www.guardicore.com Open in urlscan Pro
35.235.124.140 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.co/oHdkaebuMi
Effective URL:
https://www.guardicore.com/labs/smb-worm-indexsinas/
Submission: On July 05 via api (July 5th 2021, 1:06:34 pm UTC) from US

Summary HTTP 250 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 33 IPs in 4 countries across 29 domains to perform 250 HTTP transactions. The main IP is 35.235.124.140, located in Los Angeles, United States and belongs to GOOGLE, US. The main domain is www.guardicore.com.
TLS certificate: Issued by Gandi Standard SSL CA 2 on May 3rd 2020. Valid for: 2 years.

This is the only time www.guardicore.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
1 1	67.199.248.12 67.199.248.12	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
96	35.235.124.140 35.235.124.140	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
53	2606:4700:e0:... 2606:4700:e0::ac40:6527	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	104.111.233.140 104.111.233.140	16625 (AKAMAI-AS) (AKAMAI-AS)
6	35.174.78.146 35.174.78.146	14618 (AMAZON-AES) (AMAZON-AES)
2	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
20	13.224.221.128 13.224.221.128	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:6c0... 2a02:26f0:6c00:28c::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2	13.225.87.76 13.225.87.76	16509 (AMAZON-02) (AMAZON-02)
6	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
4	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2a00:1450:400... 2a00:1450:400c:c08::9d	15169 (GOOGLE) (GOOGLE)
3 3	2620:119:50e3... 2620:119:50e3:101::6cae:b45	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
1	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	13.224.193.121 13.224.193.121	16509 (AMAZON-02) (AMAZON-02)
2	13.224.193.12 13.224.193.12	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:e14e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.197.34.29 34.197.34.29	14618 (AMAZON-AES) (AMAZON-AES)
3	143.204.98.74 143.204.98.74	16509 (AMAZON-02) (AMAZON-02)
2	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:3::622 2a04:4e42:3::622	54113 (FASTLY) (FASTLY)
250	33

3 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.199.248.12 (United States) 1 redirects

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: cname.bitly.com

buff.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

96 35.235.124.140 (Los Angeles, United States)

ASN15169 (GOOGLE, US)
PTR: 140.124.235.35.bc.googleusercontent.com

www.guardicore.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

53 2606:4700:e0::ac40:6527 (United States)

ASN13335 (CLOUDFLARENET, US)

gate.rapidsec.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 104.111.233.140 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-233-140.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.174.78.146 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: pi0-lba1-5-ue1.aws.pardot.com

go.guardicore.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pi.pardot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 13.224.221.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-221-128.lhr61.r.cloudfront.net

whimsical.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:28c::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.87.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-76.fra2.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.48 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:119:50e3:101::6cae:b45 (San Jose, United States) 3 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.193.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-121.fra2.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.193.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-12.fra2.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e14e (United States)

ASN13335 (CLOUDFLARENET, US)

fast.fonts.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.197.34.29 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-34-29.compute-1.amazonaws.com

track.gaconnector.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.98.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-74.fra50.r.cloudfront.net

beacon-v2.helpscout.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::622 (United States)

ASN54113 (FASTLY, US)

fast.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
100	guardicore.com www.guardicore.com go.guardicore.com	2 MB
53	rapidsec.net gate.rapidsec.net	25 KB
20	whimsical.com whimsical.com	2 MB
13	6sc.co j.6sc.co c.6sc.co b.6sc.co	17 KB
6	linkedin.com 4 redirects px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	3 KB
6	bing.com bat.bing.com	19 KB
6	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	124 KB
4	facebook.com www.facebook.com	338 B
4	google.de www.google.de	298 B
4	google.com www.google.com	298 B
4	doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	2 KB
4	facebook.net connect.facebook.net	196 KB
3	helpscout.net beacon-v2.helpscout.net	264 KB
3	google-analytics.com www.google-analytics.com	19 KB
3	googletagmanager.com www.googletagmanager.com	157 KB
3	t.co t.co	1017 B
2	twitter.com analytics.twitter.com	816 B
2	pardot.com pi.pardot.com	5 KB
2	ads-twitter.com static.ads-twitter.com	4 KB
2	googleadservices.com www.googleadservices.com	28 KB
2	licdn.com snap.licdn.com	5 KB
2	gravatar.com secure.gravatar.com	3 KB
1	wistia.com fast.wistia.com	104 KB
1	gaconnector.com track.gaconnector.com	3 KB
1	fonts.net fast.fonts.net	408 B
1	cloudflare.com cdnjs.cloudflare.com	19 KB
1	w.org s.w.org	987 B
1	googleapis.com fonts.googleapis.com	984 B
1	buff.ly 1 redirects buff.ly	248 B
250	29

	Domain	Requested by
96	www.guardicore.com	t.co www.guardicore.com
53	gate.rapidsec.net	www.guardicore.com www.googletagmanager.com t.co www.google-analytics.com connect.facebook.net bat.bing.com www.googleadservices.com static.hotjar.com j.6sc.co static.ads-twitter.com
20	whimsical.com	www.guardicore.com whimsical.com cdnjs.cloudflare.com
11	b.6sc.co	www.guardicore.com
6	bat.bing.com	www.googletagmanager.com bat.bing.com www.guardicore.com
4	www.facebook.com	www.guardicore.com connect.facebook.net
4	www.google.de	www.guardicore.com
4	www.google.com	www.guardicore.com
4	connect.facebook.net	t.co connect.facebook.net
4	go.guardicore.com	www.guardicore.com go.guardicore.com pi.pardot.com
3	beacon-v2.helpscout.net	whimsical.com beacon-v2.helpscout.net
3	px.ads.linkedin.com	3 redirects
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.guardicore.com
3	www.googletagmanager.com	www.guardicore.com go.guardicore.com
3	t.co	www.guardicore.com
2	analytics.twitter.com	static.ads-twitter.com
2	pi.pardot.com	go.guardicore.com pi.pardot.com
2	vars.hotjar.com	static.hotjar.com
2	script.hotjar.com	static.hotjar.com
2	googleads.g.doubleclick.net	www.googleadservices.com
2	px4.ads.linkedin.com	www.guardicore.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	static.ads-twitter.com	www.googletagmanager.com
2	static.hotjar.com	www.googletagmanager.com
2	www.googleadservices.com	www.googletagmanager.com
2	snap.licdn.com	www.googletagmanager.com
2	secure.gravatar.com	www.guardicore.com
1	fast.wistia.com	pi.pardot.com
1	c.6sc.co	j.6sc.co
1	track.gaconnector.com	go.guardicore.com
1	fast.fonts.net	t.co
1	cdnjs.cloudflare.com	whimsical.com
1	www.linkedin.com	1 redirects
1	s.w.org	www.guardicore.com
1	j.6sc.co	www.guardicore.com
1	fonts.googleapis.com	www.guardicore.com
1	buff.ly	1 redirects
250	37

This site contains links to these domains. Also see Links.

Domain
es.guardicore.com
pt.guardicore.com
de.guardicore.com
guardicore.allbound.com
threatintelligence.guardicore.com
en.wikipedia.org
github.com
www.binarydefense.com
www.privacyanddatasecurityinsight.com
www.linkedin.com
twitter.com
www.facebook.com
www.youtube.com
customers.guardicore.com

Subject Issuer	Validity	Valid
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.guardicore.com Gandi Standard SSL CA 2	`2020-05-03` - `2022-05-09`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2021-06-07` - `2021-08-30`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-28` - `2022-06-27`	a year	crt.sh
*.6sc.co DigiCert SHA2 Secure Server CA	`2021-03-09` - `2022-03-16`	a year	crt.sh
go.guardicore.com R3	`2021-06-26` - `2021-09-24`	3 months	crt.sh
*.gravatar.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-14` - `2022-11-16`	2 years	crt.sh
whimsical.com Amazon	`2021-03-19` - `2022-04-17`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-04-30` - `2022-05-11`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-04-12` - `2021-10-12`	6 months	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
*.w.org Sectigo RSA Domain Validation Secure Server CA	`2019-12-19` - `2021-12-18`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-06-07` - `2021-08-30`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-04-15` - `2021-10-15`	6 months	crt.sh
www.google.com GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
*.gaconnector.com Sectigo RSA Domain Validation Secure Server CA	`2019-08-06` - `2021-08-05`	2 years	crt.sh
*.helpscout.net Amazon	`2021-04-25` - `2022-05-24`	a year	crt.sh
pi.pardot.com DigiCert SHA2 Secure Server CA	`2020-12-05` - `2021-12-04`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
fast.wistia.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.guardicore.com/labs/smb-worm-indexsinas/
Frame ID: 5C341480BA4AA4AF8E9CDD026B0C3525
Requests: 196 HTTP requests in this frame

Frame: https://go.guardicore.com/l/503441/2019-11-13/29ntk8
Frame ID: B745D5DAA3441AED227E1E40D7ED6ACB
Requests: 27 HTTP requests in this frame

Frame: https://whimsical.com/embed/JB41vmcC4ixUuR5dsrXKpe
Frame ID: DF401E069B36FB8D00A494F5F2BC3F7A
Requests: 25 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: EB829D0274C296263128DF4D1549E42E
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: AE7FFCEA85AC5CCBA7E3666A3AFFC34D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://t.co/oHdkaebuMi Page URL
https://buff.ly/3xdLtFr HTTP 301
https://www.guardicore.com/labs/smb-worm-indexsinas/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

250
Requests

100 %
HTTPS

56 %
IPv6

29
Domains

37
Subdomains

33
IPs

4
Countries

4920 kB
Transfer

15607 kB
Size

16
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://es.guardicore.com/
Title: Español

Search URL Search Domain Scan URL

URL: https://pt.guardicore.com/
Title: Português

Search URL Search Domain Scan URL

URL: https://de.guardicore.com/
Title: Deutsch

Search URL Search Domain Scan URL

URL: https://guardicore.allbound.com/
Title: Partner Login

Search URL Search Domain Scan URL

URL: https://threatintelligence.guardicore.com/
Title: Cyber Threat Intelligence

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/EternalBlue
Title: EternalBlue

Search URL Search Domain Scan URL

URL: https://github.com/guardicore/labs_campaigns/tree/master/Indexsinas
Title: repository

Search URL Search Domain Scan URL

URL: https://www.binarydefense.com/gh0stcringeformerly-cirenegrat/
Title: Gh0stCringe

Search URL Search Domain Scan URL

URL: https://github.com/kingron/s
Title: s

Search URL Search Domain Scan URL

URL: https://www.privacyanddatasecurityinsight.com/files/2021/06/Memo-What-We-Urge-You-To-Do-To-Protect-Against-The-Threat-of-Ransomware.pdf
Title: open letter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/guardicore
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/guardicore
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/guardicore/
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCxu1wG7IO4tfW9HFqV08YOw/featured
Title: Youtube

Search URL Search Domain Scan URL

URL: https://customers.guardicore.com/
Title: CUSTOMER PORTAL

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.co/oHdkaebuMi Page URL
https://buff.ly/3xdLtFr HTTP 301
https://www.guardicore.com/labs/smb-worm-indexsinas/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 139

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=265698&time=1625490375786&url=https%3A%2F%2Fwww.guardicore.com%2Flabs%2Fsmb-worm-indexsinas%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D265698%26time%3D1625490375786%26url%3Dhttps%253A%252F%252Fwww.guardicore.com%252Flabs%252Fsmb-worm-indexsinas%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=265698&time=1625490375786&url=https%3A%2F%2Fwww.guardicore.com%2Flabs%2Fsmb-worm-indexsinas%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=265698&time=1625490375786&url=https%3A%2F%2Fwww.guardicore.com%2Flabs%2Fsmb-worm-indexsinas%2F&liSync=true&e_ipv6=AQLnAyxoUo3w5gAAAXp2xsfkhR7_qDFWLtco5ek1ZiO0G6zn-tP6zIcJ4LRPkPV0HTuFrp1M

Request Chain 205

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=265698&time=1625490376718&url=https%3A%2F%2Fwww.guardicore.com%2F HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=265698&time=1625490376718&url=https%3A%2F%2Fwww.guardicore.com%2F&e_ipv6=AQLVqDF-UxcsGQAAAXp2xshh-XrKvGHzYqaZmpwDj37OZzF2oxtHtmz1jJJgaBdCFed53flA

250 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 oHdkaebuMi Show response
t.co/ 224 B
492 B 191ms
134ms Document
text/html 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://t.co/oHdkaebuMi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

8ceba365f48b90d9f44b80d2323be5ed8cb3d6bc9a8601c2b555523aa84f8878

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Request headers

:method: GET
:authority: t.co
:scheme: https
:path: /oHdkaebuMi
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:13 GMT
vary: Origin
server: tsa_o
expires: Mon, 05 Jul 2021 13:11:13 GMT
set-cookie: muc=6072faf3-246d-4904-a848-1990a59e081b; Max-Age=63072000; Expires=Wed, 05 Jul 2023 13:06:13 GMT; Domain=t.co; Secure; SameSite=None
content-type: text/html; charset=utf-8
cache-control: private,max-age=300
content-length: 175
content-encoding: gzip
x-xss-protection: 0
strict-transport-security: max-age=0
x-connection-hash: 31232488651f987e6f886d8737f45fb1f9adf0cd81e81982cfd3d6bdc3587bc8

GET
H2

200

Primary Request / Show response
www.guardicore.com/labs/smb-worm-indexsinas/
Redirect Chain

https://buff.ly/3xdLtFr
https://www.guardicore.com/labs/smb-worm-indexsinas/

174 KB
31 KB

857ms
308ms

Document
text/html

35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.guardicore.com/labs/smb-worm-indexsinas/

Requested by

Host: t.co
URL: https://t.co/oHdkaebuMi

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),

Reverse DNS

140.124.235.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

0f5e95fc50f76666b87f3662e462236b80049d5e111bb083c409791e5d65101e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.guardicore.com
:scheme: https
:path: /labs/smb-worm-indexsinas/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://t.co/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://t.co/oHdkaebuMi

