
2022-11-02
a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1
2022-02-27 -
2023-02-27
a year crt.sh
k-aus1.clicktale.net
Amazon
2021-09-17 -
2022-10-16
a year crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 02
2022-06-07 -
2023-06-02
a year crt.sh

This page contains 3 frames:

Primary Page: https://threatintelligence.guardicore.com/domain/as13285.net
Frame ID: CE2C63209CBEBB6078233B5824510EF3
Requests: 118 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html
Frame ID: E7F7663B9529B6AE4A747A6D0ECE435E
Requests: 1 HTTP requests in this frame

Frame: https://20838322p.rfihub.com/ca.html?ver=9&rb=45812&ca=20838322&_o=45812&_t=20838322&pe=https%3A%2F%2Fthreatintelligence.guardicore.com%2Fdomain%2Fas13285.net&pf=&ra=6035587972015592
Frame ID: C090B582F0F321E828D3A5E3155E1506
Requests: 19 HTTP requests in this frame

Screenshot

Page Title

Discover Malicious Domains - Cyber Threat Intelligence | Guardicore

Detected technologies

Overall confidence: 100%
Detected patterns
  • require.*\.js

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • serving-sys\.com/

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

138
Requests

91 %
HTTPS

34 %
IPv6

43
Domains

64
Subdomains

56
IPs

5
Countries

1180 kB
Transfer

2718 kB
Size

66
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=257082&time=1655211431814&url=https%3A%2F%2Fthreatintelligence.guardicore.com%2Fdomain%2Fas13285.net HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D257082%26time%3D1655211431814%26url%3Dhttps%253A%252F%252Fthreatintelligence.guardicore.com%252Fdomain%252Fas13285.net%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=257082&time=1655211431814&url=https%3A%2F%2Fthreatintelligence.guardicore.com%2Fdomain%2Fas13285.net&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=257082&time=1655211431814&url=https%3A%2F%2Fthreatintelligence.guardicore.com%2Fdomain%2Fas13285.net&liSync=true&e_ipv6=AQKbpx-SprFfEgAAAYFiShlYxViFOp2D4MHoDleh2Rql365K47bs0bxF5KoxZlQTiXXF2oSe
Request Chain 77
  • https://secure.adnxs.com/seg?add=29539393&t=1 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D29539393%26t%3D1
Request Chain 95
  • https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEzNDQ1NTQyMTQwMTI3Mzg2Ng==&forward= HTTP 302
  • https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEN5IDa5RKx_d0ip_vJuzZDA&google_cver=1
Request Chain 98
  • https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5134455421401273866&redir= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5134455421401273866&redir=
Request Chain 99
  • https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
  • https://ps.eyeota.net/match?uid=5134455421401273866&bid=omt9pi0
Request Chain 102
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5134455421401273866&referrer=https%3A%2F%2Fthreatintelligence.guardicore.com%2Fdomain%2Fas13285.net HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=0&userid=58ef27b3-02f1-464f-9119-a18827efcc12%3A1655211431.92&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D58ef27b3-02f1-464f-9119-a18827efcc12%253A1655211431.92 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=58ef27b3-02f1-464f-9119-a18827efcc12%3A1655211431.92
Request Chain 104
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5134455421401273866&forward= HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5134455421401273866&forward=&C=1
Request Chain 107
  • https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5134455421401273866&img=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5134455421401273866&img=1&__user_check__=1&sync_id=821c702e-ebe1-11ec-a910-17f3d7a10306
Request Chain 111
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5134455421401273866&expires=30 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5134455421401273866&expires=30
Request Chain 112
  • https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=YqiFqAAIx1oZVwAj HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=21653&userid=YqiFqAAIx1oZVwAj&_test=YqiFqAAIx1oZVwAj
Request Chain 125
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=186529CFE6CF4031B55665299E21DD60&RedC=c.clarity.ms&MXFR=3B4DA4CC30B969751F2DB50F34B9675C HTTP 302
  • https://c.clarity.ms/c.gif?CtsSyncId=186529CFE6CF4031B55665299E21DD60&MUID=120347BC6D416A531994567F6C2A6B35

138 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request as13285.net
threatintelligence.guardicore.com/domain/
53 KB
11 KB
Document
General
Full URL
https://threatintelligence.guardicore.com/domain/as13285.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.107.128 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
128.107.95.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
680a2b529d1eb70cbbfc721298123a963f8ee0469f2c11cfcf93add9daad6173

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-transform,max-age=3600,public
content-encoding
gzip
content-length
10355
content-type
text/html
date
Tue, 14 Jun 2022 12:57:10 GMT
etag
"d73d617c87aa905e6d25eef5a24591fb"
expires
Tue, 14 Jun 2022 13:57:10 GMT
last-modified
Wed, 20 Apr 2022 11:12:02 GMT
server
UploadServer
x-goog-generation
1650453122367458
x-goog-hash
crc32c=eukCeA== md5=1z1hfIeqkF5tJe71okWR+w==
x-goog-metageneration
1
x-goog-storage-class
MULTI_REGIONAL
x-goog-stored-content-encoding
gzip
x-goog-stored-content-length
10355
x-guploader-uploadid
ADPycduCJYy1_XRVDKtwOM_hmKPjOgYOIJk9GvRekP5yZhR2Q3Qa1oRKU4Afe8fvloAjeq-MFxOb2CzFURk_NgOZC7d4kDQW_fp7
site_global.css
threatintelligence.guardicore.com/css/
9 KB
3 KB
Stylesheet
General
Full URL
https://threatintelligence.guardicore.com/css/site_global.css?crc=356414607
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/domain/as13285.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.107.128 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
128.107.95.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
454dba72d39158a6661ab9faf9dc09349962599e182fd5d85ed9d734abec18c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/domain/as13285.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 12:57:11 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ADPycdvD1XY4zB2Wp_ZvW4KB-JCSuq7egS9GTFpMppnPuRijfwaY3fhV0CI7UvY30NdV0h1sboV2bCchzHJLJN9gky1jCc0e3mY2
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2574
last-modified
Thu, 17 Sep 2020 07:35:55 GMT
server
UploadServer
etag
"982f44521e5efd3dc739088722068afb"
x-goog-hash
crc32c=ouWP0Q==, md5=mC9EUh5e/T3HOQiHIgaK+w==
x-goog-generation
1600328155100252
cache-control
no-transform,max-age=3600,public
x-goog-stored-content-length
2574
accept-ranges
bytes
content-type
text/css
expires
Tue, 14 Jun 2022 13:57:11 GMT
master_a-master.css
threatintelligence.guardicore.com/css/
13 KB
2 KB
Stylesheet
General
Full URL
https://threatintelligence.guardicore.com/css/master_a-master.css?crc=3795897440
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/domain/as13285.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.107.128 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
128.107.95.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ae537a9521a939eebecea9ddd730d8bb24057f3cd440f5c0c7cd7ffedadc9966

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/domain/as13285.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 12:57:11 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ADPycdvMbDahKKSH28jGOPuCFHrk5w22l8VrGdGI12Ak9GXemxLSG-gaIDQ6wmel0ruaJMkvsoXrhSM857v93cdSr5-Fruu0fpUZ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1675
last-modified
Thu, 17 Sep 2020 07:35:44 GMT
server
UploadServer
etag
"f38bc485b393b5b5d7dc79788f68fd41"
x-goog-hash
crc32c=Q5fDNQ==, md5=84vEhbOTtbXX3Hl4j2j9QQ==
x-goog-generation
1600328144387304
cache-control
no-transform,max-age=3600,public
x-goog-stored-content-length
1675
accept-ranges
bytes
content-type
text/css
expires
Tue, 14 Jun 2022 13:57:11 GMT
outer_template.css
threatintelligence.guardicore.com/css/
32 KB
5 KB
Stylesheet
General
Full URL
https://threatintelligence.guardicore.com/css/outer_template.css?crc=3795006131
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/domain/as13285.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.107.128 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
128.107.95.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
089c3554bc83e105065e3cf5c4d313bcada8d7f4d37af73a7ba54963e9aad7f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/domain/as13285.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 12:57:11 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ADPycdve2OrqZK2Bv9g2aP-ZN5KkpMy3W-T8UZLnYmrOhWcP_KDMAiYtTVxXyGJd5gO70K201BxNVt-q2YWU7BXizkAzmnxX2PHn
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4378
last-modified
Thu, 17 Sep 2020 07:35:51 GMT
server
UploadServer
etag
"024b85f1cfafdee36b0844d5f4818bfe"
x-goog-hash
crc32c=SaoCzw==, md5=AkuF8c+v3uNrCETV9IGL/g==
x-goog-generation
1600328151959182
cache-control
no-transform,max-age=3600,public
x-goog-stored-content-length
4378
accept-ranges
bytes
content-type
text/css
expires
Tue, 14 Jun 2022 13:57:11 GMT
lato:n7:default.js
webfonts.creativecloud.com/
24 KB
9 KB
Script
General
Full URL
https://webfonts.creativecloud.com/lato:n7:default.js
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/domain/as13285.net
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.32.58.227 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-58-227.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
41a4f9e415440b1fb28a529727cf27ad3a4ce6e2f0fd4d77f04319748544c196
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains;
Content-Encoding
gzip
Server
nginx
Date
Tue, 14 Jun 2022 12:57:11 GMT
Vary
Accept-Encoding
Content-Type
text/javascript;charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
9197
js
www.googletagmanager.com/gtag/
101 KB
39 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-53878132-1
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/domain/as13285.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d1d7fbe3dcb3544af191f3e81d92072a00fb703147b934e4a35f86771de12888
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 12:57:11 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39793
x-xss-protection
0
last-modified
Tue, 14 Jun 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 14 Jun 2022 12:57:11 GMT
fonts.css
threatintelligence.guardicore.com/fonts/
8 KB
1 KB
Stylesheet
General
Full URL
https://threatintelligence.guardicore.com/fonts/fonts.css
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/domain/as13285.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.107.128 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
128.107.95.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
22f0b3bb6c7c30e1643a45801dc0882ec86ebcdf98cd3aec96e19a0231b13e3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/domain/as13285.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 12:57:11 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ADPycdsD40R-UzmQYxjJUk3rjAWdPJzrNbm15vizy6a_Bp6L9kTaJwqH6p1GJq8OoT9L64QQCC_tlPj5Xx7Cfs3AypVAXEaRpyHv
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1033
last-modified
Thu, 17 Sep 2020 07:36:07 GMT
server
UploadServer
etag
"b9ee45c744da03446e18a4a001c52633"
x-goog-hash
crc32c=2BEjlw==, md5=ue5Fx0TaA0RuGKSgAcUmMw==
x-goog-generation
1600328167486521
cache-control
no-transform,max-age=3600,public
x-goog-stored-content-length
1033
accept-ranges
bytes
content-type
text/css
expires
Tue, 14 Jun 2022 13:57:11 GMT
css
fonts.googleapis.com/
3 KB
933 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,700,900
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/domain/as13285.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5ef043454b128260dda530a42312fbb985505034036cd3f3ea23cfe324a7905b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 14 Jun 2022 11:12:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 14 Jun 2022 12:57:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Jun 2022 12:57:11 GMT
css
fonts.googleapis.com/
6 KB
719 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto+Mono:100,300,400
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/domain/as13285.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
630ae4d46b415a0fa2cfc5f213fccafada1d09d0e584181937ca2b61787c97c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 14 Jun 2022 12:57:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 14 Jun 2022 12:57:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Jun 2022 12:57:11 GMT
extra.css
threatintelligence.guardicore.com/css/
9 KB
2 KB
Stylesheet
General
Full URL
https://threatintelligence.guardicore.com/css/extra.css
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/domain/as13285.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.107.128 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
128.107.95.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
6521231bcf646fd7e29b52fd7cfbfeb64e96e5c355f5a099609774ccff74ba9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/domain/as13285.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 12:57:11 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ADPycdsLTwI2LlHpIYIzxc2wfiKamxnVgTa5ll5RfZ7jeMydOVLK8Sp8eEyMxi6-Z_Ymm-FaRFWTb6dnbC8aBP7eVY30ZYYWwwbc
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2136
last-modified
Thu, 17 Sep 2020 07:35:38 GMT
server
UploadServer
etag
"6e6fa7aeba20de35329090795da51da8"
x-goog-hash
crc32c=eqx9gA==, md5=bm+nrrog3jUykJB5XaUdqA==
x-goog-generation
1600328138764114
cache-control
no-transform,max-age=3600,public
x-goog-stored-content-length
2136
accept-ranges
bytes
content-type
text/css
expires
Tue, 14 Jun 2022 13:57:11 GMT
tables.css
threatintelligence.guardicore.com/css/
5 KB
2 KB
Stylesheet
General
Full URL
https://threatintelligence.guardicore.com/css/tables.css
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/domain/as13285.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.107.128 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
128.107.95.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
720872015ac2c9a42547671bb230c25f8b2550e6784eb973682f77f498d6a0d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/domain/as13285.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 12:57:11 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ADPycdst6qNEWVt3D-6DHMVFLufqiCgh49TxUMYrPBy7KmnuO-f3cLl9GxLffgzzrN7E0QBWbifj1wThQ6e67tMbwF7mANwnc_JK
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1442
last-modified
Thu, 17 Sep 2020 07:35:56 GMT
server
UploadServer
etag
"429a544a32f52a4c5b63487f0452a42d"
x-goog-hash
crc32c=dUXGIw==, md5=QppUSjL1KkxbY0h/BFKkLQ==
x-goog-generation
1600328156213709
cache-control
no-transform,max-age=3600,public
x-goog-stored-content-length
1442
accept-ranges
bytes
content-type
text/css
expires
Tue, 14 Jun 2022 13:57:11 GMT
tags.css
threatintelligence.guardicore.com/css/
5 KB
824 B
Stylesheet
General
Full URL
https://threatintelligence.guardicore.com/css/tags.css
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/domain/as13285.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.107.128 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
128.107.95.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a8b9203ac85de30d28fed5df1eb9f1066cedded1392a2b2def010a9dff3694ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/domain/as13285.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 12:57:11 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ADPycdsYu6u0ZBBA3hvyMpZKpCbkcmbs0AliNDMqK47CvrvYNOnJnNw1K6yCblRFkcjffEP6xEYI27il0lCQQd6kS0oM7g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
573
last-modified
Thu, 17 Sep 2020 07:35:57 GMT
server
UploadServer
etag
"6a10f3370fe5d5d9a50e9b61f785fd75"
x-goog-hash
crc32c=KvMsnQ==, md5=ahDzNw/l1dmlDpth94X9dQ==
x-goog-generation
1600328157296692
cache-control
no-transform,max-age=3600,public
x-goog-stored-content-length
573
accept-ranges
bytes
content-type
text/css
expires
Tue, 14 Jun 2022 13:57:11 GMT
popup.css
threatintelligence.guardicore.com/css/
2 KB
702 B
Stylesheet
General
Full URL
https://threatintelligence.guardicore.com/css/popup.css
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/domain/as13285.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.107.128 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
128.107.95.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
bc21035616818a7d3a71f2448f311fe519d26158f8d9765ffb480d7a5d3dbe48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/domain/as13285.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 12:57:11 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ADPycdvSbs6MiEhzY3tZBPEBQN8keYo89bSF2gbWRdUHM6JRD8Ax87AGvEOii7KKeQ1o9hTIjeNPH0qW1xlHYS4BP_epZQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
446
last-modified
Thu, 17 Sep 2020 07:35:53 GMT
server
UploadServer
etag
"836e676c8c66ccdedaa2993da5f174e1"
x-goog-hash
crc32c=gp9SRg==, md5=g25nbIxmzN7aopk9pfF04Q==
x-goog-generation
1600328153020267
cache-control
no-transform,max-age=3600,public
x-goog-stored-content-length
446
accept-ranges
bytes
content-type
text/css
expires
Tue, 14 Jun 2022 13:57:11 GMT
flags-sprites-24-@2x.css
threatintelligence.guardicore.com/css/
19 KB
2 KB
Stylesheet
General
Full URL
https://threatintelligence.guardicore.com/css/flags-sprites-24-@2x.css
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/domain/as13285.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.107.128 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
128.107.95.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
76b8f7b86078b0f420732de1f4dbb242bc73d2b2683c3d3fe5ecdd9f7ded7249