Response headers

server: nginx
date: Mon, 05 Jul 2021 13:06:14 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
link: <https://www.guardicore.com/wp-json/>; rel="https://api.w.org/" <https://www.guardicore.com/wp-json/wp/v2/labs/62704>; rel="alternate"; type="application/json" <https://www.guardicore.com/?p=62704>; rel=shortlink
strict-transport-security: max-age=31536000; includeSubDomains; preload
permissions-policy: geolocation=();midi=();notifications=();push=();sync-xhr=();microphone=();camera=();magnetometer=();gyroscope=();speaker=(self);vibrate=();fullscreen=(self);payment=();
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests
content-security-policy-report-only: frame-ancestors 'none'; default-src 'none'; script-src 'self' 'report-sample' 'unsafe-inline'; style-src 'self' 'report-sample' 'unsafe-inline'; object-src 'none'; frame-src infectionmonkey.optimizeme.online; child-src 'none'; img-src 'self'; font-src 'self' *.gstatic.com; connect-src *.guardicore.com *.optimizeme.online; manifest-src 'none'; base-uri 'self'; form-action 'none'; media-src 'none'; prefetch-src 'none'; worker-src 'none'; report-uri https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report
x-kinsta-cache: HIT
content-encoding: gzip
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMfe1f665ca7cc2808209eb0c235d5aa69c

Redirect headers

cache-control: private, max-age=90
content-security-policy: referrer always;
content-type: text/html; charset=utf-8
date: Mon, 05 Jul 2021 13:06:13 GMT
location: https://www.guardicore.com/labs/smb-worm-indexsinas/
referrer-policy: unsafe-url
server: nginx
set-cookie: _bit=l65d6d-fd4c50a1e384657244-00A; Domain=buff.ly; Expires=Sat, 01 Jan 2022 13:06:13 GMT
content-length: 139

GET
H2 200 Graphik-Regular.woff2
www.guardicore.com/wp-content/uploads/ 38 KB
38 KB 346ms
336ms Font
application/font-woff2 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/uploads/Graphik-Regular.woff2
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: eb43b657e2bb320b9ef4581e4c7167c3f93a1a19b00fea14f4395deff2d82fa7

Request headers

:path: /wp-content/uploads/Graphik-Regular.woff2
pragma: no-cache
origin: https://www.guardicore.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.guardicore.com
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:14 GMT
last-modified: Sun, 21 Mar 2021 22:58:07 GMT
server: nginx
etag: "6057cf7f-97a8"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 38824
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf44e107cbd981858beb474bfcfc6c5f2c
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 select2.min.css
www.guardicore.com/wp-content/plugins/modern-events-calendar-lite/assets/packages/select2/ 15 KB
2 KB 171ms
163ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/modern-events-calendar-lite/assets/packages/select2/select2.min.css?ver=5.20.6
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: c2a282dd6dac10a3fbf469b4e67f489608777854e6d157bf11233dfbaa16851e

Request headers

:path: /wp-content/plugins/modern-events-calendar-lite/assets/packages/select2/select2.min.css?ver=5.20.6
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:14 GMT
content-encoding: gzip
last-modified: Mon, 28 Jun 2021 17:47:47 GMT
server: nginx
etag: W/"60da0b43-3a77"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMfefdf352f8fb045af944449acce3a41fe
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 iconfonts.css
www.guardicore.com/wp-content/plugins/modern-events-calendar-lite/assets/css/ 41 KB
8 KB 174ms
165ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/modern-events-calendar-lite/assets/css/iconfonts.css?ver=b5e5bcb39b7f9f3feb0d0ea77dd35c89
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 72331d11d428c3ee2a07f27f50de5d46ee2dfed73a188788110271edce7972ff

Request headers

:path: /wp-content/plugins/modern-events-calendar-lite/assets/css/iconfonts.css?ver=b5e5bcb39b7f9f3feb0d0ea77dd35c89
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:14 GMT
content-encoding: gzip
last-modified: Mon, 28 Jun 2021 17:47:46 GMT
server: nginx
etag: W/"60da0b42-a250"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf09a604472871753feab2a6725bfb9665
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 frontend.min.css
www.guardicore.com/wp-content/plugins/modern-events-calendar-lite/assets/css/ 371 KB
60 KB 179ms
171ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/modern-events-calendar-lite/assets/css/frontend.min.css?ver=5.20.6
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 88453621e7720bf12afcf1abb01eec2dfd56cc8de16ed8b85937e90a1b1fc9b2

Request headers

:path: /wp-content/plugins/modern-events-calendar-lite/assets/css/frontend.min.css?ver=5.20.6
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:14 GMT
content-encoding: gzip
last-modified: Mon, 28 Jun 2021 17:47:46 GMT
server: nginx
etag: W/"60da0b42-5ca83"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf6867b6408fd4b2e325c837392a4e8dca
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tooltip.css
www.guardicore.com/wp-content/plugins/modern-events-calendar-lite/assets/packages/tooltip/ 6 KB
1 KB 329ms
321ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/modern-events-calendar-lite/assets/packages/tooltip/tooltip.css?ver=b5e5bcb39b7f9f3feb0d0ea77dd35c89
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 41ce2509fa9959868717986010e16b6334885fd46bc64d0d3c745a73ed3c41e4

Request headers

:path: /wp-content/plugins/modern-events-calendar-lite/assets/packages/tooltip/tooltip.css?ver=b5e5bcb39b7f9f3feb0d0ea77dd35c89
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:14 GMT
content-encoding: gzip
last-modified: Mon, 28 Jun 2021 17:47:47 GMT
server: nginx
etag: W/"60da0b43-195f"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf21ca7e319759337dbcfe323ae8b41522
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tooltipster-sideTip-shadow.min.css
www.guardicore.com/wp-content/plugins/modern-events-calendar-lite/assets/packages/tooltip/ 2 KB
636 B 175ms
166ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/modern-events-calendar-lite/assets/packages/tooltip/tooltipster-sideTip-shadow.min.css?ver=b5e5bcb39b7f9f3feb0d0ea77dd35c89
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 970fb3515835fc779193ba0f88531ff29972b3c9cd76aba2fb1222fb97beeab6

Request headers

:path: /wp-content/plugins/modern-events-calendar-lite/assets/packages/tooltip/tooltipster-sideTip-shadow.min.css?ver=b5e5bcb39b7f9f3feb0d0ea77dd35c89
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:14 GMT
content-encoding: gzip
last-modified: Mon, 28 Jun 2021 17:47:47 GMT
server: nginx
etag: W/"60da0b43-694"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf96f2d1a884599b317e8cdc255b01f545
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 featherlight.css
www.guardicore.com/wp-content/plugins/modern-events-calendar-lite/assets/packages/featherlight/ 4 KB
2 KB 175ms
167ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/modern-events-calendar-lite/assets/packages/featherlight/featherlight.css?ver=b5e5bcb39b7f9f3feb0d0ea77dd35c89
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3bb51227d2ff534e4834ff3137f722a77dc2a8a9c6f1fda503116c0d7f9f7b47

Request headers

:path: /wp-content/plugins/modern-events-calendar-lite/assets/packages/featherlight/featherlight.css?ver=b5e5bcb39b7f9f3feb0d0ea77dd35c89
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:14 GMT
content-encoding: gzip
last-modified: Mon, 28 Jun 2021 17:47:47 GMT
server: nginx
etag: W/"60da0b43-fce"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMfad97e0d977ac339a5bf655dc8f958bad
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 11 KB
984 B 23ms
15ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat%3A400%2C700%7CRoboto%3A100%2C300%2C400%2C700&ver=b5e5bcb39b7f9f3feb0d0ea77dd35c89

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6b52123640de6d13a94ebf0b28b2621535de362b536e775e84ac17362153293d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 05 Jul 2021 12:05:42 GMT
server: ESF
date: Mon, 05 Jul 2021 13:06:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 05 Jul 2021 13:06:14 GMT

GET
H2 200 lity.min.css
www.guardicore.com/wp-content/plugins/modern-events-calendar-lite/assets/packages/lity/ 3 KB
1 KB 175ms
167ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/modern-events-calendar-lite/assets/packages/lity/lity.min.css?ver=b5e5bcb39b7f9f3feb0d0ea77dd35c89
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 19fb1c3c4a52d399f2b32a80c3fa35d97dde81f33e20bb7da6d95d4087c49ed6

Request headers

:path: /wp-content/plugins/modern-events-calendar-lite/assets/packages/lity/lity.min.css?ver=b5e5bcb39b7f9f3feb0d0ea77dd35c89
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:14 GMT
content-encoding: gzip
last-modified: Mon, 28 Jun 2021 17:47:47 GMT
server: nginx
etag: W/"60da0b43-d8d"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf42d3c66895059fdbec32504847883664
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.min.css
www.guardicore.com/wp-includes/css/dist/block-library/ 57 KB
9 KB 178ms
171ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-includes/css/dist/block-library/style.min.css?ver=b5e5bcb39b7f9f3feb0d0ea77dd35c89
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Request headers

:path: /wp-includes/css/dist/block-library/style.min.css?ver=b5e5bcb39b7f9f3feb0d0ea77dd35c89
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:14 GMT
content-encoding: gzip
last-modified: Fri, 16 Apr 2021 00:17:18 GMT
server: nginx
etag: W/"6078d78e-e33b"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf8d26756683d34e4d64b41259f383153b
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 frontend.css
www.guardicore.com/wp-content/plugins/jet-engine/assets/css/ 49 KB
7 KB 181ms
174ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/jet-engine/assets/css/frontend.css?ver=2.8.5
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 205e4853afd7ec80018e17064a0f71965ff0007e19babf0b88b0625843ea8e6b

Request headers

:path: /wp-content/plugins/jet-engine/assets/css/frontend.css?ver=2.8.5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:14 GMT
content-encoding: gzip
last-modified: Mon, 21 Jun 2021 16:24:06 GMT
server: nginx
etag: W/"60d0bd26-c314"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMfd642e41538cfb5a8977166b05488657a
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.min.css
www.guardicore.com/wp-content/themes/hello-elementor/ 6 KB
3 KB 182ms
174ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/themes/hello-elementor/style.min.css?ver=2.3.1
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5ddb2729aaae248b99bc553da916346ac6a8d144b7b1afde0ddcdf0eeda1589c

Request headers

:path: /wp-content/themes/hello-elementor/style.min.css?ver=2.3.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:14 GMT
content-encoding: gzip
last-modified: Sun, 21 Mar 2021 23:05:38 GMT
server: nginx
etag: W/"6057d142-19e6"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf0823dad56356a0062746f5d499699a4b
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 theme.min.css
www.guardicore.com/wp-content/themes/hello-elementor/ 5 KB
2 KB 329ms
321ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/themes/hello-elementor/theme.min.css?ver=2.3.1
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: cf6787a72f1d1013b60c768f8e6db80fd19249cdea059b86253980177ee1a0c9

Request headers

:path: /wp-content/themes/hello-elementor/theme.min.css?ver=2.3.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:14 GMT
content-encoding: gzip
last-modified: Sun, 21 Mar 2021 23:05:38 GMT
server: nginx
etag: W/"6057d142-151b"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf0d4cb30c1c895aa9e5e782d9a2be17f8
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 all.min.css
www.guardicore.com/wp-content/plugins/jet-menu/assets/public/lib/font-awesome/css/ 56 KB
12 KB 330ms
323ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/jet-menu/assets/public/lib/font-awesome/css/all.min.css?ver=5.12.0
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: c9b46437d7418e1712daaad6d73fa17c2c6afb5681770c90339c25428415b7fd

Request headers

:path: /wp-content/plugins/jet-menu/assets/public/lib/font-awesome/css/all.min.css?ver=5.12.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:14 GMT
content-encoding: gzip
last-modified: Sun, 21 Mar 2021 22:44:30 GMT
server: nginx
etag: W/"6057cc4e-df5c"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf5fa0aa5353e35b0a75076413a5f41212
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 v4-shims.min.css
www.guardicore.com/wp-content/plugins/jet-menu/assets/public/lib/font-awesome/css/ 26 KB
4 KB 330ms
323ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/jet-menu/assets/public/lib/font-awesome/css/v4-shims.min.css?ver=5.12.0
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4b8b06e8edfab1dd4475c13ee021e4f582b075677a9018e2f0ba56cc3fc2f0b6

Request headers

:path: /wp-content/plugins/jet-menu/assets/public/lib/font-awesome/css/v4-shims.min.css?ver=5.12.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:14 GMT
content-encoding: gzip
last-modified: Sun, 21 Mar 2021 22:44:30 GMT
server: nginx
etag: W/"6057cc4e-684e"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf88f6f4a6b389ed97e8e7bf17b366d00e
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 public.css
www.guardicore.com/wp-content/plugins/jet-menu/assets/public/css/ 30 KB
4 KB 335ms
328ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/jet-menu/assets/public/css/public.css?ver=2.0.9
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 29324a862ffba034fcc79da865e521ad3cb4bdfaf4acec27fd0c3d917fd960da

Request headers

:path: /wp-content/plugins/jet-menu/assets/public/css/public.css?ver=2.0.9
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:14 GMT
content-encoding: gzip
last-modified: Sun, 21 Mar 2021 22:43:36 GMT
server: nginx
etag: W/"6057cc18-773e"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf2df1a67f3c687040a9e06308ed3fef5d
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jet-menu-general.css
www.guardicore.com/wp-content/uploads/jet-menu/ 731 B
505 B 335ms
328ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/uploads/jet-menu/jet-menu-general.css?ver=1623674327
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0018646720dd7fb919bd39bba73942b95a725590f3eca1dde849e088028b2b90

Request headers

:path: /wp-content/uploads/jet-menu/jet-menu-general.css?ver=1623674327
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:14 GMT
content-encoding: gzip
last-modified: Mon, 14 Jun 2021 12:38:47 GMT
server: nginx
etag: W/"60c74dd7-2db"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMff5954fa06e59362de5a9c31b611ffa9f
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jet-blocks.css
www.guardicore.com/wp-content/plugins/jet-blocks/assets/css/ 40 KB
5 KB 335ms
328ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/jet-blocks/assets/css/jet-blocks.css?ver=1.2.8
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: ce04afdc3d195c9c5b1f7ab1a0c639f027a366ea68f673666b0b0add1d376dae