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/domain/as13285.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 12:57:11 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ADPycdvQqRgwbTjgGK5yrbNiSYr-gWXgZ9v2kAJZebCuUNTRa3-fhQ0LoWsfKnYILd1nfQq--jwoch4wsBy25wwCA_G37VCCiezC
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1468
last-modified
Thu, 17 Sep 2020 07:35:39 GMT
server
UploadServer
etag
"341fd4d634a86b7203b36b0971617ca6"
x-goog-hash
crc32c=y05Vng==, md5=NB/U1jSoa3IDs2sJcWF8pg==
x-goog-generation
1600328139828346
cache-control
no-transform,max-age=3600,public
x-goog-stored-content-length
1468
accept-ranges
bytes
content-type
text/css
expires
Tue, 14 Jun 2022 13:57:11 GMT
blank.gif
threatintelligence.guardicore.com/images/
43 B
69 B
Image
General
Full URL
https://threatintelligence.guardicore.com/images/blank.gif?crc=4208392903
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/domain/as13285.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.107.128 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
128.107.95.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/domain/as13285.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 12:57:11 GMT
age
0
x-guploader-uploadid
ADPycdsdf2MhakfcvsmwmdKCPXzKZhxLFJhaV6yRtJ9p-Jt832C7JYWr3NnPSeNbnMe50IaWMyefpa6yhJ6gAKIJvjG5YWzcSmLg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
last-modified
Thu, 17 Sep 2020 07:25:42 GMT
server
UploadServer
etag
"325472601571f31e1bf00674c368d335"
x-goog-hash
crc32c=00kvXg==, md5=MlRyYBVx8x4b8AZ0w2jTNQ==
x-goog-generation
1600327542507743
cache-control
no-transform,max-age=3600,public
x-goog-stored-content-length
43
accept-ranges
bytes
content-type
image/gif
expires
Tue, 14 Jun 2022 13:57:11 GMT
require.js
threatintelligence.guardicore.com/scripts/
16 KB
6 KB
Script
General
Full URL
https://threatintelligence.guardicore.com/scripts/require.js?crc=7928878
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/domain/as13285.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.107.128 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
128.107.95.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
8cf4f67a4230fd3c6cb85bfb88257803cb7d1ff489e75ec6fa79cb8db7193ac4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/domain/as13285.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 12:57:11 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ADPycdtKNvn6lnJMV4w4-QnnktLp6_BRwWTNxa-4SBkyIV-6cB094x0cbAttfWNeGxvFN4Wga08nNA2XFSedNiRXGoNgDmMANZhO
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6614
last-modified
Thu, 17 Sep 2020 07:28:28 GMT
server
UploadServer
etag
"34a46fa6ec6840e06545268d70628709"
x-goog-hash
crc32c=vCsQKg==, md5=NKRvpuxoQOBlRSaNcGKHCQ==
x-goog-generation
1600327708295570
cache-control
no-transform,max-age=3600,public
x-goog-stored-content-length
6614
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 14 Jun 2022 13:57:11 GMT
popup.js
threatintelligence.guardicore.com/scripts/
1 KB
448 B
Script
General
Full URL
https://threatintelligence.guardicore.com/scripts/popup.js
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/domain/as13285.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.107.128 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
128.107.95.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
bb42d64ef62cf0f4d510d3565bf1ed005bce5d94b64452173dffc5c5210f9cc4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/domain/as13285.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 12:57:11 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ADPycduAtny_t0MN5eimGPt2UUjw8q99sB_tRyHJuldQvi5b47_j-ZlL_acxpRwm2IweTFXTdIOBg20jfia35ShgxQsWww
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
420
last-modified
Thu, 17 Sep 2020 07:28:25 GMT
server
UploadServer
etag
"e1b312e2e029a3903e91d724234268f6"
x-goog-hash
crc32c=/zboOQ==, md5=4bMS4uApo5A+kdckI0Jo9g==
x-goog-generation
1600327705260309
cache-control
no-transform,max-age=3600,public
x-goog-stored-content-length
420
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 14 Jun 2022 13:57:11 GMT
E-ayi6FIB4gmelUXeWP2opDYK1gi0oTmFyPPQpSmaRvfentgfHzFk3IPH2wDwD9tFQBL5QiK52ZcFRMUZcJUjRJaF2BqjAjXwAbajRM3jQy8FDq-APG0ZamyScsTjhNkZPoRdhXCHKoE-WZzOcFzOc8COeiujW4q-AFzSc90jhNlOYiaiko1iABkZe8Rda48OcFzd...
use.typekit.net/ik/
17 KB
7 KB
Script
General
Full URL
https://use.typekit.net/ik/E-ayi6FIB4gmelUXeWP2opDYK1gi0oTmFyPPQpSmaRvfentgfHzFk3IPH2wDwD9tFQBL5QiK52ZcFRMUZcJUjRJaF2BqjAjXwAbajRM3jQy8FDq-APG0ZamyScsTjhNkZPoRdhXCHKoE-WZzOcFzOc8COeiujW4q-AFzSc90jhNlOYiaiko1iABkZe8Rda48OcFzdPUaiaS0pc8hdkoRdkoTdfUE-WZzOcFzOc8CJ6sCjWszH6qJaYGbMg6IJMJ7fbRZpyMMeMS6MKG4fFsEIMMjfPMfP6sFiWF8qMeAqdVngb.js
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/domain/as13285.net
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e024 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
bd3e41382db90f4060cfce77efc89a23ef6c4d65047d3a234c1e4dff045ece58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Tue, 14 Jun 2022 12:57:11 GMT
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6670
gtm.js
www.googletagmanager.com/
309 KB
85 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WDRGX6B
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/domain/as13285.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
64ec834380337942f3850c77285c12101fb5ed1194a551de5f8fda43e65bf854
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 12:57:11 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
86433
x-xss-protection
0
last-modified
Tue, 14 Jun 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 14 Jun 2022 12:57:11 GMT
Graphik-Regular-Web.woff2
threatintelligence.guardicore.com/fonts/
36 KB
36 KB
Font
General
Full URL
https://threatintelligence.guardicore.com/fonts/Graphik-Regular-Web.woff2
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/fonts/fonts.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.107.128 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
128.107.95.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
6967697799a1a3fc3be15926cc5725b4c614549d3c3ad8c50d9ee0b2644f369a

Request headers

Referer
https://threatintelligence.guardicore.com/fonts/fonts.css
Origin
https://threatintelligence.guardicore.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 12:57:11 GMT
age
0
x-guploader-uploadid
ADPycds6ZxT6mPrDpEHDBvYlyQk3E4LM2QeHZ8giLgsPe8jKceQ9CdeWILkw0OLkerKMBt2i7MbXKAZso5U4FD-CNhi5FzK5Yqn5
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36525
last-modified
Thu, 17 Sep 2020 07:36:32 GMT
server
UploadServer
etag
"9c320f3de61ffb2fe9070e6150c1e115"
x-goog-hash
crc32c=LIIvXA==, md5=nDIPPeYf+y/pBw5hUMHhFQ==
x-goog-generation
1600328192543349
cache-control
no-transform,max-age=3600,public
x-goog-stored-content-length
36525
accept-ranges
bytes
content-type
application/octet-stream
expires
Tue, 14 Jun 2022 13:57:11 GMT
baseline-search-24px.svg
threatintelligence.guardicore.com/images/
696 B
724 B
Image
General
Full URL
https://threatintelligence.guardicore.com/images/baseline-search-24px.svg
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/css/extra.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.107.128 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
128.107.95.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
7f9bb56b6211100609672da98b243c0eccb62c86d3866ed02d1978b45f3f48e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/css/extra.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 12:57:11 GMT
age
0
x-guploader-uploadid
ADPycdtA68WzSo67SyVNWEhs6MWElZGZRbdYthxpwDdPScOL0Ne2pI3Qi_pkVtJm70rnqFBKqjG_NUZAggyPxTTtoOCJQ6hKVrkM
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
696
last-modified
Thu, 17 Sep 2020 07:25:40 GMT
server
UploadServer
etag
"5f05403da569bc26a61ce8c6cdbb1500"
x-goog-hash
crc32c=0aFAUA==, md5=XwVAPaVpvCamHOjGzbsVAA==
x-goog-generation
1600327540146797
cache-control
no-transform,max-age=3600,public
x-goog-stored-content-length
696
accept-ranges
bytes
content-type
image/svg+xml
expires
Tue, 14 Jun 2022 13:57:11 GMT
linebgtrans.svg
threatintelligence.guardicore.com/images/
543 B
576 B
Image
General
Full URL
https://threatintelligence.guardicore.com/images/linebgtrans.svg?crc=12341277
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/css/master_a-master.css?crc=3795897440
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.107.128 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
128.107.95.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a9e637a2b461bfda79572b19ac25821e873b2805e66cc1b7e412be5587ebb78f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/css/master_a-master.css?crc=3795897440
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 12:57:11 GMT
age
0
x-guploader-uploadid
ADPycduXl1qa8ZRhpkzBXwx_dA16q1CvWfPSPRB5DFORIG4O4Qg-pHQ4V7Ju8oIC4EngP8Ryz141gCmtgIDmQTYoezUuoU5-A_cE
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
543
last-modified
Thu, 17 Sep 2020 07:27:08 GMT
server
UploadServer
etag
"1094ceae640b37b17dd1a6fc8e5e6ac2"
x-goog-hash
crc32c=Wp3acA==, md5=EJTOrmQLN7F90ab8jl5qwg==
x-goog-generation
1600327628204997
cache-control
no-transform,max-age=3600,public
x-goog-stored-content-length
543
accept-ranges
bytes
content-type
image/svg+xml
expires
Tue, 14 Jun 2022 13:57:11 GMT
Graphik-Bold-Web.woff2
threatintelligence.guardicore.com/fonts/
37 KB
37 KB
Font
General
Full URL
https://threatintelligence.guardicore.com/fonts/Graphik-Bold-Web.woff2
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/fonts/fonts.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.107.128 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
128.107.95.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
05c18ebd88d804db7eb7c2f9907d9fcea7f3922a7920beb591d647134fd05ddb

Request headers

Referer
https://threatintelligence.guardicore.com/fonts/fonts.css
Origin
https://threatintelligence.guardicore.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 12:57:11 GMT
age
0
x-guploader-uploadid
ADPycdvauq1HCW1mrLXUtulL_Rv8yVd7wz_XnxVmkLrATfeW4CJTIxSO2TncYbCOkkO-IoJLHtJHe7Tx6VZgklHtGWomnspZnRBD
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37813
last-modified
Thu, 17 Sep 2020 07:36:14 GMT
server
UploadServer
etag
"594d034f268dbbd2a78294287b3b3ceb"
x-goog-hash
crc32c=JPMldA==, md5=WU0DTyaNu9KngpQoezs86w==
x-goog-generation
1600328174558523
cache-control
no-transform,max-age=3600,public
x-goog-stored-content-length
37813
accept-ranges
bytes
content-type
application/octet-stream
expires
Tue, 14 Jun 2022 13:57:11 GMT
Graphik-RegularItalic-Web.woff2
threatintelligence.guardicore.com/fonts/
38 KB
38 KB
Font
General
Full URL
https://threatintelligence.guardicore.com/fonts/Graphik-RegularItalic-Web.woff2
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/fonts/fonts.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.107.128 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
128.107.95.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
7b4c47b439d9a25e184671127d1aa619065edba8f4e7de808e541319912ad6cd

Request headers

Referer
https://threatintelligence.guardicore.com/fonts/fonts.css
Origin
https://threatintelligence.guardicore.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 12:57:11 GMT
age
0
x-guploader-uploadid
ADPycdsNNmUHVSXlfbwuqYYG9OaMOmU7RcasToY2N0PrxbDx6HdjA6gb1EQd_FMzx_FLb4cR0In1C1VfA6SE31DscIkUQRX6CzM1
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38801
last-modified
Thu, 17 Sep 2020 07:36:34 GMT
server
UploadServer
etag
"fcbc4244b778bad2dc291d93c5563e6f"
x-goog-hash
crc32c=P4CJgg==, md5=/LxCRLd4utLcKR2TxVY+bw==
x-goog-generation
1600328194789834
cache-control
no-transform,max-age=3600,public
x-goog-stored-content-length
38801
accept-ranges
bytes
content-type
application/octet-stream
expires
Tue, 14 Jun 2022 13:57:11 GMT
Graphik-Medium-Web.woff2
threatintelligence.guardicore.com/fonts/
35 KB
35 KB
Font
General
Full URL
https://threatintelligence.guardicore.com/fonts/Graphik-Medium-Web.woff2
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/fonts/fonts.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.107.128 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
128.107.95.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
152c54863c7eebf832dccc95eba068ce3b79ea0f4b97e620c5cc3441094dcdce

Request headers

Referer
https://threatintelligence.guardicore.com/fonts/fonts.css
Origin
https://threatintelligence.guardicore.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 12:57:11 GMT
age
0
x-guploader-uploadid
ADPycdu5-QKxHald86PUZ9gWRrXi1bEspGv739ocxNhKm4zFHHePm9MDTTmUvUafo96PstZxsuK47bqnJgyklKehRsqunYnpRC2_
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35489
last-modified
Thu, 17 Sep 2020 07:36:28 GMT
server
UploadServer
etag
"00f5ccc07a40954f32d42a701ed0a3d7"
x-goog-hash
crc32c=hh42HA==, md5=APXMwHpAlU8y1CpwHtCj1w==
x-goog-generation
1600328188151639
cache-control
no-transform,max-age=3600,public
x-goog-stored-content-length
35489
accept-ranges
bytes
content-type
application/octet-stream
expires
Tue, 14 Jun 2022 13:57:11 GMT
jquery-1.8.3.min.js
threatintelligence.guardicore.com/scripts/
91 KB
33 KB
Script
General
Full URL
https://threatintelligence.guardicore.com/scripts/jquery-1.8.3.min.js?crc=209076791
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/domain/as13285.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.107.128 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
128.107.95.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/domain/as13285.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 12:57:11 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ADPycdt8f_UwxH631wnj04ap-lQiDr27SazUySYAVEpKNthgsIfgnxU7GO07ZAD8Pl3mUpIVO0nJe2QHl9_lschFKenb3NXG9akH
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33419
last-modified
Thu, 17 Sep 2020 07:27:51 GMT
server
UploadServer
etag
"a9281c5a28191487700bede194d7fc5e"
x-goog-hash
crc32c=lmbUgw==, md5=qSgcWigZFIdwC+3hlNf8Xg==
x-goog-generation
1600327671117633
cache-control
no-transform,max-age=3600,public
x-goog-stored-content-length
33419
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 14 Jun 2022 13:57:11 GMT
cover.png
threatintelligence.guardicore.com/images/
72 KB
72 KB
Image
General
Full URL
https://threatintelligence.guardicore.com/images/cover.png?crc=4020104822
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/css/master_a-master.css?crc=3795897440
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.107.128 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
128.107.95.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
34c5f4f7391d2f69bae170eac178514ef77765365ff014b9bddae8e6c1818c63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/css/master_a-master.css?crc=3795897440
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 12:57:11 GMT
x-guploader-uploadid
ADPycdtVJIEwZnByRd4lq48Lzu9Y_AYR1aqSLogLLVj6SGG68wUaHBXCqk43sXxBeRax-zVOF0J-UDDs_gXpxfjF8UJJ2Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73222
last-modified
Thu, 17 Sep 2020 07:26:12 GMT
server
UploadServer
etag
"6221d55bb62a125cdeb6bc5d54e1461c"
x-goog-hash
crc32c=/DETMw==, md5=YiHVW7YqElzetrxdVOFGHA==
x-goog-generation
1600327572713652
cache-control
no-transform,max-age=3600,public
x-goog-stored-content-length
73222
accept-ranges
bytes
content-type
image/png
expires
Tue, 14 Jun 2022 13:57:11 GMT
flags-sprites-48.png
threatintelligence.guardicore.com/images/
121 KB
121 KB
Image
General
Full URL
https://threatintelligence.guardicore.com/images/flags-sprites-48.png
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/css/flags-sprites-24-@2x.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.107.128 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
128.107.95.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e4ac8f1b665a199c315d346804124f4ae558fa0d5753c511bac0a492c7b9b2a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/css/flags-sprites-24-@2x.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 12:57:11 GMT
age
0
x-guploader-uploadid
ADPycds-bX2jQx4dLJBdDlaxo-p-X6HWD_RM_OeEngFh7WRu73vzViLQZ2HgHU22mcNYW0Od67bMMa1vJHhJiHXSrNNXXXTp9Rbj
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
123984
last-modified
Thu, 17 Sep 2020 07:26:54 GMT
server
UploadServer
etag
"b512842520c8d4135de57a77f3a57a9b"
x-goog-hash
crc32c=JiJbmw==, md5=tRKEJSDI1BNd5Xp386V6mw==
x-goog-generation
1600327614701385
cache-control
no-transform,max-age=3600,public
x-goog-stored-content-length
123984
accept-ranges
bytes
content-type
image/png
expires
Tue, 14 Jun 2022 13:57:11 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://threatintelligence.guardicore.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 17:07:14 GMT
x-content-type-options
nosniff
age
589797
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23040
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:56:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Jun 2023 17:07:14 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://threatintelligence.guardicore.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 17:07:14 GMT
x-content-type-options
nosniff
age
589797
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Jun 2023 17:07:14 GMT
l
use.typekit.net/af/180254/00000000000000000001522c/27/
26 KB
26 KB
Font
General
Full URL
https://use.typekit.net/af/180254/00000000000000000001522c/27/l?subset_id=2&fvd=n4&v=3
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/domain/as13285.net
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e024 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
fb7238a43d12d8c6c8e5be18fce5569a7941caa2a7fc6f3d4843330cb541a3c1