Request headers

:path: /wp-content/plugins/jet-blocks/assets/css/jet-blocks.css?ver=1.2.8
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:14 GMT
content-encoding: gzip
last-modified: Sun, 21 Mar 2021 22:43:24 GMT
server: nginx
etag: W/"6057cc0c-9f00"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf49582a02daa74bf561fa764e5c7034d1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jet-elements.css
www.guardicore.com/wp-content/plugins/jet-elements/assets/css/ 234 KB
23 KB 335ms
329ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/jet-elements/assets/css/jet-elements.css?ver=2.5.8
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: d4cfd8082109b47b94a9af2888657a68860315ad99736d4c9b0c49fb0152b68b

Request headers

:path: /wp-content/plugins/jet-elements/assets/css/jet-elements.css?ver=2.5.8
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:14 GMT
content-encoding: gzip
last-modified: Mon, 28 Jun 2021 17:47:43 GMT
server: nginx
etag: W/"60da0b3f-3a86d"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf105ff02145087cd7573c053e5d6b76c4
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jet-elements-skin.css
www.guardicore.com/wp-content/plugins/jet-elements/assets/css/ 17 KB
3 KB 335ms
329ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/jet-elements/assets/css/jet-elements-skin.css?ver=2.5.8
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4aecb207b56cac3dfc7a264fdf05de9a1322885f1daa182167eab999570e384a

Request headers

:path: /wp-content/plugins/jet-elements/assets/css/jet-elements-skin.css?ver=2.5.8
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:14 GMT
content-encoding: gzip
last-modified: Mon, 28 Jun 2021 17:47:43 GMT
server: nginx
etag: W/"60da0b3f-43e6"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf4fb6a515e47b32aef0eaff7bcaf9139d
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 elementor-icons.min.css
www.guardicore.com/wp-content/plugins/elementor/assets/lib/eicons/css/ 17 KB
4 KB 335ms
329ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.11.0
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e36eaa6e7cebbd4138dfb008ee3d53ab8195f45953b0f4f27d0d8156ab059021

Request headers

:path: /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.11.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:14 GMT
content-encoding: gzip
last-modified: Mon, 21 Jun 2021 16:24:03 GMT
server: nginx
etag: W/"60d0bd23-4350"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf46eba5b36072a6617194113c011ef62b
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 animations.min.css
www.guardicore.com/wp-content/plugins/elementor/assets/lib/animations/ 18 KB
3 KB 335ms
329ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.2.5
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c

Request headers

:path: /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.2.5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:14 GMT
content-encoding: gzip
last-modified: Mon, 21 Jun 2021 16:24:03 GMT
server: nginx
etag: W/"60d0bd23-4824"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf0ea3646bfb94d675dbc768524ac92ab0
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 frontend-legacy.min.css
www.guardicore.com/wp-content/plugins/elementor/assets/css/ 4 KB
832 B 328ms
322ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.2.5
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1e5aeaa58ab4c2345953f77e07fbc20578326076a259ed702eea64e077fde675

Request headers

:path: /wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.2.5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:14 GMT
content-encoding: gzip
last-modified: Mon, 21 Jun 2021 16:24:03 GMT
server: nginx
etag: W/"60d0bd23-f0e"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf9333ac669825cb4da840c5c960563d93
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 frontend.min.css
www.guardicore.com/wp-content/plugins/elementor/assets/css/ 115 KB
17 KB 333ms
327ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.2.5
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3f9c38934fc41ee2a85f1a6e1ad59e96f7f1e73b9b4e653394708715d5ab32c5

Request headers

:path: /wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.2.5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:14 GMT
content-encoding: gzip
last-modified: Mon, 21 Jun 2021 16:24:03 GMT
server: nginx
etag: W/"60d0bd23-1cc44"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf886e82453d88021889aed213e59344f4
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 post-55514.css
www.guardicore.com/wp-content/uploads/elementor/css/ 4 KB
1 KB 334ms
328ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/uploads/elementor/css/post-55514.css?ver=1624902517
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: cda985523c372cef46674a191a25e985efb7639934d701b2f50f341a7326dfa7

Request headers

:path: /wp-content/uploads/elementor/css/post-55514.css?ver=1624902517
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:14 GMT
content-encoding: gzip
last-modified: Mon, 28 Jun 2021 17:48:37 GMT
server: nginx
etag: W/"60da0b75-117a"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMffd846381ec21c7fa950e6621029f81a8
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 frontend.min.css
www.guardicore.com/wp-content/plugins/elementor-pro/assets/css/ 237 KB
27 KB 334ms
328ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.3.1
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: ceaa8c47e55f50794d42966a696f0f35149ffd1560c46eecbca911d6b48d9371

Request headers

:path: /wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.3.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:14 GMT
content-encoding: gzip
last-modified: Mon, 28 Jun 2021 17:47:40 GMT
server: nginx
etag: W/"60da0b3c-3b299"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMfac103618dd23b09ebb50310924da23ff
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jet-search.css
www.guardicore.com/wp-content/plugins/jet-search/assets/css/ 19 KB
4 KB 334ms
329ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/jet-search/assets/css/jet-search.css?ver=2.1.12
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3a911565c50d12c7eddff1a62d2a410dbf4199e642d74628966126a9d9faaaec

Request headers

:path: /wp-content/plugins/jet-search/assets/css/jet-search.css?ver=2.1.12
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:14 GMT
content-encoding: gzip
last-modified: Mon, 21 Jun 2021 16:24:08 GMT
server: nginx
etag: W/"60d0bd28-4a4e"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMfaf539dae991f294da01a264dd96783c5
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jet-tricks-frontend.css
www.guardicore.com/wp-content/plugins/jet-tricks/assets/css/ 26 KB
3 KB 334ms
329ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/jet-tricks/assets/css/jet-tricks-frontend.css?ver=1.3.7
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 47ae8f0c316caf1b0820b3fc47281e73ee11896b90cd172022965474bb5eaa21

Request headers

:path: /wp-content/plugins/jet-tricks/assets/css/jet-tricks-frontend.css?ver=1.3.7
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:14 GMT
content-encoding: gzip
last-modified: Tue, 25 May 2021 15:22:22 GMT
server: nginx
etag: W/"60ad162e-68a7"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf392fdb9f7f734b60a11bc56af08d8df9
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 global.css
www.guardicore.com/wp-content/uploads/elementor/css/ 111 KB
7 KB 335ms
329ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/uploads/elementor/css/global.css?ver=1624902517
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: c4a56c561bd003b2bfa260025204e2d68174e30f78a7d17556f892f1844c43f3

Request headers

:path: /wp-content/uploads/elementor/css/global.css?ver=1624902517
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:14 GMT
content-encoding: gzip
last-modified: Mon, 28 Jun 2021 17:48:37 GMT
server: nginx
etag: W/"60da0b75-1ba4b"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf1e21bd74cde118db4e908366a8a331c3
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 post-62704.css
www.guardicore.com/wp-content/uploads/elementor/css/ 3 KB
893 B 337ms
332ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/uploads/elementor/css/post-62704.css?ver=1625055721
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 730865a3662dc048745e9d47ba1204827d6de6602367aeedaf425c49c1827cc4

Request headers

:path: /wp-content/uploads/elementor/css/post-62704.css?ver=1625055721
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:14 GMT
content-encoding: gzip
last-modified: Wed, 30 Jun 2021 12:23:53 GMT
server: nginx
etag: W/"60dc6259-d1a"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf746f1a6466c10c3e88a4dba3a7db78ad
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 post-118.css
www.guardicore.com/wp-content/uploads/elementor/css/ 19 KB
3 KB 337ms
332ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/uploads/elementor/css/post-118.css?ver=1625100267
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0cdce53dc078014ad2af66256afb166fddb4db77945fa4113ad3007459e3aa06

Request headers

:path: /wp-content/uploads/elementor/css/post-118.css?ver=1625100267
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:14 GMT
content-encoding: gzip
last-modified: Thu, 01 Jul 2021 00:44:27 GMT
server: nginx
etag: W/"60dd0feb-4d95"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf7ae257acdf260b860fbe2a70a5aeb85e
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 post-167.css
www.guardicore.com/wp-content/uploads/elementor/css/ 3 KB
969 B 337ms
332ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/uploads/elementor/css/post-167.css?ver=1624902517
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3e10b7ee8ea3952cb3da15f41abe49fb69db8a01cc191179591c4c250d3d3391

Request headers

:path: /wp-content/uploads/elementor/css/post-167.css?ver=1624902517
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:14 GMT
content-encoding: gzip
last-modified: Mon, 28 Jun 2021 17:48:37 GMT
server: nginx
etag: W/"60da0b75-d71"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf5426c699712f810f3d618d8f898548cc
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 post-38059.css
www.guardicore.com/wp-content/uploads/elementor/css/ 9 KB
2 KB 337ms
332ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/uploads/elementor/css/post-38059.css?ver=1624902518
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 661ecc75f2bc78cea2b6407201598bcac2c92c852aa77131c55254557c68e53c

Request headers

:path: /wp-content/uploads/elementor/css/post-38059.css?ver=1624902518
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:14 GMT
content-encoding: gzip
last-modified: Mon, 28 Jun 2021 17:48:38 GMT
server: nginx
etag: W/"60da0b76-230c"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf679788f77d8aaffd20511a3cae21dc3c
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 post-60370.css
www.guardicore.com/wp-content/uploads/elementor/css/ 3 KB
1 KB 337ms
333ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/uploads/elementor/css/post-60370.css?ver=1624902518
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 641f4e0a0380efe7b30ff0cd45dc2d02edeeb1988f3a96fddee0eca86d288164

Request headers

:path: /wp-content/uploads/elementor/css/post-60370.css?ver=1624902518
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:14 GMT
content-encoding: gzip
last-modified: Mon, 28 Jun 2021 17:48:38 GMT
server: nginx
etag: W/"60da0b76-df2"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMfa536a0dac559938924eaae74e22124c7
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
www.guardicore.com/wp-content/themes/hello-theme-child-master/ 623 B
650 B 337ms
333ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/themes/hello-theme-child-master/style.css?ver=1.0.0
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: aa4b003bb85142c7ff8d4fa84ba07f5a8c070cd2a504af3d406731884bd44fec

Request headers

:path: /wp-content/themes/hello-theme-child-master/style.css?ver=1.0.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:14 GMT
content-encoding: gzip
last-modified: Sun, 21 Mar 2021 23:05:38 GMT
server: nginx
etag: W/"6057d142-26f"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf5db00727d429ac4ce2e534527710d409
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fontawesome.min.css
www.guardicore.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 57 KB
13 KB 337ms
333ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.1
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: f8d00356859998784bda26e1d14f2d981515921b96ded50d5d6f6f0e75bac15c

Request headers

:path: /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:14 GMT
content-encoding: gzip
last-modified: Mon, 21 Jun 2021 16:24:03 GMT
server: nginx
etag: W/"60d0bd23-e238"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf5b32398c6ffe7ca84f676c626dc0f808
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 solid.min.css
www.guardicore.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 669 B
602 B 338ms
333ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.1
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1ada5259a5ac61a7d68315f7efa6b98d61d2d0478df0545869c880afeaa67dcd

Request headers

:path: /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:14 GMT
content-encoding: gzip
last-modified: Mon, 21 Jun 2021 16:24:03 GMT
server: nginx
etag: W/"60d0bd23-29d"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMfa65cc40e4cdeb7339c74971a82468925
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 brands.min.css
www.guardicore.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 675 B
601 B 338ms
334ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.1
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 71008cf308a9bb2a3a3ddaa973f816c0d3a11db5cc9e7bdd5498089423019b3e

Request headers

:path: /wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:14 GMT
content-encoding: gzip
last-modified: Mon, 21 Jun 2021 16:24:03 GMT
server: nginx
etag: W/"60d0bd23-2a3"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMfe3f051f600aafbe9d46196199dd79909
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
www.guardicore.com/wp-includes/js/jquery/ 87 KB
31 KB 340ms
336ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

:path: /wp-includes/js/jquery/jquery.min.js?ver=3.5.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:14 GMT
content-encoding: gzip
last-modified: Sun, 21 Mar 2021 22:42:24 GMT
server: nginx
etag: W/"6057cbd0-15d98"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf190c11c20a0097275be13818d3f0c514
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-migrate.min.js Show response
www.guardicore.com/wp-includes/js/jquery/ 11 KB
4 KB 341ms
337ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

:path: /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:14 GMT
content-encoding: gzip
last-modified: Sun, 21 Mar 2021 22:42:24 GMT
server: nginx
etag: W/"6057cbd0-2bd8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf35693f7870f41f501f80059ac7e1dbf6
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 frontend.js Show response
www.guardicore.com/wp-content/plugins/modern-events-calendar-lite/assets/js/ 215 KB
26 KB 341ms
337ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/modern-events-calendar-lite/assets/js/frontend.js?ver=5.20.6
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: ea33b0ef01fbc24a9f2a3f6c858425fe2a19712e029eae43641ac3bfbc59c0e3

Request headers

:path: /wp-content/plugins/modern-events-calendar-lite/assets/js/frontend.js?ver=5.20.6
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:14 GMT
content-encoding: gzip
last-modified: Mon, 28 Jun 2021 17:47:47 GMT
server: nginx
etag: W/"60da0b43-35b4d"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf2504f28177db38cdb8335ad22e1f969d
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 events.js Show response
www.guardicore.com/wp-content/plugins/modern-events-calendar-lite/assets/js/ 26 KB
4 KB 341ms
337ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/modern-events-calendar-lite/assets/js/events.js?ver=5.20.6
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 23711380d4aa9cb1d400ed80287482643d79b55ec2398da742d9804b8a12f216

Request headers

:path: /wp-content/plugins/modern-events-calendar-lite/assets/js/events.js?ver=5.20.6
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:14 GMT
content-encoding: gzip
last-modified: Mon, 28 Jun 2021 17:47:47 GMT
server: nginx
etag: W/"60da0b43-6652"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf7a62b6b2f153382190c0580ccde9cccc
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 91 KB
36 KB 36ms
31ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-53878132-1

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dea55b37e19466581a356311932c0c963f4dfd933f72b25e52cd358274ec2a16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:15 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37014
x-xss-protection: 0
last-modified: Mon, 05 Jul 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 05 Jul 2021 13:06:15 GMT