Request headers

Referer
https://threatintelligence.guardicore.com/
Origin
https://threatintelligence.guardicore.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 12:57:11 GMT
server
nginx
etag
"909ee432889be3d6b7b685624c2e329c0282c6d6"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
26508
l
use.typekit.net/af/220823/000000000000000000015231/27/
26 KB
26 KB
Font
General
Full URL
https://use.typekit.net/af/220823/000000000000000000015231/27/l?subset_id=2&fvd=n7&v=3
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/domain/as13285.net
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e024 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
eec62cb204dddbd71f19fe41f6f83588dafbc619df65da7f350a13a2ae50d992

Request headers

Referer
https://threatintelligence.guardicore.com/
Origin
https://threatintelligence.guardicore.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 12:57:11 GMT
server
nginx
etag
"ae3aa0c0f4e3656c3ef5aeb2faa36739e125fa8b"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
26180
l
use.typekit.net/af/50d55e/000000000000000000015235/27/
24 KB
25 KB
Font
General
Full URL
https://use.typekit.net/af/50d55e/000000000000000000015235/27/l?subset_id=2&fvd=n9&v=3
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/domain/as13285.net
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e024 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
08fd9e8c52c6f750e18a7c9f539a7d9be2bb1bb68df9662c6815b499f8b21fc7

Request headers

Referer
https://threatintelligence.guardicore.com/
Origin
https://threatintelligence.guardicore.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 12:57:11 GMT
server
nginx
etag
"5413ae565d5208d6188f478ccf3966e687bb19d2"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
24932
l
webfonts.creativecloud.com/c/77e921/1w;lato,2,c0x:W:n7/
31 KB
24 KB
Stylesheet
General
Full URL
https://webfonts.creativecloud.com/c/77e921/1w;lato,2,c0x:W:n7/l
Requested by
Host: webfonts.creativecloud.com
URL: https://webfonts.creativecloud.com/lato:n7:default.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.32.58.227 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-58-227.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d12772f015c117c9ef3526827bc887dc7be275c1e331b43ed9daf180090abcda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains;
Content-Encoding
gzip
Server
nginx
Date
Tue, 14 Jun 2022 12:57:11 GMT
Vary
Accept-Encoding
Content-Type
text/css;charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=604800
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
24232
truncated
/
23 KB
23 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1773d4fa83b8d609e687a59428ddf813256bc2ebdc27de4f5ea04f788c984934

Request headers

Referer
Origin
https://threatintelligence.guardicore.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type
font/opentype
p.gif
p.typekit.net/
35 B
214 B
Image
General
Full URL
https://p.typekit.net/p.gif?s=2&k=3335851_97b86f601fb1b2741daf41d7b00a8e79&ht=tk&h=threatintelligence.guardicore.com&f=15708.15705.15700&a=3335851&js=1.21.0&app=muse&e=js&_=1655211431616
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/domain/as13285.net
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ef::5c7b:c209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 12:57:11 GMT
last-modified
Sat, 09 Oct 2021 02:10:03 GMT
server
nginx
etag
"6160f9fb-23"
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-53878132-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
2283
date
Tue, 14 Jun 2022 12:19:08 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 14 Jun 2022 14:19:08 GMT
conversion_async.js
www.googleadservices.com/pagead/
39 KB
15 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDRGX6B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
22f38bcd5544708fe83348bf6b068d4f521e0cb16c32d0256b7e027760114bad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 12:57:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15069
x-xss-protection
0
server
cafe
etag
11223643544955582496
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 14 Jun 2022 12:57:11 GMT
hotjar-1548397.js
static.hotjar.com/c/
7 KB
3 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-1548397.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDRGX6B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-12.fra50.r.cloudfront.net
Software
/
Resource Hash
5bb16e409fa4ce1885ad666980411b096b353f25f6ae442d14de96e53bc97fee
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 12:57:11 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
FRA50-C1
etag
W/6c20d708e7e7e889912224b12988a299
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-id
uVWFEclu8wRlYgwV3mPvgp1Cj3wPfBz8uWBDIzBw3oM-sTJtbGkidA==
via
1.1 5317564e96c9dceb46123f6c5f149a02.cloudfront.net (CloudFront)
insight.min.js
snap.licdn.com/li.lms-analytics/
8 KB
3 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDRGX6B
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e053 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

X-EdgeConnect-Origin-MEX-Latency
662
Date
Tue, 14 Jun 2022 12:57:11 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Apr 2022 23:25:22 GMT
X-CDN
AKAM
X-EdgeConnect-MidMile-RTT
0
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=18255
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3085
bat.js
bat.bing.com/
38 KB
12 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDRGX6B
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e2db6493cc4a606dd658a7859c64d725083e1c463b38005a761bab49d9cf27d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Mon, 13 Jun 2022 22:16:41 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 166FFA7909AE4B5C926C93B7FB5B4075 Ref B: FRAEDGE1416 Ref C: 2022-06-14T12:57:11Z
etag
"80ead641737fd81:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
date
Tue, 14 Jun 2022 12:57:11 GMT
accept-ranges
bytes
content-length
11353
uwt.js
static.ads-twitter.com/
49 KB
14 KB
Script
General
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDRGX6B
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
05448e9440e5f8a66395d7d66a9bfcb9614a80e4e181f6347cd742ec36725ca6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 12:57:11 GMT
content-encoding
gzip
last-modified
Wed, 08 Jun 2022 18:52:59 GMT
etag
"90b3a450b1a5741eca2aac717f3ebbc2+gzip+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache
x-cache
HIT, HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
13714
x-served-by
cache-iad-kjyo7100079-IAD, cache-muc13952-MUC
fbevents.js
connect.facebook.net/en_US/
100 KB
26 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/domain/as13285.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26344
x-xss-protection
0
pragma
public
x-fb-debug
0IegVuXuSXy2MUvcxagIlbTMC5wjTroOX5o6WyDw79YM/TllxHY9SUW9+jNvxYhA5tV5fAIXJcKDQ/0LaK/YXA==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Tue, 14 Jun 2022 12:57:11 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
6si.min.js
j.6sc.co/
31 KB
10 KB
Script
General
Full URL
https://j.6sc.co/6si.min.js
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/domain/as13285.net
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-137-162.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8e038b564510a45dc11799f74da367733f3db7f9c0a0434f1e90c44ec5168278
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Tue, 14 Jun 2022 12:57:11 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
9715
Pragma
no-cache
Last-Modified
Thu, 05 May 2022 03:45:17 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6273484d-7b02"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
application/javascript
Access-Control-Allow-Origin
Cache-Control
private, no-cache, proxy-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Tue, 14 Jun 2022 12:57:11 GMT
e350bd80-906f-4349-a98a-f169d8f157c0.js
cdnssl.clicktale.net/www14/ptc/
306 KB
56 KB
Script
General
Full URL
https://cdnssl.clicktale.net/www14/ptc/e350bd80-906f-4349-a98a-f169d8f157c0.js
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/domain/as13285.net
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:898::2db0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
66dfc15969f4f91b80b386cbe48b2d61d91a145c9a8517e590ffb086592a0a47

Request headers

Referer
https://threatintelligence.guardicore.com/
Origin
https://threatintelligence.guardicore.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
JICvqPSJfUQcZYL69ggCJ6ZUrKXVkxsT
content-encoding
br
last-modified
Thu, 09 Jun 2022 13:38:02 GMT
server
AmazonS3
x-amz-request-id
2FAXVZ3JEVWJ23V9
etag
"4a969ae110b3ed8f7fb334d82375cfd7"
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
date
Tue, 14 Jun 2022 12:57:11 GMT
accept-ranges
bytes
content-length
56590
x-amz-id-2
nk7w8xFuwRuVwqdEoUjbFTW/mXpHxbX5fI4FIfkh/ur/Z5G/cfVEOQG7pc+8Lut0sqJ0/ome754=
expires
Tue, 14 Jun 2022 13:07:11 GMT
sync
live.rezync.com/
1 KB
2 KB
Script
General
Full URL
https://live.rezync.com/sync?c=16b6410431b6374e780104abb0443ca8&p=fa186be0f88bdbcc339b68231317e0f1&k=akamai-pixel-9641&zmpID=akamai
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/domain/as13285.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-68.fra50.r.cloudfront.net
Software
lighttpd/1.4.33 /
Resource Hash
0d7586e26e12584c47071b17ec66db992eee435ee38135f15dd80585f73e7b42

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 12:57:11 GMT
via
1.1 baaf38f0a0d54e4834bf934fa5189cea.cloudfront.net (CloudFront)
server
lighttpd/1.4.33
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
content-type
application/javascript
content-length
1405
x-amz-cf-id
jXWwCE8UX1rPXyrnQEQalqIN5gTBAVsG5EJVp4GVJ0P4v2w3qcSdZg==
museconfig.js
threatintelligence.guardicore.com/domain/scripts/
2 KB
993 B
Script
General
Full URL
https://threatintelligence.guardicore.com/domain/scripts/museconfig.js?crc=310584261
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/scripts/require.js?crc=7928878
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.107.128 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
128.107.95.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b20881a794dc4a1a893e0e50ff0b60333438173560926182a94973040bcce5c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/domain/as13285.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 12:57:11 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ADPycduaE-ECnXNTXWfCYsuKAtXvsYQqTMfMU2UU3389XhNvNYBQ1jxNNN-Jekyrnwfi77DBcxeKJInMS9cdFV5sZzO21bVbZ25s
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
956
last-modified
Thu, 17 Sep 2020 07:28:11 GMT
server
UploadServer
etag
"e197685956d9da529d23ac08f818388f"
x-goog-hash
crc32c=o+PMGQ==, md5=4ZdoWVbZ2lKdI6wI+Bg4jw==
x-goog-generation
1600327691857956
cache-control
no-transform,max-age=3600,public
x-goog-stored-content-length
956
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 14 Jun 2022 13:57:11 GMT
260002655494040
connect.facebook.net/signals/config/
290 KB
83 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/260002655494040?v=2.9.62&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4ead665cca9b9cea532970dcb5f0aae29d892a53a19206b57b3a956787626472
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
84904
x-xss-protection
0
pragma
public
x-fb-debug
p46H7FdY8/SKB36NnfW+B5xt10okk2HUDgDKH7j0MiOEDytqgoWdvTtnuNKOx0fYqomlPf/j1URSOumeAEScNA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 14 Jun 2022 12:57:11 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=257082&time=1655211431814&url=https%3A%2F%2Fthreatintelligence.guardicore.com%2Fdomain%2Fas13285.net
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D257082%26time%3D1655211431814%26url%3Dhttps%253A%252F%252Fthreatintelligence.guar...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=257082&time=1655211431814&url=https%3A%2F%2Fthreatintelligence.guardicore.com%2Fdomain%2Fas13285.net&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=257082&time=1655211431814&url=https%3A%2F%2Fthreatintelligence.guardicore.com%2Fdomain%2Fas13285.net&liSync=true&e_ipv6=AQKbpx-SprFfEgAAAYFiShlYx...
0
265 B
Image
General
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=257082&time=1655211431814&url=https%3A%2F%2Fthreatintelligence.guardicore.com%2Fdomain%2Fas13285.net&liSync=true&e_ipv6=AQKbpx-SprFfEgAAAYFiShlYxViFOp2D4MHoDleh2Rql365K47bs0bxF5KoxZlQTiXXF2oSe
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/domain/as13285.net
Protocol
H2
Server
13.107.43.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 12:57:11 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 108CDE5361DF4B3B9A42EF0C78CA7351 Ref B: VIEEDGE1107 Ref C: 2022-06-14T12:57:12Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-proto
http/2
content-length
0
x-li-uuid
AAXhZ/F1kYCPqi7lS4jauw==
x-li-fabric
prod-lva1

Redirect headers

date
Tue, 14 Jun 2022 12:57:11 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: A94F175C99A84C1D9EB2B512A4945DEC Ref B: VIEEDGE1614 Ref C: 2022-06-14T12:57:12Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=257082&time=1655211431814&url=https%3A%2F%2Fthreatintelligence.guardicore.com%2Fdomain%2Fas13285.net&liSync=true&e_ipv6=AQKbpx-SprFfEgAAAYFiShlYxViFOp2D4MHoDleh2Rql365K47bs0bxF5KoxZlQTiXXF2oSe
x-li-proto
http/2
content-length
0
x-li-uuid
AAXhZ/Fyc199ccb3iptniA==
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=408226138&t=pageview&_s=1&dl=https%3A%2F%2Fthreatintelligence.guardicore.com%2Fdomain%2Fas13285.net&ul=en-us&de=UTF-8&dt=Discover%20Malicious%20Domains%20-%20Cyber%20Threat%20Intelligence%20%7C%20Guardicore&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1322225896&gjid=391574403&cid=322816328.1655211432&tid=UA-53878132-1&_gid=644992957.1655211432&_r=1&gtm=2ou6d0&z=1418614151
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://threatintelligence.guardicore.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Jun 2022 12:57:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://threatintelligence.guardicore.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=408226138&t=pageview&_s=1&dl=https%3A%2F%2Fthreatintelligence.guardicore.com%2Fdomain%2Fas13285.net&ul=en-us&de=UTF-8&dt=Discover%20Malicious%20Domains%20-%20Cyber%20Threat%20Intelligence%20%7C%20Guardicore&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAAC~&jid=973163896&gjid=1490094392&cid=322816328.1655211432&tid=UA-53878132-1&_gid=644992957.1655211432&_r=1&gtm=2wg6d0WDRGX6B&cd1=0.8065722198274949_1655211431774&z=837938201
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://threatintelligence.guardicore.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Jun 2022 12:57:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://threatintelligence.guardicore.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
getuidj
secure.adnxs.com/
11 B
723 B
XHR
General
Full URL
https://secure.adnxs.com/getuidj
Requested by
Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Jun 2022 12:57:11 GMT
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
1769d752-e716-4757-b5db-8649be6888ba
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://threatintelligence.guardicore.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
11
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
c.6sc.co/
47 B
389 B
XHR
General
Full URL
https://c.6sc.co/
Requested by
Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-137-162.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d222dde19b6afaf913c95df346dd74bd0aaab1a8c84457c9f6097420c453724b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Tue, 14 Jun 2022 12:57:11 GMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
text/plain
Access-Control-Allow-Origin
https://threatintelligence.guardicore.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
47
/
ipv6.6sc.co/
20 B
267 B
XHR
General
Full URL
https://ipv6.6sc.co/
Requested by
Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:1b1::1c91 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3d45fdf57e5fd666b1ff640d125a0f6e7a8edfac5055af0885b29ff442d85007

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Jun 2022 12:57:11 GMT
vary
Origin
content-type
text/html
access-control-allow-origin
https://threatintelligence.guardicore.com
cache-control
max-age=0, no-cache, no-store
6si-ipv6
2a03:1b20:6:f011::2e
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
20
expires
Tue, 14 Jun 2022 12:57:11 GMT
e350bd80-906f-4349-a98a-f169d8f157c0.js
cdnssl.clicktale.net/ptc/
24 KB
7 KB
Script
General
Full URL
https://cdnssl.clicktale.net/ptc/e350bd80-906f-4349-a98a-f169d8f157c0.js
Requested by
Host: cdnssl.clicktale.net
URL: https://cdnssl.clicktale.net/www14/ptc/e350bd80-906f-4349-a98a-f169d8f157c0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:898::2db0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
86a5285f0fd71462a39e54208af7474d421224c99a1691443dabac63c4c9196f

Request headers

Referer
https://threatintelligence.guardicore.com/
Origin
https://threatintelligence.guardicore.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
82pbIkrmKjNrO25cCexK9aklbwG0jsN2
content-encoding
br
last-modified
Mon, 20 Dec 2021 17:25:05 GMT
server
AmazonS3
x-amz-request-id
A9WAV8G890GJ25DR
etag
"9fb813cfa0e828a5851882b774a1991b"
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
date
Tue, 14 Jun 2022 12:57:11 GMT
accept-ranges
bytes
content-length
6311
x-amz-id-2
LcNTA99YyWuY1AIUc7N+Brdj/JErq2WhTVys4/3lf8fkCGoxU2y7E95EN1Uh9Ax1W62J42lmtmo=
expires
Tue, 14 Jun 2022 13:07:11 GMT
modules.b871a939666125f20d79.js
script.hotjar.com/
243 KB
63 KB
Script
General
Full URL
https://script.hotjar.com/modules.b871a939666125f20d79.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1548397.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-5.fra50.r.cloudfront.net
Software
/
Resource Hash
e5827fd8bddccf8f9ca7d06936e0bd6596f9ec6aca0652086c5d593a72d84435
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 08:52:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
446705
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
64109
access-control-allow-origin
*
last-modified
Thu, 09 Jun 2022 08:51:29 GMT
etag
"a7a5f230aae7accf37f785c6590c07fa"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
wbBq-iNUbYHWsqcPTOBOLDu0VO-KvXGf-VI6v0Te2XZs4_vXuceUbg==
dcc0a081-3114-4a58-b168-a629da15cbf5
https://threatintelligence.guardicore.com/
6 KB
0
Other
General
Full URL
blob:https://threatintelligence.guardicore.com/dcc0a081-3114-4a58-b168-a629da15cbf5
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/domain/as13285.net
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8254f2577a38c005e4ccbdb175fc8ba7b70992c89580d832736983c937ac9e78