GET
H2 200 frontend.min.css
www.guardicore.com/wp-content/plugins/elementor-pro/assets/css/ 237 KB
27 KB 338ms
335ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/elementor-pro/assets/css/frontend.min.css
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: ceaa8c47e55f50794d42966a696f0f35149ffd1560c46eecbca911d6b48d9371

Request headers

:path: /wp-content/plugins/elementor-pro/assets/css/frontend.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:14 GMT
content-encoding: gzip
last-modified: Mon, 28 Jun 2021 17:47:40 GMT
server: nginx
etag: W/"60da0b3c-3b299"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf4e31a035db5e8aacff144589d2cf91ed
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 post-131.css
www.guardicore.com/wp-content/uploads/elementor/css/ 65 KB
6 KB 338ms
335ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/uploads/elementor/css/post-131.css
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: af71cb6decf2066c163b45f4b8b5283f9fa4043a5de26bcea4b11597afa4e090

Request headers

:path: /wp-content/uploads/elementor/css/post-131.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:14 GMT
content-encoding: gzip
last-modified: Tue, 29 Jun 2021 15:29:58 GMT
server: nginx
etag: W/"60db3c76-1034d"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf10a3cc3750490d834ea96321e9837f32
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jet-elements.css
www.guardicore.com/wp-content/plugins/jet-elements/assets/css/ 234 KB
23 KB 339ms
336ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/jet-elements/assets/css/jet-elements.css
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: d4cfd8082109b47b94a9af2888657a68860315ad99736d4c9b0c49fb0152b68b

Request headers

:path: /wp-content/plugins/jet-elements/assets/css/jet-elements.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:14 GMT
content-encoding: gzip
last-modified: Mon, 28 Jun 2021 17:47:43 GMT
server: nginx
etag: W/"60da0b3f-3a86d"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMfd19476a6969743a5d44e222225e01358
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 post-118.css
www.guardicore.com/wp-content/uploads/elementor/css/ 19 KB
3 KB 339ms
336ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/uploads/elementor/css/post-118.css
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0cdce53dc078014ad2af66256afb166fddb4db77945fa4113ad3007459e3aa06

Request headers

:path: /wp-content/uploads/elementor/css/post-118.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:14 GMT
content-encoding: gzip
last-modified: Thu, 01 Jul 2021 00:44:27 GMT
server: nginx
etag: W/"60dd0feb-4d95"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf5fb4f71a5ea15c53a140b91633ef887d
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-emoji-release.min.js Show response
www.guardicore.com/wp-includes/js/ 14 KB
5 KB 168ms
163ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-includes/js/wp-emoji-release.min.js?ver=b5e5bcb39b7f9f3feb0d0ea77dd35c89
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=b5e5bcb39b7f9f3feb0d0ea77dd35c89
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:15 GMT
content-encoding: gzip
last-modified: Sun, 21 Mar 2021 22:42:24 GMT
server: nginx
etag: W/"6057cbd0-3795"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMfdf1655535599f5b25ae383bcbb271b73
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
833 B 556ms
530ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:06:15 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ZP5CrigrN8KyRz736r0CaPlKRSk9q%2F6L%2BFPnPRunXuCIDB4zSBThYnmPx5BvRq4oz6XTZ%2FzWxkeYz9an744rNDelwYzaGbqITT2MuEUILh9eEJ8hb2Xf%2F8KrY9I8K%2BjU6rljVj9f9V66Jnk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0cf3b0aa505dc-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H2 200 post-30085.css
www.guardicore.com/wp-content/uploads/elementor/css/ 11 KB
1 KB 303ms
302ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/uploads/elementor/css/post-30085.css?ver=1625153783
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 13cbc75f4ec4fe7e354dff7e326e148da49f8a71b9bccd3f17605eba779a3f0d

Request headers

:path: /wp-content/uploads/elementor/css/post-30085.css?ver=1625153783
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:14 GMT
content-encoding: gzip
last-modified: Thu, 01 Jul 2021 15:36:23 GMT
server: nginx
etag: W/"60dde0f7-2d28"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMfadef9f6f5807edb29793faed490d0cdf
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 post-53226.css
www.guardicore.com/wp-content/uploads/elementor/css/ 3 KB
965 B 304ms
302ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/uploads/elementor/css/post-53226.css?ver=1624902518
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: f770bc714b92d45af98259cc48f5b8033e6993147da9c35b70e7b845d379df25

Request headers

:path: /wp-content/uploads/elementor/css/post-53226.css?ver=1624902518
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:14 GMT
content-encoding: gzip
last-modified: Mon, 28 Jun 2021 17:48:38 GMT
server: nginx
etag: W/"60da0b76-a3f"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf55ba5cd28e33b740b5820e203fa76746
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 core.min.js Show response
www.guardicore.com/wp-includes/js/jquery/ui/ 20 KB
7 KB 304ms
302ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-includes/js/jquery/ui/core.min.js?ver=1.12.1
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e

Request headers

:path: /wp-includes/js/jquery/ui/core.min.js?ver=1.12.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:14 GMT
content-encoding: gzip
last-modified: Fri, 16 Apr 2021 00:17:18 GMT
server: nginx
etag: W/"6078d78e-5133"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMfff4b29facd7666788f8f7424f05fb463
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 datepicker.min.js Show response
www.guardicore.com/wp-includes/js/jquery/ui/ 35 KB
11 KB 304ms
302ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.12.1
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 60e04dcb9483e44801771aab65df07bfa3fabbaf9a4386fd05f568d0e4d8710d

Request headers

:path: /wp-includes/js/jquery/ui/datepicker.min.js?ver=1.12.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:14 GMT
content-encoding: gzip
last-modified: Fri, 16 Apr 2021 00:17:18 GMT
server: nginx
etag: W/"6078d78e-8d34"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf2887647e87af196566efc39b63a9e4ca
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.typewatch.js Show response
www.guardicore.com/wp-content/plugins/modern-events-calendar-lite/assets/js/ 3 KB
2 KB 304ms
302ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/modern-events-calendar-lite/assets/js/jquery.typewatch.js?ver=5.20.6
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 28aa95a989d5e46ee060bb0d443fcd699d31db7320673379fad857f77fc776a8

Request headers

:path: /wp-content/plugins/modern-events-calendar-lite/assets/js/jquery.typewatch.js?ver=5.20.6
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:14 GMT
content-encoding: gzip
last-modified: Mon, 28 Jun 2021 17:47:47 GMT
server: nginx
etag: W/"60da0b43-bc5"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMfac84a2798bf15fa78b5e5f1e6eca4d33
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 featherlight.js Show response
www.guardicore.com/wp-content/plugins/modern-events-calendar-lite/assets/packages/featherlight/ 30 KB
9 KB 304ms
301ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/modern-events-calendar-lite/assets/packages/featherlight/featherlight.js?ver=5.20.6
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 87a4d24f8fb09eae43f4e07568e22c9f714ad5a86296516dd3721d7328922d71

Request headers

:path: /wp-content/plugins/modern-events-calendar-lite/assets/packages/featherlight/featherlight.js?ver=5.20.6
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:14 GMT
content-encoding: gzip
last-modified: Mon, 28 Jun 2021 17:47:47 GMT
server: nginx
etag: W/"60da0b43-785b"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf1f838e84accdf8a90a0555e3f5e64ed9
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 select2.full.min.js Show response
www.guardicore.com/wp-content/plugins/modern-events-calendar-lite/assets/packages/select2/ 77 KB
22 KB 305ms
301ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/modern-events-calendar-lite/assets/packages/select2/select2.full.min.js?ver=5.20.6
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: fe5f91e8750420e8c460358e4ddf588f781c252c2426741e59132f238d6e6203

Request headers

:path: /wp-content/plugins/modern-events-calendar-lite/assets/packages/select2/select2.full.min.js?ver=5.20.6
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:14 GMT
content-encoding: gzip
last-modified: Mon, 28 Jun 2021 17:47:47 GMT
server: nginx
etag: W/"60da0b43-132dd"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMfaf79cec6d7c3576f7c5ad730787fce3e
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tooltip.js Show response
www.guardicore.com/wp-content/plugins/modern-events-calendar-lite/assets/packages/tooltip/ 39 KB
10 KB 305ms
301ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/modern-events-calendar-lite/assets/packages/tooltip/tooltip.js?ver=5.20.6
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: b763b49b4a8f7afccef98cc8a40f450a31d6c69150d30acb3438d81331222d41

Request headers

:path: /wp-content/plugins/modern-events-calendar-lite/assets/packages/tooltip/tooltip.js?ver=5.20.6
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:14 GMT
content-encoding: gzip
last-modified: Mon, 28 Jun 2021 17:47:47 GMT
server: nginx
etag: W/"60da0b43-9bdd"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf17599e873bb168c386a92d66f63100bf
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 lity.min.js Show response
www.guardicore.com/wp-content/plugins/modern-events-calendar-lite/assets/packages/lity/ 6 KB
3 KB 306ms
301ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/modern-events-calendar-lite/assets/packages/lity/lity.min.js?ver=5.20.6
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3b1ae6cec7f06d999f0695e08022868275f74821104092579bc1a848db0f34de

Request headers

:path: /wp-content/plugins/modern-events-calendar-lite/assets/packages/lity/lity.min.js?ver=5.20.6
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:15 GMT
content-encoding: gzip
last-modified: Mon, 28 Jun 2021 17:47:47 GMT
server: nginx
etag: W/"60da0b43-188f"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMfece74641a260e93983f4533b75c31afa
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 colorbrightness.min.js Show response
www.guardicore.com/wp-content/plugins/modern-events-calendar-lite/assets/packages/colorbrightness/ 942 B
852 B 306ms
301ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/modern-events-calendar-lite/assets/packages/colorbrightness/colorbrightness.min.js?ver=5.20.6
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1396662705b0c8e4aece9ae751982e526b27e9e1271276d3bc02168d3491361e

Request headers

:path: /wp-content/plugins/modern-events-calendar-lite/assets/packages/colorbrightness/colorbrightness.min.js?ver=5.20.6
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:15 GMT
content-encoding: gzip
last-modified: Mon, 28 Jun 2021 17:47:47 GMT
server: nginx
etag: W/"60da0b43-3ae"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMfd6a97251df396e251d5be00824fb2e4e
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 owl.carousel.min.js Show response
www.guardicore.com/wp-content/plugins/modern-events-calendar-lite/assets/packages/owl-carousel/ 107 KB
21 KB 571ms
566ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/modern-events-calendar-lite/assets/packages/owl-carousel/owl.carousel.min.js?ver=5.20.6
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2253d28cf7e038400244b19b4fe87d90240a0388e16f0a145deeff4eaf47b14a

Request headers

:path: /wp-content/plugins/modern-events-calendar-lite/assets/packages/owl-carousel/owl.carousel.min.js?ver=5.20.6
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:15 GMT
content-encoding: gzip
last-modified: Mon, 28 Jun 2021 17:47:47 GMT
server: nginx
etag: W/"60da0b43-1ad6a"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf58088149b660313e24696013bed398b2
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vue.min.js Show response
www.guardicore.com/wp-content/plugins/jet-menu/assets/public/js/ 91 KB
34 KB 574ms
569ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/jet-menu/assets/public/js/vue.min.js?ver=2.6.11
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9e0156dd49c03744e79bbea60eebbbb94b5811c1b71b91f5fb38a8270dedfbaf

Request headers

:path: /wp-content/plugins/jet-menu/assets/public/js/vue.min.js?ver=2.6.11
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:15 GMT
content-encoding: gzip
last-modified: Sun, 21 Mar 2021 22:43:36 GMT
server: nginx
etag: W/"6057cc18-16de6"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMfcc4d0aa622118513b2768ce04847ca15
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jet-menu-public-script.js Show response
www.guardicore.com/wp-content/plugins/jet-menu/assets/public/js/ 43 KB
10 KB 577ms
573ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/jet-menu/assets/public/js/jet-menu-public-script.js?ver=2.0.9
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 238665a4e9c6f3e6fd4c936f560856580b5f30d2aaf8e508d07a2f56a0516fc1

Request headers

:path: /wp-content/plugins/jet-menu/assets/public/js/jet-menu-public-script.js?ver=2.0.9
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:15 GMT
content-encoding: gzip
last-modified: Sun, 21 Mar 2021 22:43:36 GMT
server: nginx
etag: W/"6057cc18-ab29"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMfa8cbe226caf9932494569b0cc5939429
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-embed.min.js Show response
www.guardicore.com/wp-includes/js/ 1 KB
1 KB 578ms
573ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-includes/js/wp-embed.min.js?ver=b5e5bcb39b7f9f3feb0d0ea77dd35c89
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path: /wp-includes/js/wp-embed.min.js?ver=b5e5bcb39b7f9f3feb0d0ea77dd35c89
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:15 GMT
content-encoding: gzip
last-modified: Sun, 21 Mar 2021 22:42:24 GMT
server: nginx
etag: W/"6057cbd0-592"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf4e076e883c6e570369c0b8626cbe9226
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 imagesloaded.min.js Show response
www.guardicore.com/wp-includes/js/ 5 KB
2 KB 578ms
574ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

:path: /wp-includes/js/imagesloaded.min.js?ver=4.1.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:15 GMT
content-encoding: gzip
last-modified: Sun, 21 Mar 2021 22:42:24 GMT
server: nginx
etag: W/"6057cbd0-15fd"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMfb0c25359c2d8e4944353662d9992d4b1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 webpack-pro.runtime.min.js Show response
www.guardicore.com/wp-content/plugins/elementor-pro/assets/js/ 5 KB
3 KB 578ms
574ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.3.1
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 52adbaf8b7004e3e0ef2b06be5492748eeef0bdfbc2d91b4aa3aa7ddd7028703

Request headers

:path: /wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.3.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:15 GMT
content-encoding: gzip
last-modified: Mon, 28 Jun 2021 17:47:40 GMT
server: nginx
etag: W/"60da0b3c-1556"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf0ed1653ed0e7775c428f7b2952409c0b
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 webpack.runtime.min.js Show response
www.guardicore.com/wp-content/plugins/elementor/assets/js/ 5 KB
2 KB 578ms
574ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.2.5
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: b5641645c15c48b3ff5ce52e718563e1d04d18492e552eb126862768327e2855

Request headers

:path: /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.2.5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:15 GMT
content-encoding: gzip
last-modified: Mon, 21 Jun 2021 16:24:03 GMT
server: nginx
etag: W/"60d0bd23-12a1"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMfbbc6ff7931e6c87070090c04015f43ca
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 frontend-modules.min.js Show response
www.guardicore.com/wp-content/plugins/elementor/assets/js/ 63 KB
22 KB 579ms
574ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.2.5
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: d8e1bb6afaee4a9709470e6bc6712a4288aab63eff4a430e75935d0095648bb6

Request headers

:path: /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.2.5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:15 GMT
content-encoding: gzip
last-modified: Mon, 21 Jun 2021 16:24:03 GMT
server: nginx
etag: W/"60d0bd23-fd92"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf0a024fd88c021ad003c5db220d6f2b02
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.sticky.min.js Show response
www.guardicore.com/wp-content/plugins/elementor-pro/assets/lib/sticky/ 6 KB
2 KB 579ms
575ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.3.1
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: a48dea362116d7516a2cf97066a32758d353760ee02dbf900ddff86b02a16473

Request headers

:path: /wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.3.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:15 GMT
content-encoding: gzip
last-modified: Mon, 28 Jun 2021 17:47:40 GMT
server: nginx
etag: W/"60da0b3c-19c3"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf241001edb618ba12948f4cd0af1fdb1f
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 frontend.min.js Show response
www.guardicore.com/wp-content/plugins/elementor-pro/assets/js/ 58 KB
16 KB 580ms
575ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.3.1
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 785c1179e9138a30fccbcd502d81ad2920049a12fd3d83fae433052e9be4c62f

Request headers

:path: /wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.3.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:15 GMT
content-encoding: gzip
last-modified: Mon, 28 Jun 2021 17:47:40 GMT
server: nginx
etag: W/"60da0b3c-e60d"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf636704ea2c993b68c135d9d327be23ac
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 waypoints.min.js Show response
www.guardicore.com/wp-content/plugins/elementor/assets/lib/waypoints/ 12 KB
3 KB 580ms
576ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0

Request headers

:path: /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:15 GMT
content-encoding: gzip
last-modified: Mon, 21 Jun 2021 16:24:03 GMT
server: nginx
etag: W/"60d0bd23-2fa6"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf9cab2a38e991928a013a8fa919b7c04f
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 swiper.min.js Show response
www.guardicore.com/wp-content/plugins/elementor/assets/lib/swiper/ 136 KB
35 KB 580ms
576ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804

Request headers

:path: /wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:15 GMT
content-encoding: gzip
last-modified: Mon, 21 Jun 2021 16:24:03 GMT
server: nginx
etag: W/"60d0bd23-21f91"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf72dc2fa715e7e97cb8b09b8de7588693
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 share-link.min.js Show response
www.guardicore.com/wp-content/plugins/elementor/assets/lib/share-link/ 3 KB
1 KB 579ms
576ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.2.5
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4a7ee62eb33f3bbb66c2151e5cac6bf4904e28302efc36128f3e3ccae6fde580

Request headers

:path: /wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.2.5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:15 GMT
content-encoding: gzip
last-modified: Mon, 21 Jun 2021 16:24:03 GMT
server: nginx
etag: W/"60d0bd23-a12"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf1a3052478d5277ce86ad04906e9cd5a3
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 dialog.min.js Show response
www.guardicore.com/wp-content/plugins/elementor/assets/lib/dialog/ 11 KB
4 KB 579ms
576ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.8.1
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2989e0b9e836cb9de3274d641ec6a58c2052f039e790ddd59b22303930bfdeeb

Request headers

:path: /wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.8.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:15 GMT
content-encoding: gzip
last-modified: Mon, 21 Jun 2021 16:24:03 GMT
server: nginx
etag: W/"60d0bd23-2a6f"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf60eaedff1a38b08c33d36066ea556788
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 frontend.min.js Show response
www.guardicore.com/wp-content/plugins/elementor/assets/js/ 66 KB
20 KB 579ms
576ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.2.5
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 17f076500dca787c42b1dd6238ce50a0752771eafd040e8512c713a7ec947c65

Request headers

:path: /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.2.5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:15 GMT
content-encoding: gzip
last-modified: Mon, 21 Jun 2021 16:24:03 GMT
server: nginx
etag: W/"60d0bd23-1086a"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf35a2c485cfceca568e6d0a3cc38f0bbe
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 preloaded-elements-handlers.min.js Show response
www.guardicore.com/wp-content/plugins/elementor-pro/assets/js/ 160 KB
39 KB 579ms
576ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/elementor-pro/assets/js/preloaded-elements-handlers.min.js?ver=3.3.1
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 897ebbdf379aeb2c751275f083d298f15b094902c6bd6a66405ffb0604c64124

Request headers

:path: /wp-content/plugins/elementor-pro/assets/js/preloaded-elements-handlers.min.js?ver=3.3.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:15 GMT
content-encoding: gzip
last-modified: Mon, 28 Jun 2021 17:47:40 GMT
server: nginx
etag: W/"60da0b3c-27e8a"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf6937828e15e91af63bcd262745ddab62
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jet-blocks.min.js Show response
www.guardicore.com/wp-content/plugins/jet-blocks/assets/js/ 17 KB
6 KB 579ms
576ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/jet-blocks/assets/js/jet-blocks.min.js?ver=1.2.8
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 32724c08701fcb0bb65c489c06718dca25268bc15b53bf0df19f89fbf8dd2676

Request headers

:path: /wp-content/plugins/jet-blocks/assets/js/jet-blocks.min.js?ver=1.2.8
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:15 GMT
content-encoding: gzip
last-modified: Sun, 21 Mar 2021 22:43:24 GMT
server: nginx
etag: W/"6057cc0c-450b"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMfabae8c7a6c9a67297f5c04ef22ea016a
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jet-elements.min.js Show response
www.guardicore.com/wp-content/plugins/jet-elements/assets/js/ 63 KB
22 KB 579ms
576ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/jet-elements/assets/js/jet-elements.min.js?ver=2.5.8
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4604fb3649c76594567706713285dd8be0c3538a2c3b0edfd49d74c9f5147972

Request headers

:path: /wp-content/plugins/jet-elements/assets/js/jet-elements.min.js?ver=2.5.8
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:15 GMT
content-encoding: gzip
last-modified: Mon, 28 Jun 2021 17:47:43 GMT
server: nginx
etag: W/"60da0b3f-fdc0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf00c760264a0e876e1da5ff3a5e97662d
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jet-menu-widgets-scripts.js Show response
www.guardicore.com/wp-content/plugins/jet-menu/assets/public/js/ 11 KB
4 KB 579ms
576ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/jet-menu/assets/public/js/jet-menu-widgets-scripts.js?ver=2.0.9
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: f3a7ddd6363de195ad182e5e26cdc0addd8ad09e6deba53fcd22831f9cb28803

Request headers

:path: /wp-content/plugins/jet-menu/assets/public/js/jet-menu-widgets-scripts.js?ver=2.0.9
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:15 GMT
content-encoding: gzip
last-modified: Sun, 21 Mar 2021 22:43:36 GMT
server: nginx
etag: W/"6057cc18-2c61"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf9285b69625a8c6c025d6bda532b414e5
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 popperjs.js Show response
www.guardicore.com/wp-content/plugins/jet-tricks/assets/js/lib/tippy/ 18 KB
7 KB 579ms
576ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/jet-tricks/assets/js/lib/tippy/popperjs.js?ver=2.5.2
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: dd1617feba063690e3bf1621308e1af67c6cabcdb2602e5a1df3a14b02b94d05

Request headers

:path: /wp-content/plugins/jet-tricks/assets/js/lib/tippy/popperjs.js?ver=2.5.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:15 GMT
content-encoding: gzip
last-modified: Tue, 25 May 2021 15:22:22 GMT
server: nginx
etag: W/"60ad162e-487a"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf89a6f5dfb3bbc9fbd643c657f4f1cd92
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tippy-bundle.js Show response
www.guardicore.com/wp-content/plugins/jet-tricks/assets/js/lib/tippy/ 76 KB
19 KB 579ms
576ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/jet-tricks/assets/js/lib/tippy/tippy-bundle.js?ver=6.3.1
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: ea8db732b0c05833c674be800e81bf8dc72919a00feafde206c1f6001d1c6bcf

Request headers

:path: /wp-content/plugins/jet-tricks/assets/js/lib/tippy/tippy-bundle.js?ver=6.3.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:15 GMT
content-encoding: gzip
last-modified: Tue, 25 May 2021 15:22:22 GMT
server: nginx
etag: W/"60ad162e-13099"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMfd754d41ffc2d5035b5ba224afa685638
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jet-tricks-frontend.js Show response
www.guardicore.com/wp-content/plugins/jet-tricks/assets/js/ 21 KB
5 KB 579ms
577ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/jet-tricks/assets/js/jet-tricks-frontend.js?ver=1.3.7
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 552816c0181f22f4dc11728b99d077587e09299d57ecc9539a95233ba59d2b51

Request headers

:path: /wp-content/plugins/jet-tricks/assets/js/jet-tricks-frontend.js?ver=1.3.7
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:15 GMT
content-encoding: gzip
last-modified: Tue, 25 May 2021 15:22:22 GMT
server: nginx
etag: W/"60ad162e-5499"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf4b0f563089457e91fa1fc2791e26da8c
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 preloaded-modules.min.js Show response
www.guardicore.com/wp-content/plugins/elementor/assets/js/ 57 KB
17 KB 579ms
577ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.2.5
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: d882dbd828af87ed3434862bf608a2dee6d347817ae547421c9b2051ce29a905

Request headers

:path: /wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.2.5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:15 GMT
content-encoding: gzip
last-modified: Mon, 21 Jun 2021 16:24:03 GMT
server: nginx
etag: W/"60d0bd23-e2e0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMfcc352ed3100dbe58e7cb5da18c1b1c9e
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 underscore.min.js Show response
www.guardicore.com/wp-includes/js/ 16 KB
6 KB 579ms
577ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-includes/js/underscore.min.js?ver=1.8.3
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6cd0d6897b3d4779f7d88ce72531f22fbf75851b195fb14e6f3f23d051b3d1e9

Request headers

:path: /wp-includes/js/underscore.min.js?ver=1.8.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:15 GMT
content-encoding: gzip
last-modified: Fri, 16 Apr 2021 00:17:18 GMT
server: nginx
etag: W/"6078d78e-3ead"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMfae0f7787d8b2ae2282e60d276b5720e2
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-util.min.js Show response
www.guardicore.com/wp-includes/js/ 1 KB
892 B 302ms
300ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-includes/js/wp-util.min.js?ver=b5e5bcb39b7f9f3feb0d0ea77dd35c89
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6d7c73e67cbb5215d633ce9ad65f0c0377004621fce62982568024178ac4b589

Request headers

:path: /wp-includes/js/wp-util.min.js?ver=b5e5bcb39b7f9f3feb0d0ea77dd35c89
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:15 GMT
content-encoding: gzip
last-modified: Sun, 21 Mar 2021 22:42:24 GMT
server: nginx
etag: W/"6057cbd0-435"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf1c6f5fd7fd1a368cd97d1dbd661a7233
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jet-search.js Show response
www.guardicore.com/wp-content/plugins/jet-search/assets/js/ 13 KB
3 KB 567ms
565ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/jet-search/assets/js/jet-search.js?ver=2.1.12
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: ef5778f747401ce5abeaa4accff79fa721b062dd375572c06e185e9f49130746

Request headers

:path: /wp-content/plugins/jet-search/assets/js/jet-search.js?ver=2.1.12
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:15 GMT
content-encoding: gzip
last-modified: Mon, 21 Jun 2021 16:24:08 GMT
server: nginx
etag: W/"60d0bd28-33e2"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMfe5330f3b9deaeaf07f208ec9054234d0
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 frontend.js Show response
www.guardicore.com/wp-content/plugins/jet-engine/assets/js/ 37 KB
8 KB 569ms
567ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/jet-engine/assets/js/frontend.js?ver=2.8.5
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 23ad59d8614ad388eb5341dd0b4db738694d4eb9d18ddf4bd057e18f665c0f1a

Request headers

:path: /wp-content/plugins/jet-engine/assets/js/frontend.js?ver=2.8.5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:15 GMT
content-encoding: gzip
last-modified: Mon, 21 Jun 2021 16:24:06 GMT
server: nginx
etag: W/"60d0bd26-9547"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMffe6257eea206c0bf46f76c89fb4959cb
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
438 B 411ms
109ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:06:15 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=VmxHvE3NbNwuSiXfLJKwvDZkCSS7RkcK9IIZzL0K4jDuRpgXR4ZXiFtp8e7YGLzwAJjI%2FQTb1%2FDbbgRNNO5UtgADkKGVVakiyZKr6xsRla1jQtyzizXyj0wqzC4F0r9BcFhEtZjLf7CXM7w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0cf40788205dc-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H/1.1 200
OK 6si.min.js Show response
j.6sc.co/ 23 KB
8 KB 91ms
28ms Script
application/javascript 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

da1b60970149580c709bbc357622d24e7029d658e852e74ef1d861ffb22ad219

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 05 Jul 2021 13:06:15 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 7764
Pragma: no-cache
Last-Modified: Wed, 17 Mar 2021 01:04:50 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "605155b2-5d6b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: application/javascript
Access-Control-Allow-Origin
Cache-Control: private, no-cache, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Mon, 05 Jul 2021 13:06:15 GMT

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
792 B 713ms
412ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:06:16 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=YkC4P2Hqls3mllj%2FKGFsoTDuifJMb7%2BNqyeRWJlI0ENIAR1z2ciM4cMmU%2FsxoR6MrM1%2BTnOFbsLIoj5c0NRIyW5bHtshvEdzNxPORxPFNitg0hPzAx2VSysEKrRD7tsl%2FldOjOmHoStrQZ4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0cf40788905dc-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
433 B 412ms
111ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:06:15 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=gdQTLuQygs0XR1UED0La61v1EnFiZYXa7au0B5p5imgeTqAsPLF6cODf6gLD8CDUgebU5mvZNtuC4eI9bQhP5rFSHQe%2F0flBpP85dT9AqVarIttUPoBYupgmd%2FjvOOKDUIisHpNN2G04a1g%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0cf40788d05dc-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 219 KB
61 KB 42ms
37ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WDRGX6B