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Length
6483
Content-Type
application/javascript
/
www.facebook.com/tr/
44 B
297 B
Image
General
Full URL
https://www.facebook.com/tr/?id=260002655494040&ev=PageView&dl=https%3A%2F%2Fthreatintelligence.guardicore.com%2Fdomain%2Fas13285.net&rl=&if=false&ts=1655211431941&sw=1600&sh=1200&v=2.9.62&r=stable&ec=0&o=30&fbp=fb.1.1655211431940.466231677&it=1655211431811&coo=false&rqm=GET
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/domain/as13285.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 12:57:11 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Tue, 14 Jun 2022 12:57:11 GMT
25022092.js
bat.bing.com/p/action/
219 B
475 B
Script
General
Full URL
https://bat.bing.com/p/action/25022092.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fbaa041d05eaaef4f0ca152dd9748288c1e364be2bdb2db6d6e817d9f3e99a33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 491329839BC94FBEBAAA6FD26C1B0A28 Ref B: FRAEDGE1416 Ref C: 2022-06-14T12:57:11Z
date
Tue, 14 Jun 2022 12:57:11 GMT
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private,max-age=60
content-length
300
0
bat.bing.com/action/
0
176 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=25022092&tm=gtm002&Ver=2&mid=df15bbb1-4bda-4516-ac32-40287ab29af6&sid=81cc4ed0ebe111ec9464cd9ceb1d7038&vid=81cc77d0ebe111ec9f167129641a9bcd&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Discover%20Malicious%20Domains%20-%20Cyber%20Threat%20Intelligence%20%7C%20Guardicore&kw=Threat%20feed,%20cyber%20intelligence,%20vulnerabilities,%20network%20scanner,%20malicious%20domains,%20,%20as13285.net&p=https%3A%2F%2Fthreatintelligence.guardicore.com%2Fdomain%2Fas13285.net&r=&lt=1031&evt=pageLoad&msclkid=N&sv=1&rn=239251
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/domain/as13285.net
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: BE8DCCC70AD64769ACF623CFE1AD31B1 Ref B: FRAEDGE1416 Ref C: 2022-06-14T12:57:11Z
date
Tue, 14 Jun 2022 12:57:11 GMT
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
img.gif
b.6sc.co/v1/beacon/
43 B
774 B
Image
General
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=0d8c67340d4aad8b32bfb9bcc7aa4ded&svisitor=null&session=7b0ebf2a-4c10-495f-8836-73f21de712a6&event=ipv6&q=%7B%22address%22%3A%222a03%3A1b20%3A6%3Af011%3A%3A2e%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Guardicore%20Threat%20Intelligence%20website%20supplies%20unique%20information%20on%20the%20domain%20as13285.net.%20The%20data%20contains%20information%20derived%20from%20Guardicore%20Centra.%22%2C%22keywords%22%3A%22Threat%20feed%2C%20cyber%20intelligence%2C%20vulnerabilities%2C%20network%20scanner%2C%20malicious%20domains%2C%20%2C%20as13285.net%22%2C%22title%22%3A%22Discover%20Malicious%20Domains%20-%20Cyber%20Threat%20Intelligence%20%7C%20Guardicore%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fthreatintelligence.guardicore.com%2Fdomain%2Fas13285.net&pageViewId=8a485809-f40f-4185-8593-89410dac6767
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/domain/as13285.net
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-137-162.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Tue, 14 Jun 2022 12:57:12 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
43
Pragma
no-cache
Last-Modified
Tue, 05 Oct 2021 22:17:52 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"615ccf10-2b"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/gif
Access-Control-Allow-Origin
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 19 Apr 2000 11:43:00 GMT
img.gif
b.6sc.co/v1/beacon/
43 B
774 B
Image
General
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=0d8c67340d4aad8b32bfb9bcc7aa4ded&svisitor=null&session=7b0ebf2a-4c10-495f-8836-73f21de712a6&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Tue%2C%2014%20Jun%202022%2012%3A57%3A11%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Guardicore%20Threat%20Intelligence%20website%20supplies%20unique%20information%20on%20the%20domain%20as13285.net.%20The%20data%20contains%20information%20derived%20from%20Guardicore%20Centra.%22%2C%22keywords%22%3A%22Threat%20feed%2C%20cyber%20intelligence%2C%20vulnerabilities%2C%20network%20scanner%2C%20malicious%20domains%2C%20%2C%20as13285.net%22%2C%22title%22%3A%22Discover%20Malicious%20Domains%20-%20Cyber%20Threat%20Intelligence%20%7C%20Guardicore%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fthreatintelligence.guardicore.com%2Fdomain%2Fas13285.net&pageViewId=8a485809-f40f-4185-8593-89410dac6767&an_uid=0
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/domain/as13285.net
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-137-162.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Tue, 14 Jun 2022 12:57:12 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
43
Pragma
no-cache
Last-Modified
Sat, 05 Jun 2021 07:56:05 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"60bb2e15-2b"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/gif
Access-Control-Allow-Origin
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 19 Apr 2000 11:43:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/814034752/
2 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/814034752/?random=1655211431958&cv=9&fst=1655211431958&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6d0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fthreatintelligence.guardicore.com%2Fdomain%2Fas13285.net&tiba=Discover%20Malicious%20Domains%20-%20Cyber%20Threat%20Intelligence%20%7C%20Guardicore&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f222a874145b9a766ee309ffb58573ee3afdd006212f4b94ae52aa28be3fea8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Jun 2022 12:57:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1067
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/849939417/
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/849939417/?random=1655211431960&cv=9&fst=1655211431960&num=1&label=pT43CNz7jXIQ2ZeklQM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6d0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fthreatintelligence.guardicore.com%2Fdomain%2Fas13285.net&tiba=Discover%20Malicious%20Domains%20-%20Cyber%20Threat%20Intelligence%20%7C%20Guardicore&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
807f8f2f3e26d32f840db6081ac9a4dc9a728ef1686ef8900063974d240bf92e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Jun 2022 12:57:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1115
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
454 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-53878132-1&cid=322816328.1655211432&jid=973163896&gjid=1490094392&_gid=644992957.1655211432&_u=YEDAAUABAAAAAC~&z=775567001
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://threatintelligence.guardicore.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 14 Jun 2022 12:57:12 GMT
content-type
text/plain
access-control-allow-origin
https://threatintelligence.guardicore.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
70 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-53878132-1&cid=322816328.1655211432&jid=1322225896&gjid=391574403&_gid=644992957.1655211432&_u=YEBAAUAAAAAAAC~&z=2029544770
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://threatintelligence.guardicore.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 14 Jun 2022 12:57:12 GMT
content-type
text/plain
access-control-allow-origin
https://threatintelligence.guardicore.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
e350bd80-906f-4349-a98a-f169d8f157c0.js
cdnssl.clicktale.net/pcc/
14 KB
5 KB
Script
General
Full URL
https://cdnssl.clicktale.net/pcc/e350bd80-906f-4349-a98a-f169d8f157c0.js?DeploymentConfigName=Release_20211214&Version=2
Requested by
Host: cdnssl.clicktale.net
URL: https://cdnssl.clicktale.net/ptc/e350bd80-906f-4349-a98a-f169d8f157c0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:898::2db0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a24e154269eae3effd30e60482a21294c5e00ec920a04c8066c48bd37a6fbc74

Request headers

Referer
https://threatintelligence.guardicore.com/
Origin
https://threatintelligence.guardicore.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
cY277vbaJoRo58ZT0BflGTlCFrnu7ELY
content-encoding
br
last-modified
Mon, 20 Dec 2021 17:25:05 GMT
server
AmazonS3
x-amz-request-id
WBR83SX113TDCJRC
etag
"6fa415e80451ad1ea39e6e3ff122e70c"
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
date
Tue, 14 Jun 2022 12:57:11 GMT
accept-ranges
bytes
content-length
4372
x-amz-id-2
IBEYlRLSiHxSv1cQ5yiTxjr3131Z81Zxp89cv59C23Gum7dPaSoWXMSoepzNQGlQojfOrpjhVtM=
expires
Wed, 14 Jun 2023 12:57:11 GMT
bridge-WR110.js
cdnssl.clicktale.net/www/
6 KB
6 KB
Script
General
Full URL
https://cdnssl.clicktale.net/www/bridge-WR110.js
Requested by
Host: cdnssl.clicktale.net
URL: https://cdnssl.clicktale.net/ptc/e350bd80-906f-4349-a98a-f169d8f157c0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:898::2db0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
434955a763b57088c65c34f23f27250be4f8d1cb3bf27882a181d240662b2b0f

Request headers

Referer
https://threatintelligence.guardicore.com/
Origin
https://threatintelligence.guardicore.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
aKQ55zwgJLXFs3hyWCcJxFKZlz56Awuf
last-modified
Tue, 18 Jan 2022 11:48:03 GMT
server
AmazonS3
x-amz-request-id
77WEFR6Y34BVQTHG
etag
"f5242e0b2a8fc183ac2d4f48cb85dc0e"
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
date
Tue, 14 Jun 2022 12:57:11 GMT
accept-ranges
bytes
content-length
6107
x-amz-id-2
ezGRcI2bnqXr74RW7CgCG594WJjsqkrPh9cPn1LIkLg0LdccR6IzC9T0dV3gPSa/+0WqWP0t1wE=
expires
Wed, 15 Jun 2022 12:57:11 GMT
jquery-1.8.3.min.js
threatintelligence.guardicore.com/domain/scripts/
91 KB
33 KB
Script
General
Full URL
https://threatintelligence.guardicore.com/domain/scripts/jquery-1.8.3.min.js?crc=209076791
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/scripts/require.js?crc=7928878
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.107.128 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
128.107.95.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/domain/as13285.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 12:57:12 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ADPycdvTreOQBazUQqq6ewbenKin3FDv8UN6jOrhqBusR9Y-Smwkqt8dr-yEho8s1t9k93RCf2J6QsSj_tRVWS0yyJ7ehxxkpl6w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33419
last-modified
Thu, 17 Sep 2020 07:27:53 GMT
server
UploadServer
etag
"a9281c5a28191487700bede194d7fc5e"
x-goog-hash
crc32c=lmbUgw==, md5=qSgcWigZFIdwC+3hlNf8Xg==
x-goog-generation
1600327673290410
cache-control
no-transform,max-age=3600,public
x-goog-stored-content-length
33419
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 14 Jun 2022 13:57:12 GMT
museutils.js
threatintelligence.guardicore.com/domain/scripts/
60 KB
17 KB
Script
General
Full URL
https://threatintelligence.guardicore.com/domain/scripts/museutils.js?crc=4250906080
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/scripts/require.js?crc=7928878
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.107.128 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
128.107.95.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ea2f287c35fe444e9706382eff9c9c98c4e5f839b7050400b7a69f375e5e8aa3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/domain/as13285.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 12:57:12 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ADPycdt8Md0ra3MvPo7nvi_o26xwo0ihLYVaG-ylIWReROfsjmvHgmViqz-4Fq0puLCy7-Ox74O1CiVU1TXEu3aviyApdQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17286
last-modified
Thu, 17 Sep 2020 07:28:15 GMT
server
UploadServer
etag
"13deaf5edcf5fd0d07f7171cfb3a3035"
x-goog-hash
crc32c=nSqgMQ==, md5=E96vXtz1/Q0H9xcc+zowNQ==
x-goog-generation
1600327695118269
cache-control
no-transform,max-age=3600,public
x-goog-stored-content-length
17286
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 14 Jun 2022 13:57:12 GMT
whatinput.js
threatintelligence.guardicore.com/domain/scripts/
2 KB
815 B
Script
General
Full URL
https://threatintelligence.guardicore.com/domain/scripts/whatinput.js?crc=86476730
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/scripts/require.js?crc=7928878
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.107.128 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
128.107.95.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
cd3bb09aa0c8cefc335a5fe066c1dc1165914f248f853eb08d2998a68d24bf7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/domain/as13285.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 12:57:12 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ADPycdv0gFPXJmvrl1aA0RKISr5A8WhlQCDAgKZv_IW93VAH3Jepi6jtK6gbqsJqwjpy-MqbzAvwJzJByZ0xZsBczJUElg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
780
last-modified
Thu, 17 Sep 2020 07:28:40 GMT
server
UploadServer
etag
"0f1a6d331d940530945b9095da12893f"
x-goog-hash
crc32c=1FNRuA==, md5=DxptMx2UBTCUW5CV2hKJPw==
x-goog-generation
1600327720453698
cache-control
no-transform,max-age=3600,public
x-goog-stored-content-length
780
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 14 Jun 2022 13:57:12 GMT
jquery.musepolyfill.bgsize.js
threatintelligence.guardicore.com/domain/scripts/
5 KB
2 KB
Script
General
Full URL
https://threatintelligence.guardicore.com/domain/scripts/jquery.musepolyfill.bgsize.js?crc=178212883
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/scripts/require.js?crc=7928878
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.107.128 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
128.107.95.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
0a0f0acf7b0d82ba8cd2259a7ea2ceceb2d7c6d570f02ecff533e5ff98ef1cb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/domain/as13285.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 12:57:12 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ADPycdvYceGGhEuQVqd0Tnu0NGuuvv23rOL_yTnoSFkLfIbYOhK6igN0nMWQIxFYrxbfRPihSSyiS54Q-XcaVsa4VCuawg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1976
last-modified
Thu, 17 Sep 2020 07:27:59 GMT
server
UploadServer
etag
"c02bf0e8c743eab572f0d8a4d82cee02"
x-goog-hash
crc32c=W8+xNw==, md5=wCvw6MdD6rVy8Nik2CzuAg==
x-goog-generation
1600327679519411
cache-control
no-transform,max-age=3600,public
x-goog-stored-content-length
1976
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 14 Jun 2022 13:57:12 GMT
jquery.watch.js
threatintelligence.guardicore.com/domain/scripts/
2 KB
1000 B
Script
General
Full URL
https://threatintelligence.guardicore.com/domain/scripts/jquery.watch.js?crc=399457859
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/scripts/require.js?crc=7928878
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.107.128 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
128.107.95.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
58033e86ff9ba1849eef0c3b2b9f561a20d1096ec9ef4bf19010593637963bd1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/domain/as13285.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 12:57:12 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ADPycdu5Bv87orJoTDhKMOqqB7v_h7of48Rl4PQ1IybaRcs3cGTWkNNtMt2KVCaAZgjvMsozwqGFHuaIoqMSbufrC0aBDERRqsSl
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
965
last-modified
Thu, 17 Sep 2020 07:28:05 GMT
server
UploadServer
etag
"9cd9c04fce68357d12c7648b3ba0fc0b"
x-goog-hash
crc32c=JjA5Eg==, md5=nNnAT85oNX0Sx2SLO6D8Cw==
x-goog-generation
1600327685726208
cache-control
no-transform,max-age=3600,public
x-goog-stored-content-length
965
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 14 Jun 2022 13:57:12 GMT
jquery.museresponsive.js
threatintelligence.guardicore.com/domain/scripts/
6 KB
2 KB
Script
General
Full URL
https://threatintelligence.guardicore.com/domain/scripts/jquery.museresponsive.js?crc=3939574382
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/scripts/require.js?crc=7928878
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.107.128 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
128.107.95.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
2ce70fbe2537a815642814b1a3f8028722cd688b295dfc2f150b49a4e1188135

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/domain/as13285.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 12:57:12 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ADPycdtitv89uf9sSmUa_1wKr-3xu6JXKbF3AVhQxXZWWyWc9EUXeoPiDC_gh7Vj84iDxV8pGL7qCD66xIYuXbM--tyx8z9ZnX7Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2504
last-modified
Thu, 17 Sep 2020 07:28:02 GMT
server
UploadServer
etag
"5533a2b98bc75874421775bc7978a2c7"
x-goog-hash
crc32c=vN87Hg==, md5=VTOiuYvHWHRCF3W8eXiixw==
x-goog-generation
1600327682531727
cache-control
no-transform,max-age=3600,public
x-goog-stored-content-length
2504
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 14 Jun 2022 13:57:12 GMT
box-63c3a81830bf549dafe40b369003f751.html
vars.hotjar.com/ Frame E7F7
2 KB
1 KB
Document
General
Full URL
https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1548397.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-127.fra60.r.cloudfront.net
Software
/
Resource Hash
f05ac9ba83369cd58d06d8ee2e5f8d61c040d30d044e20752153f95577627dc6

Request headers

Referer
https://threatintelligence.guardicore.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
982257
cache-control
max-age=31536000
content-encoding
br
content-length
1044
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 03 Jun 2022 04:06:15 GMT
etag
"e6fb1304cb60a0dea0f76f7077cb13c6"
last-modified
Wed, 01 Jun 2022 15:33:09 GMT
vary
Accept-Encoding
via
1.1 ec85113c6ed859938b3fcfa19bc035f8.cloudfront.net (CloudFront)
x-amz-cf-id
R_BS7mUROvUNLwUHpb5i0GyPSq_xoAPJjtNI1Dh41JtkyhEOsfJ2RQ==
x-amz-cf-pop
FRA60-P1
x-cache
Hit from cloudfront
x-robots-tag
none
quota
q-aus1.clicktale.net/ Frame
0
0
Preflight
General
Full URL
https://q-aus1.clicktale.net/quota
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.235.80.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-235-80-119.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://threatintelligence.guardicore.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-headers
Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length
0
date
Tue, 14 Jun 2022 12:57:12 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
timing-allow-origin
*
quota
q-aus1.clicktale.net/
29 B
243 B
Fetch
General
Full URL
https://q-aus1.clicktale.net/quota
Requested by
Host: cdnssl.clicktale.net
URL: https://cdnssl.clicktale.net/www14/ptc/e350bd80-906f-4349-a98a-f169d8f157c0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.235.80.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-235-80-119.compute-1.amazonaws.com
Software
/
Resource Hash
70c705d49e04d07b8353972235ca2f2f7f48c1ddbb671829a282558b991a8fa1

Request headers

Referer
https://threatintelligence.guardicore.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Tue, 14 Jun 2022 12:57:12 GMT
timing-allow-origin
*
access-control-allow-headers
Access-Control-Expose-Headers, Content-Type, Content-Compression
content-length
29
access-control-allow-methods
POST, OPTIONS
content-type
application/json
pageview
c.clicktale.net/
0
319 B
Image
General
Full URL
https://c.clicktale.net/pageview?pid=14256&uu=718a8227-7308-a8f1-9eb2-c30e5495d2f0&sn=1&lv=1655211432&lhd=1655211432&hd=1655211432&pn=1&dw=1600&dh=1200&ww=1600&wh=1200&sw=1600&sh=1200&dr=&url=https%3A%2F%2Fthreatintelligence.guardicore.com%2Fdomain%2Fas13285.net&uc=1&la=en-US&v=11.26.1&r=645907
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/domain/as13285.net
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.187.183 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-187-183.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Jun 2022 12:57:12 GMT
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition
inline
timing-allow-origin
*
access-control-allow-headers
Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires
Sun, 24 Oct 1982 23:00:00 GMT
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/seg?add=29539393&t=1
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D29539393%26t%3D1
0
1019 B
Script
General
Full URL
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D29539393%26t%3D1
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/domain/as13285.net
Protocol
HTTP/1.1
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Jun 2022 12:57:12 GMT
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
4e5c40ad-28a1-4638-801e-d1b88afd0117
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 14 Jun 2022 12:57:12 GMT
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
8430f376-acf9-4f28-b5ae-c965489d2588
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D29539393%26t%3D1
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tc.min.js
c1.rfihub.net/js/
19 KB
6 KB
Script
General
Full URL
https://c1.rfihub.net/js/tc.min.js
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/domain/as13285.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:da00:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 12:56:59 GMT
content-encoding
gzip
last-modified
Tue, 14 Jun 2022 12:56:49 GMT
server
Jetty(9.3.29.v20201019)
age
13
x-cache
Hit from cloudfront
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
via
1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-pop
FRA50-C1
content-type
application/x-javascript
content-length
6162
x-amz-cf-id
xfuWAbgGlkbVmVOOM5Z3y5wNKOrqCdinEHPHEvL6FqZo1OH1G5tTNw==
expires
Tue, 14 Jun 2022 13:56:59 GMT
adsct
t.co/i/
43 B
337 B
Image
General
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=9866c9b1-627c-4f38-9a65-e775004dacab&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=f1fde5aa-e8fa-4250-abb6-036db8895d57&tw_document_href=https%3A%2F%2Fthreatintelligence.guardicore.com%2Fdomain%2Fas13285.net&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o0jty&type=javascript&version=2.3.20
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/domain/as13285.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.133 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-response-time
110
date
Tue, 14 Jun 2022 12:57:11 GMT
server
tsa_o
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
24a7c9f01de2b9bb9a19817833f49d7407d8aa0ac413ec193fd76dc083da9160
content-length
43
adsct
analytics.twitter.com/i/
43 B
354 B
Image
General
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=9866c9b1-627c-4f38-9a65-e775004dacab&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=f1fde5aa-e8fa-4250-abb6-036db8895d57&tw_document_href=https%3A%2F%2Fthreatintelligence.guardicore.com%2Fdomain%2Fas13285.net&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o0jty&type=javascript&version=2.3.20
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/domain/as13285.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-response-time
105
date
Tue, 14 Jun 2022 12:57:12 GMT
server
tsa_o
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
d8bc30f3518aab24c61b267bf3f67fb1500330067e6cbfc4e4b603921e59cda2
content-length
43
pageEvent
c.clicktale.net/
0
320 B
Image
General
Full URL
https://c.clicktale.net/pageEvent?value=MIewdgZglg5gXAAgEoFMA2KCGBnFB9AJgAYCBGUsgFiAAA%3D%3D&isETR=false&isCustomHashId=false&v=11.26.1&pid=14256&uu=718a8227-7308-a8f1-9eb2-c30e5495d2f0&sn=1&pn=1&r=026467
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/domain/as13285.net
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.187.183 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-187-183.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Jun 2022 12:57:12 GMT
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition
inline
timing-allow-origin
*
access-control-allow-headers
Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires
Sun, 24 Oct 1982 23:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
107 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-53878132-1&cid=322816328.1655211432&jid=973163896&_u=YEDAAUABAAAAAC~&z=1510429785
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/domain/as13285.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:811::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Jun 2022 12:57:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-53878132-1&cid=322816328.1655211432&jid=973163896&_u=YEDAAUABAAAAAC~&z=1510429785
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/domain/as13285.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Jun 2022 12:57:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
501 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-53878132-1&cid=322816328.1655211432&jid=1322225896&_u=YEBAAUAAAAAAAC~&z=2124784673
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/domain/as13285.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:811::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Jun 2022 12:57:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-53878132-1&cid=322816328.1655211432&jid=1322225896&_u=YEBAAUAAAAAAAC~&z=2124784673
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/domain/as13285.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Jun 2022 12:57:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dvar
c.clicktale.net/
0
319 B
Image
General
Full URL
https://c.clicktale.net/dvar?v=11.26.1&pid=14256&uu=718a8227-7308-a8f1-9eb2-c30e5495d2f0&sn=1&pn=1&dv=N4IgxgzgsghgLmAFgSwHYHMDSBTAniALhAAYA6ADmIDYBWAdgCYGBGATnIboBZWeB9ZrRotmXAMzM63EAF8gAA%3D%3D&r=831376
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/domain/as13285.net
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.187.183 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-187-183.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Jun 2022 12:57:12 GMT
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition
inline
timing-allow-origin
*
access-control-allow-headers
Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires
Sun, 24 Oct 1982 23:00:00 GMT
visit-data
in.hotjar.com/api/v2/client/sites/1548397/
148 B
322 B
XHR
General
Full URL
https://in.hotjar.com/api/v2/client/sites/1548397/visit-data?sv=7
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.b871a939666125f20d79.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.37.156 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-37-156.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
3dca05421db1a4f3c0518f74af0e01b2e8092fc76f735e1fc65b85686f12008d

Request headers

Referer
https://threatintelligence.guardicore.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Tue, 14 Jun 2022 12:57:12 GMT
content-encoding
br
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store
access-control-allow-credentials
true
1548397
vc.hotjar.io/sessions/
0
257 B
XHR
General
Full URL
https://vc.hotjar.io/sessions/1548397?s=0.25&r=0.21659837913662283
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.b871a939666125f20d79.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-13.fra50.r.cloudfront.net
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 12:57:12 GMT
via
1.1 b44e2902bb3501d47514e51618f1bda4.cloudfront.net (CloudFront)
server
Python/3.7 aiohttp/3.5.4
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store
x-amz-cf-id
vHgW0z04jrs4cr5ODElh1u8ZDAY9TOl8KMxlCQkd7Ezc-iVSPg3b9g==
ca.html
20838322p.rfihub.com/ Frame C090
3 KB
3 KB
Document
General
Full URL
https://20838322p.rfihub.com/ca.html?ver=9&rb=45812&ca=20838322&_o=45812&_t=20838322&pe=https%3A%2F%2Fthreatintelligence.guardicore.com%2Fdomain%2Fas13285.net&pf=&ra=6035587972015592
Requested by
Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
c53c8352724de9ec3260d823932cc141c3bd5b61d16a37a7ed3bec9856b775e8

Request headers

Referer
https://threatintelligence.guardicore.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Content-Length
2649
Content-Type
text/html;charset=utf-8
Date
Tue, 14 Jun 2022 12:57:12 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
/
www.google.com/pagead/1p-user-list/814034752/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/814034752/?random=1655211431958&cv=9&fst=1655208000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6d0&sendb=1&frm=0&url=https%3A%2F%2Fthreatintelligence.guardicore.com%2Fdomain%2Fas13285.net&tiba=Discover%20Malicious%20Domains%20-%20Cyber%20Threat%20Intelligence%20%7C%20Guardicore&async=1&fmt=3&is_vtc=1&random=2088842368&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/domain/as13285.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:811::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Jun 2022 12:57:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/814034752/
42 B
548 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/814034752/?random=1655211431958&cv=9&fst=1655208000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6d0&sendb=1&frm=0&url=https%3A%2F%2Fthreatintelligence.guardicore.com%2Fdomain%2Fas13285.net&tiba=Discover%20Malicious%20Domains%20-%20Cyber%20Threat%20Intelligence%20%7C%20Guardicore&async=1&fmt=3&is_vtc=1&random=2088842368&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/domain/as13285.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Jun 2022 12:57:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/849939417/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/849939417/?random=1655211431960&cv=9&fst=1655208000000&num=1&label=pT43CNz7jXIQ2ZeklQM&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6d0&sendb=1&frm=0&url=https%3A%2F%2Fthreatintelligence.guardicore.com%2Fdomain%2Fas13285.net&tiba=Discover%20Malicious%20Domains%20-%20Cyber%20Threat%20Intelligence%20%7C%20Guardicore&async=1&fmt=3&is_vtc=1&random=2838090900&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/domain/as13285.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:811::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Jun 2022 12:57:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/849939417/
42 B
108 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/849939417/?random=1655211431960&cv=9&fst=1655208000000&num=1&label=pT43CNz7jXIQ2ZeklQM&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6d0&sendb=1&frm=0&url=https%3A%2F%2Fthreatintelligence.guardicore.com%2Fdomain%2Fas13285.net&tiba=Discover%20Malicious%20Domains%20-%20Cyber%20Threat%20Intelligence%20%7C%20Guardicore&async=1&fmt=3&is_vtc=1&random=2838090900&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/domain/as13285.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Jun 2022 12:57:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
content
ws35.hotjar.com/api/v2/sites/1548397/recordings/
66 B
259 B
XHR
General
Full URL
https://ws35.hotjar.com/api/v2/sites/1548397/recordings/content
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.b871a939666125f20d79.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.11.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-11-213.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
88167dbf947b1022d43e27a3b6dcd6eb62f54faeebd0bd0273cf81039edc8a35

Request headers

Referer
https://threatintelligence.guardicore.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Tue, 14 Jun 2022 12:57:12 GMT
content-encoding
br
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store
access-control-allow-credentials
true
cm
a.rfihub.com/ Frame C090
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEzNDQ1NTQyMTQwMTI3Mzg2Ng==&forward=
  • https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEN5IDa5RKx_d0ip_vJuzZDA&google_cver=1
42 B
1008 B
Image
General
Full URL
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEN5IDa5RKx_d0ip_vJuzZDA&google_cver=1
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/domain/as13285.net
Protocol
HTTP/1.1
Server
193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20838322p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Tue, 14 Jun 2022 12:57:12 GMT
Cache-Control
no-cache
Server
Jetty(9.3.29.v20201019)
Content-Type
image/gif
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 14 Jun 2022 12:57:12 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEN5IDa5RKx_d0ip_vJuzZDA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
311
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame C090
43 B
1008 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=18&code=5134455421401273866
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/domain/as13285.net
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20838322p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Jun 2022 12:57:12 GMT
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
bd602178-30b8-4260-8384-676b0f209818
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame C090
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=5134455421401273866&
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/domain/as13285.net
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20838322p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/gif
demconf.jpg
dpm.demdex.net/ Frame C090
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5134455421401273866&redir=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5134455421401273866&redir=
42 B
945 B
Image
General
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5134455421401273866&redir=
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/domain/as13285.net
Protocol
HTTP/1.1
Server
52.215.108.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-108-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20838322p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v034-09b350448.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
9zs8huEPRZI=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v034-07176562c.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
4wr04jmoT8g=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5134455421401273866&redir=
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
match
ps.eyeota.net/ Frame C090
Redirect Chain
  • https://p.rfihub.com/cm?pub=24472&in=1
  • https://ps.eyeota.net/match?uid=5134455421401273866&bid=omt9pi0
0
344 B
Image
General
Full URL
https://ps.eyeota.net/match?uid=5134455421401273866&bid=omt9pi0
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/domain/as13285.net
Protocol
HTTP/1.1
Server
3.124.210.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-210-90.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20838322p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Tue, 14 Jun 2022 12:57:12 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location
https://ps.eyeota.net/match?uid=5134455421401273866&bid=omt9pi0
Date
Tue, 14 Jun 2022 12:57:12 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cksync.php
contextual.media.net/ Frame C090
45 B
616 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5134455421401273866
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/domain/as13285.net
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20838322p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Tue, 14 Jun 2022 12:57:12 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Tue, 14 Jun 2022 12:57:12 GMT
serving
bs.serving-sys.com/ Frame C090
0
105 B
Image
General
Full URL
https://bs.serving-sys.com/serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/domain/as13285.net
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.38.154 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-38-154.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20838322p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 12:57:12 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-length
0
p3p
CP="NOI DEVa OUR BUS UNI"
501709.gif
idsync.rlcdn.com/ Frame C090
Redirect Chain
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5134455421401273866&referrer=https%3A%2F%2Fthreatintelligence.guardicore.com%2Fdomain%2Fas13285.net
  • https://p.rfihub.com/cm?pub=39342&in=0&userid=58ef27b3-02f1-464f-9119-a18827efcc12%3A1655211431.92&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D58ef27b3-02f1-464f-9119-a18827efcc12...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=58ef27b3-02f1-464f-9119-a18827efcc12%3A1655211431.92
0
9 B
Image
General
Full URL
https://idsync.rlcdn.com/501709.gif?partner_uid=58ef27b3-02f1-464f-9119-a18827efcc12%3A1655211431.92
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/domain/as13285.net
Protocol
H3
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20838322p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 12:57:12 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Redirect headers