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eadeeab2d21bc67094131dec97cf17504bdfae31d1bd1dfd329cd741f0677ab3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:15 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62000
x-xss-protection: 0
last-modified: Mon, 05 Jul 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 05 Jul 2021 13:06:15 GMT

GET
H/1.0 200
OK Cookie set 29ntk8 Show response
go.guardicore.com/l/503441/2019-11-13/ Frame B745 7 KB
3 KB 711ms
295ms Document
text/html 35.174.78.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go.guardicore.com/l/503441/2019-11-13/29ntk8
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: HTTP/1.0
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.174.78.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pi0-lba1-5-ue1.aws.pardot.com
Software: PardotServer /
Resource Hash: f6ea484d6d98cf40416aa534105ecefa98b468463f86f63321d4ff473f266ebe

Request headers

Host: go.guardicore.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.guardicore.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.guardicore.com/

Response headers

Date: Mon, 05 Jul 2021 13:06:15 GMT
Set-Cookie: pardot=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0 visitor_id503441=427868592; expires=Wed, 24-Aug-2022 13:06:16 GMT; Max-Age=35856000; path=/; secure; SameSite=None visitor_id503441-hash=3248c4e072e549efbf229f3d9e1f27f6f871780fa245afb0df3ba2bf08225d0d35f96035b9d5080fc6b336a1dd12155d586d4ea5; expires=Wed, 24-Aug-2022 13:06:16 GMT; Max-Age=35856000; path=/; secure; SameSite=None
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
X-Pardot-Rsp: 17/6/19
P3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2381
Content-Type: text/html; charset=utf-8
X-Pardot-Route: cb482e8713caadba289bc279c1db8a1d
Server: PardotServer
X-Pardot-LB: d3d7f55bb0643f40d338b3c1e133d5c5
Connection: keep-alive

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
433 B 749ms
449ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:06:16 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Ncel6VYYsBPrsy4OB08YUuP6mwAFBpWcxg6GcJcBZT2XumFZ1qMAFHvsRmyDdNAupWcrQP1HuJxBIIuKUO0t9IUC6WRDQWM2C9fJMChIsie251bBlpvD1UM9h3JE4erW9Wu1LIgEkZ5BMxk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0cf40789d05dc-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
442 B 707ms
407ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:06:16 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=BOV35FqavI%2F6KwtJ0okDyG9lYI%2FQ0I9ECTWWwtgedc9qbki%2BBDreUTpuRbuAe9v%2BVo%2FJ9CtxCrOiPmfaMv5A8vZrrUdYQ9N1OQyJ84xyV1aXooN2Y0tHkWxiigbZM47yl2Jyr%2FWXWnCJ%2BTc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0cf40789e05dc-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H2 200 Indexsinas-Labs-Blog-Header-1920x450px.jpg
www.guardicore.com/wp-content/uploads/ 142 KB
142 KB 164ms
164ms Image
image/jpeg 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guardicore.com/wp-content/uploads/Indexsinas-Labs-Blog-Header-1920x450px.jpg
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: a5be724742b18d242a2532bded133564f8d8327b2ff622c4073f8a213cc67b16

Request headers

:path: /wp-content/uploads/Indexsinas-Labs-Blog-Header-1920x450px.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:15 GMT
last-modified: Tue, 29 Jun 2021 12:15:22 GMT
server: nginx
etag: "60db0eda-236fb"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 145147
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf544eaec667ea16e1de8e23d01a33ef26
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Vector-5.svg
www.guardicore.com/wp-content/uploads/ 539 B
620 B 163ms
162ms Image
image/svg+xml 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guardicore.com/wp-content/uploads/Vector-5.svg
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 55d372262d6c1aca75034d99cb49419689270ff74765adf77ed15ded9ece52fe

Request headers

:path: /wp-content/uploads/Vector-5.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:15 GMT
content-encoding: gzip
last-modified: Sun, 21 Mar 2021 23:02:59 GMT
server: nginx
etag: W/"6057d0a3-21b"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMfb2c37d166b0b18af87c7e8f95811f566
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Graphik-Semibold.woff2
www.guardicore.com/wp-content/uploads/ 42 KB
42 KB 163ms
163ms Font
application/font-woff2 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/uploads/Graphik-Semibold.woff2
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/wp-content/uploads/elementor/css/post-55514.css?ver=1624902517
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 88c7b96dcdb3c0c4d52f8dcfdc11b012497f5f4d2c31bcdd9ac429050d60c4a1

Request headers

:path: /wp-content/uploads/Graphik-Semibold.woff2
pragma: no-cache
origin: https://www.guardicore.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.guardicore.com
referer: https://www.guardicore.com/wp-content/uploads/elementor/css/post-55514.css?ver=1624902517
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.guardicore.com
Referer: https://www.guardicore.com/wp-content/uploads/elementor/css/post-55514.css?ver=1624902517
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:15 GMT
last-modified: Sun, 21 Mar 2021 22:48:32 GMT
server: nginx
etag: "6057cd40-a608"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 42504
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMfa5dda96bdf8e98ded292f322f55bba63
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fa-solid-900.woff2
www.guardicore.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 78 KB
79 KB 163ms
163ms Font
application/font-woff2 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7

Request headers

:path: /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
pragma: no-cache
origin: https://www.guardicore.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.guardicore.com
referer: https://www.guardicore.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.guardicore.com
Referer: https://www.guardicore.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:15 GMT
last-modified: Mon, 21 Jun 2021 16:24:03 GMT
server: nginx
etag: "60d0bd23-139ac"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 80300
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf751b91df84c1b2dfd633379fc5913c36
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Graphik-Bold.woff2
www.guardicore.com/wp-content/uploads/ 41 KB
42 KB 165ms
165ms Font
application/font-woff2 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/uploads/Graphik-Bold.woff2
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/wp-content/uploads/elementor/css/post-55514.css?ver=1624902517
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5e13437dee929c20638ff3b3be2c584b73ecdf3188cdaa5215a498b855240789

Request headers

:path: /wp-content/uploads/Graphik-Bold.woff2
pragma: no-cache
origin: https://www.guardicore.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.guardicore.com
referer: https://www.guardicore.com/wp-content/uploads/elementor/css/post-55514.css?ver=1624902517
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.guardicore.com
Referer: https://www.guardicore.com/wp-content/uploads/elementor/css/post-55514.css?ver=1624902517
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:15 GMT
last-modified: Sun, 21 Mar 2021 22:55:21 GMT
server: nginx
etag: "6057ced9-a578"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 42360
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMfa2c02a57e83c727364b7baa285ee0a00
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fa-brands-400.woff2
www.guardicore.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 77 KB
77 KB 165ms
165ms Font
application/font-woff2 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba

Request headers

:path: /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
pragma: no-cache
origin: https://www.guardicore.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.guardicore.com
referer: https://www.guardicore.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.guardicore.com
Referer: https://www.guardicore.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:15 GMT
last-modified: Mon, 21 Jun 2021 16:24:03 GMT
server: nginx
etag: "60d0bd23-1327c"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 78460
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMfca9a623ab84e1cb9ac770284153e1cd5
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Guardicore-Logo-2C-Purple-White-RGB-1024x411.png
www.guardicore.com/wp-content/uploads/ 29 KB
29 KB 164ms
163ms Image
image/png 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guardicore.com/wp-content/uploads/Guardicore-Logo-2C-Purple-White-RGB-1024x411.png
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3c905981a0c3eb45cb3aa610f847bc3fc70a126acff5fc79c9d4d78dea3ee7ce

Request headers

:path: /wp-content/uploads/Guardicore-Logo-2C-Purple-White-RGB-1024x411.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:15 GMT
last-modified: Mon, 07 Jun 2021 21:05:46 GMT
server: nginx
etag: "60be8a2a-7317"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 29463
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf40b847cd0cf24d6a824d8edca85e3eea
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
445 B 427ms
126ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:06:15 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=V%2BCxKK2nvSuk8ZhX5ePpVV3ZI2%2FR05ae73wZ0nyXMRhKXWElQG8y2Uowsmu8HrZRzglC%2B%2BJ%2FFxEOgXXUGkIy9CVcpdRRD%2BsbXN0WAWQ0F2Gc8uraY3SnxE4VJgJXgSvKMLtd2tHggb%2F9XCw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0cf411a6e05dc-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H2 200 f95ee8c4fc857b3c70e477ed7fe99ca2
secure.gravatar.com/avatar/ 1 KB
2 KB 25ms
6ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/f95ee8c4fc857b3c70e477ed7fe99ca2?s=96&d=mm&r=g
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 67f565f25c1bb8ae629cfca60c71766232073a0c905e0387e45895657b4ae3e7

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 05 Jul 2021 13:06:15 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="f95ee8c4fc857b3c70e477ed7fe99ca2.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/f95ee8c4fc857b3c70e477ed7fe99ca2?s=96&d=mm&r=g>; rel="canonical"
content-length: 1528
expires: Mon, 05 Jul 2021 13:11:15 GMT

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
434 B 710ms
409ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:06:16 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=GrHslum02vpYeBPIdcoVH14U06mU21QOkXO9KA%2Bxb0gZhVYhKtAAsujBL2TEx7i8FtuqAYksgIiWuV0j8TXx13ejBpa1zeUs7dbR4OP9bs4MZZ4WxvmJ1gNiYYpkzxmfIB9Uw3R%2BAdCTZ3s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0cf411a7405dc-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H2 200 c6df2c91220bf7941cbdc4fb85156241
secure.gravatar.com/avatar/ 1 KB
2 KB 24ms
6ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/c6df2c91220bf7941cbdc4fb85156241?s=96&d=mm&r=g
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 148b35f5e5d3dd37d6fc44caa577d6b478b0a62bb1200439d1f77e21f9c88c64

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 05 Jul 2021 13:06:15 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="c6df2c91220bf7941cbdc4fb85156241.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/c6df2c91220bf7941cbdc4fb85156241?s=96&d=mm&r=g>; rel="canonical"
content-length: 1528
expires: Mon, 05 Jul 2021 13:11:15 GMT

GET
H2 200 indexsinas-graph-1024x704.png
www.guardicore.com/wp-content/uploads/ 90 KB
91 KB 164ms
163ms Image
image/png 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guardicore.com/wp-content/uploads/indexsinas-graph-1024x704.png
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: ee3bf73c6c9ad57355c0ea3d028c8578295c733d1386e9a884f12ee3fa87f0c2

Request headers

:path: /wp-content/uploads/indexsinas-graph-1024x704.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:15 GMT
last-modified: Tue, 29 Jun 2021 16:18:21 GMT
server: nginx
etag: "60db47cd-16957"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 92503
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMfe3cd37e0f0951395db9d934d73df0dde
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 indexsinas-map-1024x640.png
www.guardicore.com/wp-content/uploads/ 169 KB
170 KB 164ms
164ms Image
image/png 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guardicore.com/wp-content/uploads/indexsinas-map-1024x640.png
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: be28a35c24df4d07890eb60a8dc916d76b648a012b33439a11df136d5b6bb3f6

Request headers

:path: /wp-content/uploads/indexsinas-map-1024x640.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:15 GMT
last-modified: Tue, 29 Jun 2021 16:19:39 GMT
server: nginx
etag: "60db481b-2a42b"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 173099
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf914ee8ae6334cff1caa34b7d2bc58523
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 im-op1-banner-1.png
www.guardicore.com/wp-content/uploads/ 63 KB
64 KB 165ms
165ms Image
image/png 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guardicore.com/wp-content/uploads/im-op1-banner-1.png
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1a74087f01c6bf2309a2f5d7ddb8c2309f5fac988dccd6a72e283ef5eb70a347

Request headers

:path: /wp-content/uploads/im-op1-banner-1.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:15 GMT
last-modified: Sun, 21 Mar 2021 23:00:01 GMT
server: nginx
etag: "6057cff1-fd20"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 64800
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf8a13c6fa38ee8da4d4983a0b005be784
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 threat-intelligence-banner-1.png
www.guardicore.com/wp-content/uploads/ 21 KB
22 KB 168ms
168ms Image
image/png 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guardicore.com/wp-content/uploads/threat-intelligence-banner-1.png
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4b9a7bdede208dc634debc53edee3ab4c7412e97063bd350c4726fb7625b532f

Request headers

:path: /wp-content/uploads/threat-intelligence-banner-1.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:15 GMT
last-modified: Sun, 21 Mar 2021 23:02:01 GMT
server: nginx
etag: "6057d069-55e7"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 21991
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf293beff31c657ef5de7ae469aa02c8e2
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 JB41vmcC4ixUuR5dsrXKpe Show response
whimsical.com/embed/ Frame DF40 12 KB
5 KB 405ms
345ms Document
text/html 13.224.221.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://whimsical.com/embed/JB41vmcC4ixUuR5dsrXKpe

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.221.128 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-221-128.lhr61.r.cloudfront.net

Software

Resource Hash

288960b7f569d9400fcee66853782b5c32613018935c0571e411237ba32b861f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: whimsical.com
:scheme: https
:path: /embed/JB41vmcC4ixUuR5dsrXKpe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.guardicore.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.guardicore.com/

Response headers

content-type: text/html
date: Mon, 05 Jul 2021 13:06:15 GMT
vary: Accept-Encoding
set-cookie: AWSALB=kT/1//mSctB/2FGyb49d0t0InMX8ZShz1g5mr9O/Bv6UfohdKQ6mfXuFSekHmGcB+4UFSvfO8HVF3OiFlXHrNZv2R6aN226oYztCGNn8dYrty919ygcvGhe4Vddq; Expires=Mon, 12 Jul 2021 13:06:15 GMT; Path=/ AWSALBCORS=kT/1//mSctB/2FGyb49d0t0InMX8ZShz1g5mr9O/Bv6UfohdKQ6mfXuFSekHmGcB+4UFSvfO8HVF3OiFlXHrNZv2R6aN226oYztCGNn8dYrty919ygcvGhe4Vddq; Expires=Mon, 12 Jul 2021 13:06:15 GMT; Path=/; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: interest-cohort=()
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 2063ee702f4d3bcc9a2d5c54fdebd6e6.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
x-amz-cf-id: 75ich9kO-pTEm42Y6bJ8-DV6-6KWCGsAecjZj5JPhfAzHUBAtzSSyw==