Location
https://idsync.rlcdn.com/501709.gif?partner_uid=58ef27b3-02f1-464f-9119-a18827efcc12%3A1655211431.92
Date
Tue, 14 Jun 2022 12:57:12 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
bpi.rtactivate.com/tag/ Frame C090
43 B
109 B
Image
General
Full URL
https://bpi.rtactivate.com/tag/?id=11017&user_id=5134455421401273866
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/domain/as13285.net
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.210.53.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-53-250.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20838322p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 12:57:12 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
rum
dsum-sec.casalemedia.com/ Frame C090
Redirect Chain
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5134455421401273866&forward=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5134455421401273866&forward=&C=1
43 B
783 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5134455421401273866&forward=&C=1
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/domain/as13285.net
Protocol
HTTP/1.1
Server
69.192.160.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-245.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20838322p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Jun 2022 12:57:12 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 14 Jun 2022 12:57:12 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 14 Jun 2022 12:57:12 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=57&external_user_id=5134455421401273866&forward=&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Expires
Tue, 14 Jun 2022 12:57:12 GMT
360947.gif
idsync.rlcdn.com/ Frame C090
0
98 B
Image
General
Full URL
https://idsync.rlcdn.com/360947.gif?partner_uid=5134455421401273866
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/domain/as13285.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20838322p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 12:57:12 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
rocketfuel_sync
x.dlx.addthis.com/e/ Frame C090
43 B
191 B
Image
General
Full URL
https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5134455421401273866
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/domain/as13285.net
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.192.27 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-192-27.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20838322p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Jun 2022 12:57:12 GMT
cache-control
max-age=0, no-cache, no-store
expires
Tue, 14 Jun 2022 12:57:12 GMT
content-length
43
strict-transport-security
max-age=2628000
content-type
image/gif
partner
sync.search.spotxchange.com/ Frame C090
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5134455421401273866&img=1
  • https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5134455421401273866&img=1&__user_check__=1&sync_id=821c702e-ebe1-11ec-a910-17f3d7a10306
43 B
549 B
Image
General
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5134455421401273866&img=1&__user_check__=1&sync_id=821c702e-ebe1-11ec-a910-17f3d7a10306
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/domain/as13285.net
Protocol
HTTP/1.1
Server
185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20838322p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Tue, 14 Jun 2022 12:57:12 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
141
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Tue, 14 Jun 2022 12:57:12 GMT
Server
nginx
Location
/partner?adv_id=7180&uid=5134455421401273866&img=1&__user_check__=1&sync_id=821c702e-ebe1-11ec-a910-17f3d7a10306
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
126
Connection
keep-alive
Content-Length
0
sync
partners.tremorhub.com/ Frame C090
43 B
183 B
Image
General
Full URL
https://partners.tremorhub.com/sync?UIRF=5134455421401273866&r=CHFi5OtGAdQ4
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/domain/as13285.net
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:6e00:7b23:6545:3513 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20838322p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 12:57:12 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
g.pixel
aa.agkn.com/adscores/ Frame C090
43 B
377 B
Image
General
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5134455421401273866
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/domain/as13285.net
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.156.126.13 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-126-13.eu-central-1.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20838322p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Jun 2022 12:57:12 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
expires
0
usermatch.gif
beacon.krxd.net/ Frame C090
0
337 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5134455421401273866
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/domain/as13285.net
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.35.239.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-35-239-153.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20838322p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 12:57:12 GMT
cache-control
private, no-cache, no-store
x-request-time
D=39 t=1655211432
x-served-by
beacon-n018-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
x.bidswitch.net/ul_cb/ Frame C090
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5134455421401273866&expires=30
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5134455421401273866&expires=30
43 B
495 B
Image
General
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5134455421401273866&expires=30
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/domain/as13285.net
Protocol
HTTP/1.1
Server
52.29.193.101 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-193-101.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20838322p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Tue, 14 Jun 2022 12:57:12 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5134455421401273866&expires=30
Date
Tue, 14 Jun 2022 12:57:12 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
cm
p.rfihub.com/ Frame C090
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=YqiFqAAIx1oZVwAj
  • https://p.rfihub.com/cm?in=1&pub=21653&userid=YqiFqAAIx1oZVwAj&_test=YqiFqAAIx1oZVwAj
42 B
1 KB
Image
General
Full URL
https://p.rfihub.com/cm?in=1&pub=21653&userid=YqiFqAAIx1oZVwAj&_test=YqiFqAAIx1oZVwAj
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/domain/as13285.net
Protocol
HTTP/1.1
Server
193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20838322p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Tue, 14 Jun 2022 12:57:12 GMT
Cache-Control
no-cache
Server
Jetty(9.3.29.v20201019)
Content-Type
image/gif
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 14 Jun 2022 12:57:12 GMT
via
1.1 varnish
server
Varnish
x-timer
S1655211433.549486,VS0,VE0
x-served-by
cache-hhn4041-HHN
x-cache
HIT
location
https://p.rfihub.com/cm?in=1&pub=21653&userid=YqiFqAAIx1oZVwAj&_test=YqiFqAAIx1oZVwAj
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
25022092
www.clarity.ms/tag/uet/
2 KB
2 KB
Script
General
Full URL
https://www.clarity.ms/tag/uet/25022092
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/25022092.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:27::cafe:1835 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
3995fd72f14254a75e709dd7f4ca7db75fb084ed28c825aa9770767d5edda49c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 12:57:12 GMT
x-powered-by
ASP.NET
x-azure-ref
0qIWoYgAAAABFjkHHkT6ZS4ElYjr/Q7IzV0FXMDFFREdFMDUxOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
expires
-1
cache-control
no-cache, no-store
request-context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
/
www.facebook.com/tr/
44 B
91 B
Image
General
Full URL
https://www.facebook.com/tr/?id=260002655494040&ev=Microdata&dl=https%3A%2F%2Fthreatintelligence.guardicore.com%2Fdomain%2Fas13285.net&rl=&if=false&ts=1655211432449&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Discover%20Malicious%20Domains%20-%20Cyber%20Threat%20Intelligence%20%7C%20Guardicore%22%2C%22meta%3Adescription%22%3A%22The%20Guardicore%20Threat%20Intelligence%20website%20supplies%20unique%20information%20on%20the%20domain%20as13285.net.%20The%20data%20contains%20information%20derived%20from%20Guardicore%20Centra.%22%2C%22meta%3Akeywords%22%3A%22Threat%20feed%2C%20cyber%20intelligence%2C%20vulnerabilities%2C%20network%20scanner%2C%20malicious%20domains%2C%20%2C%20as13285.net%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22Guardicore%20Cyber%20Threat%20Intelligence%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fthreatintelligence.guardicore.com%2Fimages%2Fog-meta.png%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aupdated_time%22%3A%222022-04-20%2011%3A12%3A02.166208%22%2C%22og%3Atitle%22%3A%22Discover%20Malicious%20Domains%20-%20Cyber%20Threat%20Intelligence%20%7C%20Guardicore%20%7C%20as13285.net%22%2C%22og%3Adescription%22%3A%22The%20Guardicore%20Threat%20Intelligence%20website%20supplies%20unique%20information%20on%20the%20domain%20as13285.net.%20The%20data%20contains%20information%20derived%20from%20Guardicore%20Centra.%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fthreatintelligence.guardicore.com%2Fdomain%2Fas13285.net%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.62&r=stable&ec=1&o=30&fbp=fb.1.1655211431940.466231677&it=1655211431811&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/domain/as13285.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 12:57:12 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Tue, 14 Jun 2022 12:57:12 GMT
recording
k-aus1.clicktale.net/v2/
0
0
Fetch
General
Full URL
https://k-aus1.clicktale.net/v2/recording?rt=5&v=11.26.1&pid=14256&uu=718a8227-7308-a8f1-9eb2-c30e5495d2f0&sn=1&pn=1&ri=1
Requested by
Host: cdnssl.clicktale.net
URL: https://cdnssl.clicktale.net/www14/ptc/e350bd80-906f-4349-a98a-f169d8f157c0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.122.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-122-116.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 14 Jun 2022 12:57:12 GMT
timing-allow-origin
*
access-control-allow-headers
Access-Control-Expose-Headers, Content-Type, Content-Compression
content-length
0
access-control-allow-methods
GET, POST, OPTIONS
clarity.js
www.clarity.ms/eus2/s/0.6.35/
53 KB
23 KB
Script
General
Full URL
https://www.clarity.ms/eus2/s/0.6.35/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/25022092
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:27::cafe:1835 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
fab5572c01cd671e1a92d8ffda83b65c5276089a5d8f7cec2105ba034a55a98e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 12:57:12 GMT
content-encoding
br
etag
"1d87e8642decd65"
last-modified
Sun, 12 Jun 2022 18:00:12 GMT
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
x-azure-ref
0qIWoYgAAAADvvJS8ZOlYQJRAuj2NpvziV0FXMDFFREdFMDUxOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges
bytes
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
dashboard-image-buttonu83504-fr.jpg
threatintelligence.guardicore.com/images/
11 KB
12 KB
Image
General
Full URL
https://threatintelligence.guardicore.com/images/dashboard-image-buttonu83504-fr.jpg?crc=3912792423
Requested by
Host: threatintelligence.guardicore.com
URL: https://threatintelligence.guardicore.com/css/outer_template.css?crc=3795006131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.107.128 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
128.107.95.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ee4daae09e1e59ea93066900ef83064b6f5d38e452097c85670a83bf03287ffe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/css/outer_template.css?crc=3795006131
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 12:57:12 GMT
age
0
x-guploader-uploadid
ADPycdtvJyL-CrvmL3t_B3kI5I0160KqPVZqOxdYTfZibgKoogaVHJjqdnKz6y2aH86t-3g_8VYEjxwECQrRKoc8jLfuBwrIMC0m
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11756
last-modified
Thu, 17 Sep 2020 07:26:15 GMT
server
UploadServer
etag
"ee86b7c86ebd8a90e00677c3d8308bd1"
x-goog-hash
crc32c=VJOnsA==, md5=7oa3yG69ipDgBnfD2DCL0Q==
x-goog-generation
1600327575158807
cache-control
no-transform,max-age=3600,public
x-goog-stored-content-length
11756
accept-ranges
bytes
content-type
image/jpeg
expires
Tue, 14 Jun 2022 13:57:12 GMT
baseline-search-24px.svg
threatintelligence.guardicore.com/images/
696 B
737 B
Image
General
Full URL
https://threatintelligence.guardicore.com/images/baseline-search-24px.svg?crc=4047723681
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.107.128 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
128.107.95.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
7f9bb56b6211100609672da98b243c0eccb62c86d3866ed02d1978b45f3f48e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/domain/as13285.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 12:57:12 GMT
age
0
x-guploader-uploadid
ADPycdtVUXOLUst61ZYMCGc38spoD984X_oDv0a3dHBB-URRSB7rlGPJGpy1SmfzhMVl-KwFk4g5K2jNph0nJVvmLSdqWgECINyw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
696
last-modified
Thu, 17 Sep 2020 07:25:40 GMT
server
UploadServer
etag
"5f05403da569bc26a61ce8c6cdbb1500"
x-goog-hash
crc32c=0aFAUA==, md5=XwVAPaVpvCamHOjGzbsVAA==
x-goog-generation
1600327540146797
cache-control
no-transform,max-age=3600,public
x-goog-stored-content-length
696
accept-ranges
bytes
content-type
image/svg+xml
expires
Tue, 14 Jun 2022 13:57:12 GMT
close-16px.svg
threatintelligence.guardicore.com/images/
499 B
533 B
Image
General
Full URL
https://threatintelligence.guardicore.com/images/close-16px.svg?crc=3954537770
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.107.128 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
128.107.95.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a00d0920b748c1cfd063b1066783e942d8ad0e39b6ac869c5a0756718bd053da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/domain/as13285.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 12:57:12 GMT
age
0
x-guploader-uploadid
ADPycdse1f1jAeZI4DHwCKIZoIeNWbOWjww2TH9UBBidPvFMuS4ZvSb4Lv5UzhMWzzzfx64RK5KhZ3Ff-Zl1tm-6iS2_iQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
499
last-modified
Thu, 17 Sep 2020 07:25:43 GMT
server
UploadServer
etag
"8300b083e3636dd6b9229f1ff2f7a4e4"
x-goog-hash
crc32c=Mxn8Gg==, md5=gwCwg+Njbda5Ip8f8vek5A==
x-goog-generation
1600327543675391
cache-control
no-transform,max-age=3600,public
x-goog-stored-content-length
499
accept-ranges
bytes
content-type
image/svg+xml
expires
Tue, 14 Jun 2022 13:57:12 GMT
logo-web.svg
threatintelligence.guardicore.com/images/
5 KB
5 KB
Image
General
Full URL
https://threatintelligence.guardicore.com/images/logo-web.svg?crc=429939348
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.107.128 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
128.107.95.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e02438a90544fd70aed07941fca455d4a679d0c2dbd7a037a80e4e253c988cc0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/domain/as13285.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 12:57:12 GMT
age
0
x-guploader-uploadid
ADPycdsbnsQLNt-SDXS184VEu9uzTyYMoUeKjcoNy4ZO0NhmLkL5j3TFS_R0j2iaTLhjH76x8pXcgHzSJx8Zdb-qm0Zf2gQHZmIZ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4644
last-modified
Thu, 17 Sep 2020 07:27:15 GMT
server
UploadServer
etag
"2835c3321a0d55ac320199705fd768d1"
x-goog-hash
crc32c=aODKzA==, md5=KDXDMhoNVawyAZlwX9do0Q==
x-goog-generation
1600327635318779
cache-control
no-transform,max-age=3600,public
x-goog-stored-content-length
4644
accept-ranges
bytes
content-type
image/svg+xml
expires
Tue, 14 Jun 2022 13:57:12 GMT
baseline-error-24px.svg
threatintelligence.guardicore.com/images/
234 B
275 B
Image
General
Full URL
https://threatintelligence.guardicore.com/images/baseline-error-24px.svg?crc=459588340
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.107.128 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
128.107.95.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
6110d07b4bd66af8045b43edbf08b656b75186d5accb8b6d956e09dc37a26db5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/domain/as13285.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 12:57:12 GMT
age
0
x-guploader-uploadid
ADPycdsbWtUS4isEl1qdEEDU4v0q_Fa82WzfydtGRX-eef9HhiXNlYf9OvsEU4HynZL0ucOkfgACabFs0bzwE8rIjL8fjEBRD4AR
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
234
last-modified
Thu, 17 Sep 2020 07:36:51 GMT
server
UploadServer
etag
"d06318cfa6d6a6907bc203163b483238"
x-goog-hash
crc32c=Ap0jLA==, md5=0GMYz6bWppB7wgMWO0gyOA==
x-goog-generation
1600328211168012
cache-control
no-transform,max-age=3600,public
x-goog-stored-content-length
234
accept-ranges
bytes
content-type
image/svg+xml
expires
Tue, 14 Jun 2022 13:57:12 GMT
linkdin.svg
threatintelligence.guardicore.com/images/
655 B
692 B
Image
General
Full URL
https://threatintelligence.guardicore.com/images/linkdin.svg?crc=267594148
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.107.128 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
128.107.95.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a2d792639c1f8da6cae1da882f131c1a42850c41b19f566264827dc036278496

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/domain/as13285.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 12:57:12 GMT
age
0
x-guploader-uploadid
ADPycdukF8BSff-kCCBYR4slXBkDSO_-T6pcobI0-CtZZZSCx-yOjKpCoJyGlopX863sHOxLtIfdVsBH9hB7oioAl8cUzxmijGcS
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
655
last-modified
Thu, 17 Sep 2020 07:27:10 GMT
server
UploadServer
etag
"4472a19a7e4802db55a7ffe101cb671e"
x-goog-hash
crc32c=xy4JMg==, md5=RHKhmn5IAttVp//hActnHg==
x-goog-generation
1600327630238440
cache-control
no-transform,max-age=3600,public
x-goog-stored-content-length
655
accept-ranges
bytes
content-type
image/svg+xml
expires
Tue, 14 Jun 2022 13:57:12 GMT
twitter.svg
threatintelligence.guardicore.com/images/
729 B
764 B
Image
General
Full URL
https://threatintelligence.guardicore.com/images/twitter.svg?crc=4154116219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.107.128 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
128.107.95.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
92aee4c43b2cb6424290ce3ed78ec7bbd9826a1e487e68c1c0df0ea3d80bbd40

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/domain/as13285.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 12:57:12 GMT
age
0
x-guploader-uploadid
ADPycdujl0cXbuLXreBM2Mh1snb3BQ2Ku9rK312sPXlA_JqlOb1geDgIGUkOW-Pf0xXXm7cNmQ1r8FojB_gG9MRYHYUwOlU_UJAo
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
729
last-modified
Thu, 17 Sep 2020 07:27:40 GMT
server
UploadServer
etag
"286811cb7d2894eef848a4fc7b69278c"
x-goog-hash
crc32c=Qs/JKA==, md5=KGgRy30olO74SKT8e2knjA==
x-goog-generation
1600327660010842
cache-control
no-transform,max-age=3600,public
x-goog-stored-content-length
729
accept-ranges
bytes
content-type
image/svg+xml
expires
Tue, 14 Jun 2022 13:57:12 GMT
facebook-f.svg
threatintelligence.guardicore.com/images/
420 B
466 B
Image
General
Full URL
https://threatintelligence.guardicore.com/images/facebook-f.svg?crc=162156378
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.107.128 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
128.107.95.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
bae4c81e1ee4d3b2dd764a7d3772d8201e4f22997b8dbd95621d6376549964eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/domain/as13285.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 12:57:12 GMT
age
0
x-guploader-uploadid
ADPycdsJlKIy3YkKQylPqhFQyWSSME599_YlinCThiamtfUte138JM4ReJQTCo0FGARqrZUbpTQIfzgCdGPcSyiLxBnOGP9QM-8L
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
420
last-modified
Thu, 17 Sep 2020 07:26:53 GMT
server
UploadServer
etag
"4c9b553f8a46463d40fbeac7fa866deb"
x-goog-hash
crc32c=p/kiKA==, md5=TJtVP4pGRj1A++rH+oZt6w==
x-goog-generation
1600327613500782
cache-control
no-transform,max-age=3600,public
x-goog-stored-content-length
420
accept-ranges
bytes
content-type
image/svg+xml
expires
Tue, 14 Jun 2022 13:57:12 GMT
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=186529CFE6CF4031B55665299E21DD60&RedC=c.clarity.ms&MXFR=3B4DA4CC30B969751F2DB50F34B9675C
  • https://c.clarity.ms/c.gif?CtsSyncId=186529CFE6CF4031B55665299E21DD60&MUID=120347BC6D416A531994567F6C2A6B35
42 B
368 B
Image
General
Full URL
https://c.clarity.ms/c.gif?CtsSyncId=186529CFE6CF4031B55665299E21DD60&MUID=120347BC6D416A531994567F6C2A6B35
Protocol
H2
Server
20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Jun 2022 12:57:12 GMT
last-modified
Fri, 20 May 2022 21:53:17 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"17a28a3946cd81:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 14 Jun 2022 12:57:12 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 86161C6B8D29421C8102BABBAD9D0BAB Ref B: FRAEDGE1416 Ref C: 2022-06-14T12:57:12Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?CtsSyncId=186529CFE6CF4031B55665299E21DD60&MUID=120347BC6D416A531994567F6C2A6B35
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
recording
k-aus1.clicktale.net/v2/
0
0
Fetch
General
Full URL
https://k-aus1.clicktale.net/v2/recording?rt=5&v=11.26.1&pid=14256&uu=718a8227-7308-a8f1-9eb2-c30e5495d2f0&sn=1&pn=1&ri=2
Requested by
Host: cdnssl.clicktale.net
URL: https://cdnssl.clicktale.net/www14/ptc/e350bd80-906f-4349-a98a-f169d8f157c0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.122.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-122-116.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 14 Jun 2022 12:57:12 GMT
timing-allow-origin
*
access-control-allow-headers
Access-Control-Expose-Headers, Content-Type, Content-Compression
content-length
0
access-control-allow-methods
GET, POST, OPTIONS
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=408226138&t=event&ni=1&_s=1&dl=https%3A%2F%2Fthreatintelligence.guardicore.com%2Fdomain%2Fas13285.net&ul=en-us&de=UTF-8&dt=Discover%20Malicious%20Domains%20-%20Cyber%20Threat%20Intelligence%20%7C%20Guardicore&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=Percentage&el=25%25&_u=aEHAAUABAAAAAC~&jid=&gjid=&cid=322816328.1655211432&tid=UA-53878132-1&_gid=644992957.1655211432&gtm=2wg6d0WDRGX6B&z=1967956065
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Jun 2022 01:49:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
40067
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=408226138&t=event&ni=1&_s=1&dl=https%3A%2F%2Fthreatintelligence.guardicore.com%2Fdomain%2Fas13285.net&ul=en-us&de=UTF-8&dt=Discover%20Malicious%20Domains%20-%20Cyber%20Threat%20Intelligence%20%7C%20Guardicore&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=Percentage&el=50%25&_u=aEHAAUABAAAAAC~&jid=&gjid=&cid=322816328.1655211432&tid=UA-53878132-1&_gid=644992957.1655211432&gtm=2wg6d0WDRGX6B&z=766049334
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Jun 2022 01:49:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
40067
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=408226138&t=event&ni=1&_s=1&dl=https%3A%2F%2Fthreatintelligence.guardicore.com%2Fdomain%2Fas13285.net&ul=en-us&de=UTF-8&dt=Discover%20Malicious%20Domains%20-%20Cyber%20Threat%20Intelligence%20%7C%20Guardicore&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=Percentage&el=75%25&_u=aEHAAUABAAAAAC~&jid=&gjid=&cid=322816328.1655211432&tid=UA-53878132-1&_gid=644992957.1655211432&gtm=2wg6d0WDRGX6B&z=1050712542
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Jun 2022 01:49:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
40067
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
b.clarity.ms/
0
187 B
XHR
General
Full URL
https://b.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.6.35/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://threatintelligence.guardicore.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin
https://threatintelligence.guardicore.com
date
Tue, 14 Jun 2022 12:57:12 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
img.gif
b.6sc.co/v1/beacon/
43 B
774 B
Image
General
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=0d8c67340d4aad8b32bfb9bcc7aa4ded&svisitor=cbd5ce17f3650000a785a86237030000304e3f00&session=7b0ebf2a-4c10-495f-8836-73f21de712a6&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2014%20Jun%202022%2012%3A57%3A12%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2014%20Jun%202022%2012%3A57%3A11%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%221001%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Guardicore%20Threat%20Intelligence%20website%20supplies%20unique%20information%20on%20the%20domain%20as13285.net.%20The%20data%20contains%20information%20derived%20from%20Guardicore%20Centra.%22%2C%22keywords%22%3A%22Threat%20feed%2C%20cyber%20intelligence%2C%20vulnerabilities%2C%20network%20scanner%2C%20malicious%20domains%2C%20%2C%20as13285.net%22%2C%22title%22%3A%22Discover%20Malicious%20Domains%20-%20Cyber%20Threat%20Intelligence%20%7C%20Guardicore%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fthreatintelligence.guardicore.com%2Fdomain%2Fas13285.net&pageViewId=8a485809-f40f-4185-8593-89410dac6767&an_uid=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-137-162.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Tue, 14 Jun 2022 12:57:13 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
43
Pragma
no-cache
Last-Modified
Tue, 05 Oct 2021 22:17:52 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"615ccf10-2b"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/gif
Access-Control-Allow-Origin
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 19 Apr 2000 11:43:00 GMT
collect
b.clarity.ms/
0
25 B
XHR
General
Full URL
https://b.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.6.35/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://threatintelligence.guardicore.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin
https://threatintelligence.guardicore.com
date
Tue, 14 Jun 2022 12:57:12 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
img.gif
b.6sc.co/v1/beacon/
43 B
774 B
Image
General
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=0d8c67340d4aad8b32bfb9bcc7aa4ded&svisitor=cbd5ce17f3650000a785a86237030000304e3f00&session=7b0ebf2a-4c10-495f-8836-73f21de712a6&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2014%20Jun%202022%2012%3A57%3A13%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2014%20Jun%202022%2012%3A57%3A12%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%222002%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Guardicore%20Threat%20Intelligence%20website%20supplies%20unique%20information%20on%20the%20domain%20as13285.net.%20The%20data%20contains%20information%20derived%20from%20Guardicore%20Centra.%22%2C%22keywords%22%3A%22Threat%20feed%2C%20cyber%20intelligence%2C%20vulnerabilities%2C%20network%20scanner%2C%20malicious%20domains%2C%20%2C%20as13285.net%22%2C%22title%22%3A%22Discover%20Malicious%20Domains%20-%20Cyber%20Threat%20Intelligence%20%7C%20Guardicore%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fthreatintelligence.guardicore.com%2Fdomain%2Fas13285.net&pageViewId=8a485809-f40f-4185-8593-89410dac6767&an_uid=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-137-162.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Tue, 14 Jun 2022 12:57:14 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
43
Pragma
no-cache
Last-Modified
Tue, 05 Oct 2021 22:17:52 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"615ccf10-2b"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/gif
Access-Control-Allow-Origin
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 19 Apr 2000 11:43:00 GMT
img.gif
b.6sc.co/v1/beacon/
43 B
774 B
Image
General
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=0d8c67340d4aad8b32bfb9bcc7aa4ded&svisitor=cbd5ce17f3650000a785a86237030000304e3f00&session=7b0ebf2a-4c10-495f-8836-73f21de712a6&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2014%20Jun%202022%2012%3A57%3A14%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2014%20Jun%202022%2012%3A57%3A13%20GMT%22%2C%22timeSpent%22%3A%221004%22%2C%22totalTimeSpent%22%3A%223006%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Guardicore%20Threat%20Intelligence%20website%20supplies%20unique%20information%20on%20the%20domain%20as13285.net.%20The%20data%20contains%20information%20derived%20from%20Guardicore%20Centra.%22%2C%22keywords%22%3A%22Threat%20feed%2C%20cyber%20intelligence%2C%20vulnerabilities%2C%20network%20scanner%2C%20malicious%20domains%2C%20%2C%20as13285.net%22%2C%22title%22%3A%22Discover%20Malicious%20Domains%20-%20Cyber%20Threat%20Intelligence%20%7C%20Guardicore%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fthreatintelligence.guardicore.com%2Fdomain%2Fas13285.net&pageViewId=8a485809-f40f-4185-8593-89410dac6767&an_uid=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-137-162.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Tue, 14 Jun 2022 12:57:15 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
43
Pragma
no-cache
Last-Modified
Fri, 21 Feb 2020 18:57:20 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5e502810-2b"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/gif
Access-Control-Allow-Origin
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 19 Apr 2000 11:43:00 GMT
img.gif
b.6sc.co/v1/beacon/
43 B
774 B
Image
General
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=0d8c67340d4aad8b32bfb9bcc7aa4ded&svisitor=cbd5ce17f3650000a785a86237030000304e3f00&session=7b0ebf2a-4c10-495f-8836-73f21de712a6&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2014%20Jun%202022%2012%3A57%3A15%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2014%20Jun%202022%2012%3A57%3A14%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%224008%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Guardicore%20Threat%20Intelligence%20website%20supplies%20unique%20information%20on%20the%20domain%20as13285.net.%20The%20data%20contains%20information%20derived%20from%20Guardicore%20Centra.%22%2C%22keywords%22%3A%22Threat%20feed%2C%20cyber%20intelligence%2C%20vulnerabilities%2C%20network%20scanner%2C%20malicious%20domains%2C%20%2C%20as13285.net%22%2C%22title%22%3A%22Discover%20Malicious%20Domains%20-%20Cyber%20Threat%20Intelligence%20%7C%20Guardicore%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fthreatintelligence.guardicore.com%2Fdomain%2Fas13285.net&pageViewId=8a485809-f40f-4185-8593-89410dac6767&an_uid=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-137-162.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligence.guardicore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Tue, 14 Jun 2022 12:57:16 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
43
Pragma
no-cache
Last-Modified
Fri, 21 Feb 2020 18:57:20 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5e502810-2b"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/gif
Access-Control-Allow-Origin
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 19 Apr 2000 11:43:00 GMT
collect
b.clarity.ms/
0
48 B
XHR
General
Full URL
https://b.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.6.35/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://threatintelligence.guardicore.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin
https://threatintelligence.guardicore.com
date
Tue, 14 Jun 2022 12:57:15 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
img.gif
b.6sc.co/v1/beacon/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
b.6sc.co
URL
https://b.6sc.co/v1/beacon/img.gif?token=0d8c67340d4aad8b32bfb9bcc7aa4ded&svisitor=cbd5ce17f3650000a785a86237030000304e3f00&session=7b0ebf2a-4c10-495f-8836-73f21de712a6&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2014%20Jun%202022%2012%3A57%3A16%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2014%20Jun%202022%2012%3A57%3A15%20GMT%22%2C%22timeSpent%22%3A%221003%22%2C%22totalTimeSpent%22%3A%225011%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Guardicore%20Threat%20Intelligence%20website%20supplies%20unique%20information%20on%20the%20domain%20as13285.net.%20The%20data%20contains%20information%20derived%20from%20Guardicore%20Centra.%22%2C%22keywords%22%3A%22Threat%20feed%2C%20cyber%20intelligence%2C%20vulnerabilities%2C%20network%20scanner%2C%20malicious%20domains%2C%20%2C%20as13285.net%22%2C%22title%22%3A%22Discover%20Malicious%20Domains%20-%20Cyber%20Threat%20Intelligence%20%7C%20Guardicore%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fthreatintelligence.guardicore.com%2Fdomain%2Fas13285.net&pageViewId=8a485809-f40f-4185-8593-89410dac6767&an_uid=0

Verdicts & Comments Add Verdict or Comment

174 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation object| Muse string| __adobewebfontsappname__ function| gtag object| dataLayer function| getCssClass object| Typekit object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| postscribe object| google_tag_manager_external function| $ function| jQuery function| hj object| _hjSettings string| _linkedin_data_partner_id function| twq function| fbq function| _fbq object| _6si boolean| suppressMissingFileError function| muse_init object| ip_reg function| searchPage object| jQuery18308348258194199889 function| requirejs function| require function| define object| _uxa boolean| clickTaleTagInjected function| zync_call function| lintrk boolean| _already_called_lintrk object| gaplugins object| gaGlobal object| gaData object| CS_CONF object| CSPureWindow function| csDate object| csJSON function| csArray function| csString function| csURL function| csMutationObserver object| csScreen function| csNodechildNodes function| csNodeparentNode function| csNodenextSibling function| csNodefirstChild function| csElementshadowRoot function| csEventtarget object| CSPathComputation object| UXAnalytics function| UET function| UET_init function| UET_push object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| ueto_50fd4eeb37 object| uetq function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO boolean| museConfigLoadedAndExecuted function| ClickTaleOnRecording boolean| isHttps undefined| scriptSource undefined| pccSource string| pccSrc object| pccScriptElement object| ClickTaleGlobal object| ClickTaleSettings object| ClickTaleOnReadyList boolean| ClickTaleIsXHTMLCompliant function| ClickTaleCreateDOMElement function| ClickTaleAppendInHead function| ClickTaleXHTMLCompliantScriptTagCreate boolean| ClickTaleIncludedOnDOMReady string| ClickTaleScriptSource undefined| ClickTalePrevOnReady function| ClickTaleOnReady object| WRPubSub object| _ct_commands object| WRCommands string| ClickTaleUIDCookieName number| ClickTaleCookieExpiryDays boolean| ClickTaleOnReadyInvoked function| ClickTaleExec function| ClickTaleField function| ClickTaleNote function| ClickTaleLog function| ClickTaleIgnore function| ClickTaleSetUID function| ClickTaleTerm function| ClickTaleUploadPage function| ClickTaleSetAllSensitive function| ClickTaleResetAllSensitive function| ClickTaleSetSomeSensitive function| ClickTaleRebindEvents function| ClickTaleResetSomeSensitive function| ClickTaleDelayUploadPage function| ClickTaleSetCustomElementID function| ClickTaleChangeMonitorExec function| ClickTaleSendJsonMessage function| ClickTaleUploadPageNow function| ClickTaleFormDisable function| ClickTaleFormDisableAll function| ClickTaleRegisterFormSubmit function| ClickTaleRegisterScroll function| ClickTaleSendImmediate function| ClickTaleRegisterManualEvent function| ClickTaleRegisterFormSubmitSent function| ClickTaleRegisterTouchAction function| ClickTaleSendThresholdExceededEvent function| ClickTaleRegisterFormSubmitNotSent function| ClickTaleRegisterFormSubmitSuccess function| ClickTaleRegisterFormSubmitFailure function| ClickTaleDispatchPersistedMessages function| ClickTaleAddAugmentElementPathHandler function| ClickTaleCookieDomain function| ClickTaleIsUploadPage function| ClickTaleGetVersion function| ClickTaleGetPID function| ClickTaleGetUID function| ClickTaleGetSID function| ClickTaleGetSubscriberId function| ClickTaleGetPartition function| ClickTaleGetClientIp function| ClickTaleIsPlayback function| ClickTaleGetWRIgnoreExpiry function| ClickTaleLogicalForm function| ClickTaleRegisterElementAction function| ClickTaleFormGetInputs function| ClickTaleIsSavedRecording function| ClickTaleUnsubscribe function| ClickTaleSubscribe function| ClickTaleLogical function| ClickTaleLogicalWithUploadPage function| ClickTaleDetectAgent function| ClickTaleTag function| ClickTaleEvent function| ClickTaleEventTrigger function| ClickTaleIsRecording function| ClickTaleGetAuthResponse function| ClickTale function| ClickTaleStop function| _rfi boolean| ClickTaleFirstPCCGo function| clickTaleStartEventSignal function| clickTaleEndEventSignal function| ClicktaleIntegrationExperienceHandler object| regeneratorRuntime object| twttr function| ClicktaleReplayLink function| extend function| RocketfuelBCPInclude function| RocketfuelBCPClass function| RocketfuelUtils object| RocketfuelBCP object| jQuery18303233892225602235 function| clarity