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
435 B 416ms
116ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:06:15 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=qZGSoZAZTWaFwAr38J%2F8f5gUtxMQ2OWkJ%2BfppUs3309mEkzp1xI5nsqSwAriRaIBGnwSBiQuIIKvdqeFZcbMuNpgImGHsKweY5iPePSFTtiCxosFT8RFTBZoSpcvcxp1SFi0hmR0hf3tpYE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0cf413ab605dc-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
458 B 464ms
163ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:06:16 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=4QaMn26btFF%2BHEsLBEAUAMhAMPWsin6H9TtrE11nfy2E7jAPNTJnoZzMUAElXnuNhS3NWdrzmTMpoK4dPadUStukQBrn6MiDhfwoFhHWrZlCjjrpckavW0OwYs9zvXjsIKhMqoexL5%2FV0wI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0cf415b1505dc-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
437 B 690ms
389ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/wp-content/plugins/jet-menu/assets/public/js/vue.min.js?ver=2.6.11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:06:16 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=SqW%2FZn8qSqMZRbYvtbRaEnqWQ14xjBrydOGtVlMya20h1e4uL83zVAJyBrZsxVpbt%2BLGVGSmFtA2r6X7XseINjQQywrpsG7xk72R1IcrhA4b6PNu4f77xescbkupP4z%2BFRRm%2Bh7iptbnWDk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0cf417b8505dc-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H2 200 get-menu-items Show response
www.guardicore.com/wp-json/jet-menu-api/v1/ 11 KB
3 KB 313ms
313ms XHR
application/json 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.guardicore.com/wp-json/jet-menu-api/v1/get-menu-items?menu_id=246&dev=false&lang=false

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),

Reverse DNS

140.124.235.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

e1549773d59ab2805e4db4ea0475b33a0e0295702d0f15c12107fc60e2caa99a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
:path: /wp-json/jet-menu-api/v1/get-menu-items?menu_id=246&dev=false&lang=false
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: application/json, text/javascript, */*; q=0.01
cache-control: no-cache
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
x-wp-nonce: 20df2d564c
:method: GET
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.guardicore.com/
X-Requested-With: XMLHttpRequest
X-WP-Nonce: 20df2d564c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:15 GMT
content-encoding: gzip
x-content-type-options: nosniff nosniff
content-security-policy-report-only: frame-ancestors 'none'; default-src 'none'; script-src 'self' 'report-sample' 'unsafe-inline'; style-src 'self' 'report-sample' 'unsafe-inline'; object-src 'none'; frame-src infectionmonkey.optimizeme.online; child-src 'none'; img-src 'self'; font-src 'self' *.gstatic.com; connect-src *.guardicore.com *.optimizeme.online; manifest-src 'none'; base-uri 'self'; form-action 'none'; media-src 'none'; prefetch-src 'none'; worker-src 'none'; report-uri https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-kinsta-cache: BYPASS
vary: Accept-Encoding Origin
x-xss-protection: 1; mode=block
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
referrer-policy: strict-origin
server: nginx
x-wp-nonce: 20df2d564c
x-frame-options: SAMEORIGIN
allow: GET
content-type: application/json; charset=UTF-8
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
permissions-policy: geolocation=();midi=();notifications=();push=();sync-xhr=();microphone=();camera=();magnetometer=();gyroscope=();speaker=(self);vibrate=();fullscreen=(self);payment=();
content-security-policy: upgrade-insecure-requests
x-robots-tag: noindex
link: <https://www.guardicore.com/wp-json/>; rel="https://api.w.org/"
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf2788ecb66e2067d716a5e1ae6fc7c96d

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
439 B 728ms
427ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-53878132-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:06:16 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=cCwcKPyGt5ZuM2JugKF9rwPIaPoZ0fu6yeTlaxVtxqgeRFmn94DXRG3v8ySTFZ4GfKq89nwPNOsXnq6cGfwz%2B0Mo8OCvAnqYOg4Q84Gqq0xb2Bc2Uz0PVDYTW564z%2BTQB%2BdtNu66ovq%2B5H8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0cf422db605dc-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-53878132-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 4815
date: Mon, 05 Jul 2021 11:46:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Mon, 05 Jul 2021 13:46:00 GMT

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
797 B 732ms
432ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDRGX6B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:06:16 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=g2DkwC8anF0m7%2FV3SK0EceU4T8rWTFR1q9VLBjwvVq%2B8AWRS5ekrRYZXudVLZoXZaMDD53FfWkc%2BMpnzh1UONZ1swqwP5KihfRyZqD%2B7iFQZEFI97%2F2ZFFCOLaS1p2KVl3opTob6%2FR6RX%2Fg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0cf422db805dc-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 7ms
7ms Script
application/x-javascript 2a02:26f0:6c00:28c::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDRGX6B
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28c::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 6e6e6a03e72a528c28884b50bf296425667f38dd0aaf1dd17ce89199ffc85271

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 05 Jul 2021 13:06:15 GMT
Content-Encoding: gzip
Last-Modified: Tue, 15 Jun 2021 01:25:13 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=34924
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2079

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
459 B 692ms
391ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDRGX6B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:06:16 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=RUv54bxobcjl2IAusqgZwLCqkoExR32TPnJgqEDjG8PHE%2FRAxQW7EpoZcIfYFfpXPcam9FAZMHHiaUfvbrg0JVTtUsbv6LTm7jJh1TFmAjnEcUCSaUaGI%2BIPFo06bd2GrOxmNCvNcbP8jd4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0cf422db905dc-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
445 B 436ms
136ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDRGX6B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:06:16 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=uFQG5dMzTURC7Yxz06FSCYRVd2baw3aDwjr1sN%2BM818UPM9%2FAGnvYzThApmd1hH%2BbK5jKpJ5l9UOBBx7b%2FW8%2Fk3cHKOAT6yZzbR%2FsztTM%2FwNAQ9oPlML0w%2BA4r48VvHnRZDacOG0HqfO04A%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0cf422dbb05dc-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 96ms
36ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDRGX6B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

92bd24374fb205c765a133d522acb2772693d2ccd486b7855e2447918de296a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14011
x-xss-protection: 0
server: cafe
etag: 1690124483490796579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 05 Jul 2021 13:06:15 GMT

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
434 B 429ms
128ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDRGX6B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:06:16 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=sfWllUraa9W%2Fv2mQGbQCNiNTPrxnEALaJPytxQjZpf75gaI6pUGYs12QQ0Dhhnwvv9DWmbimDy9BmQHW1JQ6aqXb6ejrbWV%2FDV2aQyHR1eTW0Kqk72SXuQBxg0ul2cfKg7cTef0gn4t1gXw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0cf422dbd05dc-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H2 200 hotjar-956284.js Show response
static.hotjar.com/c/ 4 KB
2 KB 130ms
60ms Script
application/javascript 13.225.87.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-956284.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDRGX6B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.87.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-87-76.fra2.r.cloudfront.net

Software

Resource Hash

08314d800c2117a8da2191541640b44c310ad2e80c6c0c909952507e57d35058

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:15 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA2-C2
etag: W/62942a71ca62539e640dd10e59c2f781
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
content-length: 1879
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62f.cloudfront.net (CloudFront)
x-amz-cf-id: 6vAywELKaE-7-HlwuT4NoRkDwqnbh0z93DGuqciKjIu2CBBTuBi4FA==

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
440 B 728ms
427ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDRGX6B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:06:16 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=yNov23d6T5Y1HgYlwBeVp47YS6GsgtbvAVCp3C7OWhV2rwS38%2FcnA0ru%2FgvKq1nt%2BysBDgKRCHKjANpG9A%2FuinazL1WPNMAR6%2B%2FdB0OnauYOgRVU0Wb3lu0EMd0OqM2sToV8NAZkw8hpZbk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0cf422dbe05dc-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H2 200 bat.js Show response
bat.bing.com/ 30 KB
9 KB 47ms
32ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDRGX6B
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 73e2e5173ed0d5a77b02914fa0ef1f67bb53143da75f0348f558f95565220ca1

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:15 GMT
content-encoding: gzip
last-modified: Fri, 28 May 2021 20:25:24 GMT
x-msedge-ref: Ref A: 4A28A80791584D19A48DBD08D2DC1698 Ref B: FRAEDGE1310 Ref C: 2021-07-05T13:06:15Z
etag: "0d2a696ff53d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 9008

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
436 B 433ms
133ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDRGX6B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:06:16 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=vBxdE1k1YV8O29V9BYUZiyBCsj4RLasCdtqV6Q76mYHWUB4%2Bhtg2rCZtbyyo7S5t%2FSpQr1OpxTTWG7t2OSzFbkiwdEwx7PwQiPGXE2RlEVnzVzMvOBaJnOam8yntionursbGZiyZMRQHOo4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0cf422dbf05dc-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 86ms
27ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDRGX6B
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ce8edccdc98a1f67c6d81ce452ac32192a9fc0c7a2828ea2dc6747c291cb5919

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:15 GMT
via: 1.1 varnish
last-modified: Fri, 02 Jul 2021 22:49:15 GMT
age: 47190
etag: "cf581d46c3059bf617cb7f732c21a59e+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1958
x-timer: S1625490376.805518,VS0,VE0
x-served-by: cache-fra19176-FRA

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
438 B 424ms
124ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: t.co
URL: https://t.co/oHdkaebuMi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:06:16 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=LKdVane7Kk1mapoFcKqZdjQawLCWigm9Di3InnyDsgz%2FnZj7iCgz%2BMB0iXKgn759rf%2FmFF7vJOhLv%2FWritO%2B7QStwEpcOFhJuZrFIiRxDiairriWO8BMcD2xHjzfP2NgLs2olaqQnz0vCv8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0cf422dc105dc-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 95 KB
24 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: t.co
URL: https://t.co/oHdkaebuMi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f2a2056b7a1c989899886a9b194e93912b7d11767239e956de73d5c2ea237b32

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 24676
x-xss-protection: 0
pragma: public
x-fb-debug: PblFIwBXpwEeiu832hI3tvGYhYCBsa5Ix52ym2Mh6MBO1lnkaybn7Ju9WKXprHhJAt9nKxXtiKHLmwRbjyI7GQ==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
date: Mon, 05 Jul 2021 13:06:15 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
442 B 681ms
380ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:06:16 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=TsxE%2BXJ4vv36rFZ0rwuwcILGekpjwiX8511B0cnnxy%2FTRHkso%2B1L5omBucIakRmhhabtNFi9dbMd5g3mFJFQpuD%2B%2B%2FziQ5YrgcDTFEGM6HQ52W1Hj2q0FGnN%2B6ozjpLG1dzLkWZxrZeD8Kc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0cf424dd605dc-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H2 200 1f44b.svg
s.w.org/images/core/emoji/13.0.1/svg/ 2 KB
987 B 64ms
19ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/13.0.1/svg/1f44b.svg

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

1c8231e24838de4ad2d966d5cb48563a2a6e540a15848d337fa3c466d0730775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Mon, 05 Jul 2021 13:06:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 20 Oct 2020 16:13:30 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
438 B 683ms
383ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:06:16 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Ze1ApzP9e95SOSyvl%2FYO0BVyTUq6anacjkV8hpdBuP3F5gac7%2Bq%2BM7aFiH28vrglBSkRlWjdDks4CtoQo7598rkpv3%2BBYGjzylDOZg1jJYQ4q1APHIlq5ZZ6ugCqiIlX60QS1U3TsrhNTcw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0cf427e6505dc-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&a=1430779651&t=pageview&_s=1&dl=https%3A%2F%2Fwww.guardicore.com%2Flabs%2Fsmb-worm-indexsinas%2F&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=SMB%20Worm%20%E2%80%9CIndexsinas%E2%80%9D%20Uses%20Lateral%20Movement%20to%20Infect%20Whole%20Networks%20-%20Guardicore&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=900064163&gjid=1201718350&cid=1795484937.1625490376&tid=UA-53878132-1&_gid=1073481397.1625490376&_r=1&gtm=2ou6u0&z=1222679643

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 05 Jul 2021 13:06:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.guardicore.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
461 B 465ms
164ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:06:16 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=P5ilMxRgffwEjtcQ7WtA1libks%2FcuH42%2FRm6rBqPaxXvvPyOuJO%2Br2x5ea1Og0J5%2BW7inFfc7XA6hvg4NuQXPRP0VYnJIy8dTBeUZDpDuSN45SHfGsgwsqoXYwczu0jy6m9D4I4BU9CvL4M%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0cf428e7505dc-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
90 B 16ms
16ms XHR
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-53878132-1&cid=1795484937.1625490376&jid=1311174554&gjid=994611584&_gid=1073481397.1625490376&_u=YGDAgUABAAAAAG~&z=768702385

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 05 Jul 2021 13:06:15 GMT
content-type: text/plain
access-control-allow-origin: https://www.guardicore.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
438 B 911ms
611ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:06:16 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=eeBra7tHS85I4p2Z%2BlE7wHDQ3YIoR4mUAjmQOtluNjbQ3IjRDN4HrpWMPPgriLtqkpbOhY9gbr3ogrlxnKXOZjaZtBG4bE4o5vvlALkLJywUiu57YtX%2FJAn7ObL7MhEqZ3LrJO4K%2BJbYgpw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0cf428e7705dc-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j91&a=1430779651&t=pageview&_s=1&dl=https%3A%2F%2Fwww.guardicore.com%2Flabs%2Fsmb-worm-indexsinas%2F&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=SMB%20Worm%20%E2%80%9CIndexsinas%E2%80%9D%20Uses%20Lateral%20Movement%20to%20Infect%20Whole%20Networks%20-%20Guardicore&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAgUABAAAAAC~&jid=1311174554&gjid=994611584&cid=1795484937.1625490376&tid=UA-53878132-1&_gid=1073481397.1625490376&gtm=2wg6u0WDRGX6B&z=417396046

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Jul 2021 19:37:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62954
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
467 B 737ms
437ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:06:16 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=LVlMtTFQTLihM6F%2FpOAE6IR%2BB83%2B3THKGZQ%2BwwKJWvXzmhED%2BGgwmgurU3ZBlQs7ZjliS2GB9wEw2T1UrOjTeKIgVGp2dWYx%2F8g7mt4DlOKsh3aq9VrqqoEdRmYIm%2BkIunzTAJWVed6T5fg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0cf428e8105dc-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=265698&time=1625490375786&url=https%3A%2F%2Fwww.guardicore.com%2Flabs%2Fsmb-worm-indexsinas%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D265698%26time%3D1625490375786%26url%3Dhttps%253A%252F%252Fwww.guardicore.com%252F...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=265698&time=1625490375786&url=https%3A%2F%2Fwww.guardicore.com%2Flabs%2Fsmb-worm-indexsinas%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=265698&time=1625490375786&url=https%3A%2F%2Fwww.guardicore.com%2Flabs%2Fsmb-worm-indexsinas%2F&liSync=true&e_ipv6=AQLnAyxoUo3w5gAAAXp2xsfkhR7_qDF...