66 Cookies

Domain/Path Name / Value
.guardicore.com/ Name: _gcl_au
Value: 1.1.1730414902.1655211432
.guardicore.com/ Name: _cs_mk_ga
Value: 0.8065722198274949_1655211431774
.6sc.co/ Name: 6suuid
Value: cbd5ce17f3650000a785a86237030000304e3f00
.bing.com/ Name: MUID
Value: 120347BC6D416A531994567F6C2A6B35
.guardicore.com/ Name: _ga
Value: GA1.2.322816328.1655211432
.guardicore.com/ Name: _gid
Value: GA1.2.644992957.1655211432
.guardicore.com/ Name: _gat_gtag_UA_53878132_1
Value: 1
.threatintelligence.guardicore.com/ Name: _ga
Value: GA1.3.322816328.1655211432
.threatintelligence.guardicore.com/ Name: _gid
Value: GA1.3.644992957.1655211432
.threatintelligence.guardicore.com/ Name: _gat_UA-53878132-1
Value: 1
.guardicore.com/ Name: _cs_c
Value: 1
.guardicore.com/ Name: _fbp
Value: fb.1.1655211431940.466231677
.guardicore.com/ Name: _uetsid
Value: 81cc4ed0ebe111ec9464cd9ceb1d7038
.guardicore.com/ Name: _uetvid
Value: 81cc77d0ebe111ec9f167129641a9bcd
threatintelligence.guardicore.com/ Name: _gd_visitor
Value: 9c464022-02fe-4df7-8d4c-afead8bb6c9f
threatintelligence.guardicore.com/ Name: _gd_session
Value: 7b0ebf2a-4c10-495f-8836-73f21de712a6
threatintelligence.guardicore.com/ Name: _an_uid
Value: 0
threatintelligence.guardicore.com/ Name: _gd_svisitor
Value: cbd5ce17f3650000a785a86237030000304e3f00
.rezync.com/ Name: zync-uuid
Value: 58ef27b3-02f1-464f-9119-a18827efcc12:1655211431.92
.linkedin.com/ Name: UserMatchHistory
Value: AQIRsD_PJAt7bgAAAYFiShgAnlngimgG_-pfK74Wm3dTLH_4cGVt6DyLYZ6tpXC0MR_6Gkx3QmIbYw
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQKxPwhByQ9AFQAAAYFiShgAtExG28Nec1ZG11GS3IeTyFqdLz957yNfbk_0wu8SJmZpmijSBoADAQP5t5LT5g
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&500f3eb8-7fac-4727-8cef-1c3bb1c3eecf"
.linkedin.com/ Name: lidc
Value: "b=VGST02:s=V:r=V:a=V:p=V:g=2636:u=1:x=1:i=1655211431:t=1655297831:v=2:sig=AQFlc1Ox3qoEAI3VfrsdX-zi5GEJdagb"
.guardicore.com/ Name: _cs_id
Value: 718a8227-7308-a8f1-9eb2-c30e5495d2f0.1655211432.1.1655211432.1655211432.1.1689375432016
.adnxs.com/ Name: uuid2
Value: 18468805057920614
.guardicore.com/ Name: _hjSessionUser_1548397
Value: eyJpZCI6ImQ3OGNlZGZmLWJlN2UtNTQyNS04MWZmLTEyZDIwMmQzNjk2NCIsImNyZWF0ZWQiOjE2NTUyMTE0MzIwMDQsImV4aXN0aW5nIjpmYWxzZX0=
.guardicore.com/ Name: _hjFirstSeen
Value: 1
threatintelligence.guardicore.com/ Name: _hjIncludedInSessionSample
Value: 1
.guardicore.com/ Name: _hjSession_1548397
Value: eyJpZCI6ImEzYmU2NmVkLTE3NjctNDFiMC04YzBlLTFlNDI1NmZhNWQxOSIsImNyZWF0ZWQiOjE2NTUyMTE0MzIxNDAsImluU2FtcGxlIjp0cnVlfQ==
threatintelligence.guardicore.com/ Name: _hjIncludedInPageviewSample
Value: 1
.guardicore.com/ Name: _hjAbsoluteSessionInProgress
Value: 1
.linkedin.com/ Name: lang
Value: v=2&lang=de-de
.www.linkedin.com/ Name: bscookie
Value: "v=1&20220614125712b91d6f4c-8e2b-46f0-80a6-fb1d6dc30748AQHRL3fNGxaxC4GGahsmohEjOpDKXwmh"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NTUyMTE0MzI7MjswMjFcgzki7QHDgJpzjNTjBwxMexCBehvqtVjYivDRhK2REA==
.t.co/ Name: muc_ads
Value: 76fd2759-359f-4741-9b4b-0fea98551052
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNjU0NjExNTUxMjQxMDQyN7YwMxPiM9QtjnIKiAgrdykvNXQDAIMSHC8lAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNjU0NjExNTUxMjQxMDQyN7YwMxPiM9QtjnIKiAgrdykvNXQDAIMSHC8lAAAA
.twitter.com/ Name: personalization_id
Value: "v1_sDBmesd39nIMl9JDLlgRhQ=="
.casalemedia.com/ Name: CMID
Value: YqiFqBGXQCH8A1uMcrEcZgAA
.casalemedia.com/ Name: CMPS
Value: 3267
.casalemedia.com/ Name: CMPRO
Value: 3267
.adnxs.com/ Name: anj
Value: dTM7k!M4/YErk#WF']wIg2E>1l9$Ey!]tbPl1MNu::wpAk`W>$e8P3Xe8u@HcxP3]k^^o.Cv)lf[KI4Y!AXTO:4=sB!%=Qzm$MIX
.media.net/ Name: visitor-id
Value: 2982130328397055000V10
.media.net/ Name: data-rk
Value: 5134455421401273866~~3
.eyeota.net/ Name: SERVERID
Value: 22658~DM
.doubleclick.net/ Name: IDE
Value: AHWqTUnM40c3zLVvbHk3huw5OdnCAdzbIzmbUYD2zOZYKiJbMo41Ltay3uNSlIWkhrQ
.demdex.net/ Name: demdex
Value: 32965994604926268802627568065456660708
.guardicore.com/ Name: _cs_s
Value: 1.5.0.1655213232441
live.rezync.com/ Name: sd-session-id
Value: .eJwVyk0LgjAYAOC_Eu_Zw3TTYtDNHYymUG-EXqSPQZvOwk1Ixf-eHR94Zqg_qre3TnUeuO8HFcCj1asc8BmcnqxqgEMcUsbimEUhI2G0pbskgSUAp5zT767Wz__e3NeZ46utTEZLI71MD1aeCcnNyR6x-UpsfImCFWlGq2tlykmMhRFRjpdRoiByEkOB2R6W5QeqdjDN.FYoXKA.8Ii4Y4RY-40FK5wBnHVRkHRBrCA
.dpm.demdex.net/ Name: dpm
Value: 32965994604926268802627568065456660708
.spotxchange.com/ Name: audience
Value: 821c6fcb-ebe1-11ec-a910-17f3d7a10306
.krxd.net/ Name: _kuid_
Value: O5dUd_b3
.bidswitch.net/ Name: tuuid
Value: 2dd54539-8f96-454e-8fff-b6ed8fe9d9e7
.bidswitch.net/ Name: c
Value: 1655211432
.bidswitch.net/ Name: tuuid_lu
Value: 1655211432
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YqiFqAAIx1oZVwAj
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAAAOOSMXR2dA129TP1dEk0DfKuiE8xyCyIL_MqrYpycVzFKBBZmOlW6OjoWWGYHxVW7pgFACIgcFsxAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAAOOSMXR2dA129TP1dEk0DfKuiE8xyCyIL_MqrYpycQziNTQzNTUyNDQxNjKxMJ7FiMQ3MrdYhcY_hcZ_hcb_hcafxITKn4XGX4TGX4XG34TG34WungWVfwuZb2xquohVILIw063Q0dGzwjA_KqzcMWsVK5ISUzPjTaxoVnCjeQmNv0gYlf8IjQ8AwNLqnXABAAA
www.clarity.ms/ Name: CLID
Value: df48da93a1874857a92dd5e271d3b7d2.20220614.20230614
.guardicore.com/ Name: _clck
Value: 11wj2w7|1|f2b|0
.c.bing.com/ Name: SRM_B
Value: 120347BC6D416A531994567F6C2A6B35
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 120347BC6D416A531994567F6C2A6B35
.c.clarity.ms/ Name: ANONCHK
Value: 0
.guardicore.com/ Name: _clsk
Value: 9culds|1655211433148|1|1|b.clarity.ms/collect

2 Console Messages

Source Level URL
Text
network error URL: https://idsync.rlcdn.com/360947.gif?partner_uid=5134455421401273866
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://idsync.rlcdn.com/501709.gif?partner_uid=58ef27b3-02f1-464f-9119-a18827efcc12%3A1655211431.92
Message:
Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20838322p.rfihub.com
a.rfihub.com
aa.agkn.com
analytics.twitter.com
b.6sc.co
b.clarity.ms
bat.bing.com
beacon.krxd.net
bpi.rtactivate.com
bs.serving-sys.com
c.6sc.co
c.bing.com
c.clarity.ms
c.clicktale.net
c1.rfihub.net
cdnssl.clicktale.net
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
dpm.demdex.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
idsync.rlcdn.com
in.hotjar.com
ipv6.6sc.co
j.6sc.co
k-aus1.clicktale.net
live.rezync.com
p.rfihub.com
p.typekit.net
partners.tremorhub.com
pixel.rubiconproject.com
ps.eyeota.net
px.ads.linkedin.com
px4.ads.linkedin.com
q-aus1.clicktale.net
script.hotjar.com
secure.adnxs.com
snap.licdn.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.search.spotxchange.com
t.co
threatintelligence.guardicore.com
use.typekit.net
vars.hotjar.com
vc.hotjar.io
webfonts.creativecloud.com
ws35.hotjar.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
x.bidswitch.net
x.dlx.addthis.com
b.6sc.co
104.244.42.131
104.244.42.133
104.90.192.27
13.107.43.14
13.32.121.127
142.250.186.66
142.250.186.98
143.204.89.12
143.204.89.13
143.204.89.5
143.204.89.68
151.101.194.49
18.156.126.13
18.210.53.250
185.94.180.125
193.0.160.128
199.232.188.157
2.18.235.93
20.234.93.27
20.75.32.255
23.32.58.227
2600:1f18:612b:4232:6e00:7b23:6545:3513
2600:9000:2156:da00:1:76cf:fe80:93a1
2620:1ec:22::14
2620:1ec:27::cafe:1835
2620:1ec:c11::200
2a00:1450:4001:80f::200a
2a00:1450:4001:827::2003
2a00:1450:4001:829::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:831::200e
2a00:1450:400c:c00::9a
2a00:1450:400e:811::2004
2a02:26f0:1700:1b1::1c91
2a02:26f0:3500:898::2db0
2a02:26f0:ef::5c7b:c209
2a02:26f0:f7::5c7b:e024
2a02:26f0:f7::5c7b:e053
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
3.124.210.90
3.235.80.119
34.95.107.128
35.157.38.154
35.172.122.116
35.244.174.68
37.252.173.215
37.252.173.38
52.215.108.43
52.29.193.101
54.229.11.213
54.76.37.156
63.35.239.153
69.173.144.139
69.192.160.245
96.16.137.162
99.81.187.183
05448e9440e5f8a66395d7d66a9bfcb9614a80e4e181f6347cd742ec36725ca6
05c18ebd88d804db7eb7c2f9907d9fcea7f3922a7920beb591d647134fd05ddb
089c3554bc83e105065e3cf5c4d313bcada8d7f4d37af73a7ba54963e9aad7f2
08fd9e8c52c6f750e18a7c9f539a7d9be2bb1bb68df9662c6815b499f8b21fc7
0a0f0acf7b0d82ba8cd2259a7ea2ceceb2d7c6d570f02ecff533e5ff98ef1cb5
0d7586e26e12584c47071b17ec66db992eee435ee38135f15dd80585f73e7b42
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
152c54863c7eebf832dccc95eba068ce3b79ea0f4b97e620c5cc3441094dcdce
1773d4fa83b8d609e687a59428ddf813256bc2ebdc27de4f5ea04f788c984934
22f0b3bb6c7c30e1643a45801dc0882ec86ebcdf98cd3aec96e19a0231b13e3f
22f38bcd5544708fe83348bf6b068d4f521e0cb16c32d0256b7e027760114bad
2ce70fbe2537a815642814b1a3f8028722cd688b295dfc2f150b49a4e1188135
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
34c5f4f7391d2f69bae170eac178514ef77765365ff014b9bddae8e6c1818c63
3995fd72f14254a75e709dd7f4ca7db75fb084ed28c825aa9770767d5edda49c
3d45fdf57e5fd666b1ff640d125a0f6e7a8edfac5055af0885b29ff442d85007
3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97
3dca05421db1a4f3c0518f74af0e01b2e8092fc76f735e1fc65b85686f12008d
41a4f9e415440b1fb28a529727cf27ad3a4ce6e2f0fd4d77f04319748544c196
434955a763b57088c65c34f23f27250be4f8d1cb3bf27882a181d240662b2b0f
454dba72d39158a6661ab9faf9dc09349962599e182fd5d85ed9d734abec18c1
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ead665cca9b9cea532970dcb5f0aae29d892a53a19206b57b3a956787626472
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
58033e86ff9ba1849eef0c3b2b9f561a20d1096ec9ef4bf19010593637963bd1
5bb16e409fa4ce1885ad666980411b096b353f25f6ae442d14de96e53bc97fee
5ef043454b128260dda530a42312fbb985505034036cd3f3ea23cfe324a7905b
6110d07b4bd66af8045b43edbf08b656b75186d5accb8b6d956e09dc37a26db5
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
630ae4d46b415a0fa2cfc5f213fccafada1d09d0e584181937ca2b61787c97c7
64ec834380337942f3850c77285c12101fb5ed1194a551de5f8fda43e65bf854
6521231bcf646fd7e29b52fd7cfbfeb64e96e5c355f5a099609774ccff74ba9f
66dfc15969f4f91b80b386cbe48b2d61d91a145c9a8517e590ffb086592a0a47
680a2b529d1eb70cbbfc721298123a963f8ee0469f2c11cfcf93add9daad6173
6967697799a1a3fc3be15926cc5725b4c614549d3c3ad8c50d9ee0b2644f369a
70c705d49e04d07b8353972235ca2f2f7f48c1ddbb671829a282558b991a8fa1
720872015ac2c9a42547671bb230c25f8b2550e6784eb973682f77f498d6a0d2
76b8f7b86078b0f420732de1f4dbb242bc73d2b2683c3d3fe5ecdd9f7ded7249
7b4c47b439d9a25e184671127d1aa619065edba8f4e7de808e541319912ad6cd
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
7f9bb56b6211100609672da98b243c0eccb62c86d3866ed02d1978b45f3f48e7
807f8f2f3e26d32f840db6081ac9a4dc9a728ef1686ef8900063974d240bf92e
8254f2577a38c005e4ccbdb175fc8ba7b70992c89580d832736983c937ac9e78
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86a5285f0fd71462a39e54208af7474d421224c99a1691443dabac63c4c9196f
88167dbf947b1022d43e27a3b6dcd6eb62f54faeebd0bd0273cf81039edc8a35
8cf4f67a4230fd3c6cb85bfb88257803cb7d1ff489e75ec6fa79cb8db7193ac4
8e038b564510a45dc11799f74da367733f3db7f9c0a0434f1e90c44ec5168278
8f222a874145b9a766ee309ffb58573ee3afdd006212f4b94ae52aa28be3fea8
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
92aee4c43b2cb6424290ce3ed78ec7bbd9826a1e487e68c1c0df0ea3d80bbd40
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
a00d0920b748c1cfd063b1066783e942d8ad0e39b6ac869c5a0756718bd053da
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a24e154269eae3effd30e60482a21294c5e00ec920a04c8066c48bd37a6fbc74
a2d792639c1f8da6cae1da882f131c1a42850c41b19f566264827dc036278496
a8b9203ac85de30d28fed5df1eb9f1066cedded1392a2b2def010a9dff3694ab
a9e637a2b461bfda79572b19ac25821e873b2805e66cc1b7e412be5587ebb78f
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae537a9521a939eebecea9ddd730d8bb24057f3cd440f5c0c7cd7ffedadc9966
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b20881a794dc4a1a893e0e50ff0b60333438173560926182a94973040bcce5c3
bae4c81e1ee4d3b2dd764a7d3772d8201e4f22997b8dbd95621d6376549964eb
bb42d64ef62cf0f4d510d3565bf1ed005bce5d94b64452173dffc5c5210f9cc4
bc21035616818a7d3a71f2448f311fe519d26158f8d9765ffb480d7a5d3dbe48
bd3e41382db90f4060cfce77efc89a23ef6c4d65047d3a234c1e4dff045ece58
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c53c8352724de9ec3260d823932cc141c3bd5b61d16a37a7ed3bec9856b775e8
cd3bb09aa0c8cefc335a5fe066c1dc1165914f248f853eb08d2998a68d24bf7f
d12772f015c117c9ef3526827bc887dc7be275c1e331b43ed9daf180090abcda
d1d7fbe3dcb3544af191f3e81d92072a00fb703147b934e4a35f86771de12888
d222dde19b6afaf913c95df346dd74bd0aaab1a8c84457c9f6097420c453724b
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e02438a90544fd70aed07941fca455d4a679d0c2dbd7a037a80e4e253c988cc0
e2db6493cc4a606dd658a7859c64d725083e1c463b38005a761bab49d9cf27d5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4ac8f1b665a199c315d346804124f4ae558fa0d5753c511bac0a492c7b9b2a1
e5827fd8bddccf8f9ca7d06936e0bd6596f9ec6aca0652086c5d593a72d84435
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ea2f287c35fe444e9706382eff9c9c98c4e5f839b7050400b7a69f375e5e8aa3
ee4daae09e1e59ea93066900ef83064b6f5d38e452097c85670a83bf03287ffe
eec62cb204dddbd71f19fe41f6f83588dafbc619df65da7f350a13a2ae50d992
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f05ac9ba83369cd58d06d8ee2e5f8d61c040d30d044e20752153f95577627dc6
fab5572c01cd671e1a92d8ffda83b65c5276089a5d8f7cec2105ba034a55a98e
fb7238a43d12d8c6c8e5be18fce5569a7941caa2a7fc6f3d4843330cb541a3c1
fbaa041d05eaaef4f0ca152dd9748288c1e364be2bdb2db6d6e817d9f3e99a33