0
156 B

345ms
147ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=265698&time=1625490375786&url=https%3A%2F%2Fwww.guardicore.com%2Flabs%2Fsmb-worm-indexsinas%2F&liSync=true&e_ipv6=AQLnAyxoUo3w5gAAAXp2xsfkhR7_qDFWLtco5ek1ZiO0G6zn-tP6zIcJ4LRPkPV0HTuFrp1M
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:17 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-proto: http/2
x-li-pop: prod-edc2
content-type: application/javascript
content-length: 0
x-li-uuid: XJ+ZuuLmjhbAJslOOSsAAA==

Redirect headers

date: Mon, 05 Jul 2021 13:06:16 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=265698&time=1625490375786&url=https%3A%2F%2Fwww.guardicore.com%2Flabs%2Fsmb-worm-indexsinas%2F&liSync=true&e_ipv6=AQLnAyxoUo3w5gAAAXp2xsfkhR7_qDFWLtco5ek1ZiO0G6zn-tP6zIcJ4LRPkPV0HTuFrp1M
x-li-proto: http/2
x-li-pop: prod-eda6
content-length: 0
x-li-uuid: WuTWpuLmjhagpEszxSoAAA==

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
440 B 728ms
427ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:06:16 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=gYHrk1mdn3rM%2BwApcd%2B0zOhyC3CQL2MsuXlcaAik4wNzvUhExc4bAlOBKw2jhqhwD2nZ%2FClaSePRr9ChtyIcocnr38l4SN%2F7%2FHni2F%2F9W9wpflGdeJLR2lBHOfzZMTdcVfCOuwhRjTpPXwM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0cf429e9b05dc-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H3-29 200 260002655494040 Show response
connect.facebook.net/signals/config/ 260 KB
74 KB 49ms
48ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/260002655494040?v=2.9.43&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c87e155f6dd4a48a9c96082e28afe41af493426dcfa72f2bb64a9d48d750e5e5

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: dIc3dmqUW4QHjCm9rgJS/2oLyIbD8HkWAptZ9emQ83Tw2ykk4uQzZy0dh3fhJI2I2XSXE+Hb1UXqWR9q4tO8fA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 05 Jul 2021 13:06:15 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
441 B 431ms
131ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:06:16 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ePyaY9enGFH3lTV3ZI6r42%2Ftg1VUvn1NTcsfukrDaJZz%2BNE9t6tRBeYeJR6nU7zOCDfftQgtxFpi%2FgkHi%2FPOecWFzsSFI%2BO7f9R91Yhn3itiKiJm0k9dh0kWM5wZ%2BCgJcuNS%2BSYwCZATths%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0cf42aec305dc-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 30ms
15ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-53878132-1&cid=1795484937.1625490376&jid=900064163&gjid=1201718350&_gid=1073481397.1625490376&_u=YEBAAUAAAAAAAC~&z=1238238327

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 05 Jul 2021 13:06:15 GMT
content-type: text/plain
access-control-allow-origin: https://www.guardicore.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
439 B 454ms
152ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:06:16 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=bteRLG5Vt3WEnSfq8OjG8509%2BuHm6qrSNHysTPw2f1YoBVxkAmB%2BR4u8PPgDC3CHxqOq3WZ1GEoMx%2ByiJpB9Nl0KVi4njSlIllwWYXgAwhSyCZ6h4zM4JrM4kTkTcUEHRbHRNeyfTrOWR9w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0cf42aec805dc-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 30ms
29ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-53878132-1&cid=1795484937.1625490376&jid=1311174554&_u=YGDAgUABAAAAAG~&z=1841870070

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jul 2021 13:06:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
441 B 732ms
430ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:06:16 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=0wpGX%2BjP2JKz915RA5MKGHqcXTAdZOQ4m4LAf3Cj4xtff2ZfQOiRi2p56y%2FBJcmNHB%2B1LUDh18wPtG5G9dBqrJMMKW23U%2BYlWFQAIHxZj3iWxHXzTSKF0WF%2Fa78JDAcbqYRmYSk5Y5bQmSo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0cf42aec905dc-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 30ms
29ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-53878132-1&cid=1795484937.1625490376&jid=1311174554&_u=YGDAgUABAAAAAG~&z=1841870070

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jul 2021 13:06:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
436 B 503ms
203ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:06:16 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Y4mzfxHO2D%2FK3cFCkPRwiMUfMmW8bBm4e7JtzPj2Mu8geEir8waDn6timpQwZWJoyhGqfKcTIG5wq%2BN1SjzcSWn2tpfl7YkqbRTdmecfekhLLlTP9cOlSYCvxg60N%2BHMZlLk14l9gsxyt0U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0cf42aecd05dc-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H2 204 25022092.js Show response
bat.bing.com/p/action/ 0
127 B 163ms
163ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/25022092.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ARR/3.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 05 Jul 2021 13:06:15 GMT
cache-control: private,max-age=86400
x-msedge-ref: Ref A: 8AE194C8A4D74AA7BFE812B16A9C4BD8 Ref B: FRAEDGE1310 Ref C: 2021-07-05T13:06:15Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
445 B 711ms
410ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:06:16 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Qqj%2B3O0pyB4HhL%2FdrJr4Mgm5G5JR62EoqyXU4YJynRB%2BQWpyK2tRsL9lNEkihQOnsYZ3Smiz5Oz2wK%2F8MkBXlIKiGTroESKP%2BNX57jqxO2lW%2FZn88lyphQro6axboyZdqgm%2Ft36nrT%2FXAfk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0cf42aed705dc-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H2 204 0
bat.bing.com/action/ 0
148 B 30ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=25022092&tm=gtm001&Ver=2&mid=7c63d909-f9ae-4096-b0dd-d593140a9286&sid=c7dc8cc0dd9111ebb34bcbabd20718c4&vid=c7dca5e0dd9111ebb1ff2bb196d5ab24&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=SMB%20Worm%20%E2%80%9CIndexsinas%E2%80%9D%20Uses%20Lateral%20Movement%20to%20Infect%20Whole%20Networks%20-%20Guardicore&p=https%3A%2F%2Fwww.guardicore.com%2Flabs%2Fsmb-worm-indexsinas%2F&r=https%3A%2F%2Ft.co%2F&lt=1955&evt=pageLoad&msclkid=N&sv=1&rn=111131
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 05 Jul 2021 13:06:15 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 3B3E7C76A1F4422C96365184252B3921 Ref B: FRAEDGE1310 Ref C: 2021-07-05T13:06:15Z
x-cache: CONFIG_NOCACHE
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
438 B 439ms
138ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:06:16 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=vaubWpFfngiyaR2sBC9h%2B5OWP%2B9YPkBgXUTObGJfVylCQOxoCU7xBSg1zf6O0tFJIyj6r7u0Nb8tOqKD5%2FbOOEmSThHIDXTrSNOos7BKhNQilIXpiTXcLdR4U4H97d4nnopQrwkuC6GvtRU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0cf42cf2c05dc-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H2 200 adsct
t.co/i/ 43 B
360 B 132ms
132ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.0&p_id=Twitter&p_user_id=0&txn_id=o0jty&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fwww.guardicore.com%2Flabs%2Fsmb-worm-indexsinas%2F

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Mon, 05 Jul 2021 13:06:15 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 31232488651f987e6f886d8737f45fb1f9adf0cd81e81982cfd3d6bdc3587bc8
x-transaction: 6b8beaf531ae6e74
expires: Tue, 31 Mar 1981 05:00:00 GMT

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
435 B 684ms
383ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:06:16 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=elsKqiQ3FuHtTnmRyDKD%2Biv8q6clePTB2gS9CsDVdesNFXtolUPtYS%2Fjz4CqIWqCVjQMLe8obq6sRWParWbdSlUDmBEiHr1MuKgdigjFRZUt1L6A2BuQR82vzNGa6Mf8m7VKkVcFLchxBYs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0cf42df4d05dc-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 40ms
37ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-53878132-1&cid=1795484937.1625490376&jid=900064163&_u=YEBAAUAAAAAAAC~&z=1251162761

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jul 2021 13:06:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
795 B 433ms
132ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:06:16 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=rLqvcrBsyE7MRuQKB%2FdTUUcRIR%2Fo0zAjZXAYCCxUXOCjMBhJEu08aJ1zmZ%2FEVzWuSvvfiCQOjQRUQsqAfiPuM5CWhsMYl%2BtMhRRZ61AMPRRoTHsKRQi5fl3uUjF%2FqN73zGPEf4G1N4dkX5o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0cf42df5105dc-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 48ms
30ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-53878132-1&cid=1795484937.1625490376&jid=900064163&_u=YEBAAUAAAAAAAC~&z=1251162761

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jul 2021 13:06:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
443 B 459ms
158ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:06:16 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=s3xHZz0Eo3YqleFOFNNfADOOPopacN%2B0oGB%2F8X%2B1bAF8D6ZBOBvKTv6rPaNaLLRSPTNNUajUPpX%2BzdpifarV5WF%2FtBgr1iIBldkurl635HGMpM0RZlZhCUp59JXK68s%2F37iY%2Fj4k7yyCKk8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0cf42ef7805dc-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/814034752/ 2 KB
1 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/814034752/?random=1625490375838&cv=9&fst=1625490375838&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6u0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.guardicore.com%2Flabs%2Fsmb-worm-indexsinas%2F&ref=https%3A%2F%2Ft.co%2F&tiba=SMB%20Worm%20%E2%80%9CIndexsinas%E2%80%9D%20Uses%20Lateral%20Movement%20to%20Infect%20Whole%20Networks%20-%20Guardicore&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea8b7b4867b15503d8ab0eac1f3bd7ad3b4d99efc82f1fc0f959316413f1e1aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jul 2021 13:06:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1087
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
437 B 717ms
416ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:06:16 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=7LzDjUdUYGnxSOhXE139Ke6TpAgkJjkT1fXbUAiiGZwOiQMS2s89Yz2c552LN3QSc16Z33Ah%2FxQkKE6pLVLH0o8%2BliARyq5ysg43ZbHwM6wVa6VEPEpNHQVn9b%2ByTxo5U453v1aOCZxnFx0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0cf431fcf05dc-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 7ms
6ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=260002655494040&ev=PageView&dl=https%3A%2F%2Fwww.guardicore.com%2Flabs%2Fsmb-worm-indexsinas%2F&rl=https%3A%2F%2Ft.co%2F&if=false&ts=1625490375867&sw=1600&sh=1200&v=2.9.43&r=stable&ec=0&o=30&fbp=fb.1.1625490375867.916258105&it=1625490375794&coo=false&rqm=GET

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:15 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 05 Jul 2021 13:06:15 GMT

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
794 B 725ms
424ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:06:16 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=aXe2XRR%2BF51QnI3JwZbbEyiQGyvx0UGHusOCOizK27aCHqsdlqn5bCrQS1J1XP3TLGT5lQnEX0tLEPDkTjt9axfabazWtVtd3pF2XT%2F05Q1%2BWvAjW%2BZuioY%2BW%2BPa0UIWBF5aT2nSdZB1t40%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0cf431fe205dc-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/814034752/ 42 B
64 B 20ms
19ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/814034752/?random=1625490375838&cv=9&fst=1625490000000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6u0&sendb=1&frm=0&url=https%3A%2F%2Fwww.guardicore.com%2Flabs%2Fsmb-worm-indexsinas%2F&ref=https%3A%2F%2Ft.co%2F&tiba=SMB%20Worm%20%E2%80%9CIndexsinas%E2%80%9D%20Uses%20Lateral%20Movement%20to%20Infect%20Whole%20Networks%20-%20Guardicore&async=1&fmt=3&is_vtc=1&random=4266788462&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jul 2021 13:06:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
437 B 700ms
399ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:06:16 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=mwwcZ4lMpxqy614OuCF6Br1h5SewSGpg1IV0MBmO9XqXBoSN9f3Z%2FevMEkYl2A1PL2wbUGwGkRxSN5dppbjXiHdRUfTvTw8knvni4rlOE%2BQyZdrdQC9iNbdYLZ6yn8pOVRv84K4fprjScbE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0cf431fe305dc-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/814034752/ 42 B
64 B 21ms
21ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/814034752/?random=1625490375838&cv=9&fst=1625490000000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6u0&sendb=1&frm=0&url=https%3A%2F%2Fwww.guardicore.com%2Flabs%2Fsmb-worm-indexsinas%2F&ref=https%3A%2F%2Ft.co%2F&tiba=SMB%20Worm%20%E2%80%9CIndexsinas%E2%80%9D%20Uses%20Lateral%20Movement%20to%20Infect%20Whole%20Networks%20-%20Guardicore&async=1&fmt=3&is_vtc=1&random=4266788462&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jul 2021 13:06:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
434 B 443ms
143ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-956284.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:06:16 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=3VI1P5i1Ij66k7srdkHpmlABPxfZBvC3gVqePY8eGGwJf0zUBQNFYd80nbVXvsZ2wJMvFxnXFTisX0KxK6XX1RH1U41FSkqWgQHhIbVwk3LNJLKL5fO13tls9UosFsiwO3RufVGrXG4TCVw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0cf431fe405dc-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H2 200 modules.6707e94afd136d068134.js Show response
script.hotjar.com/ 219 KB
58 KB 106ms
39ms Script
application/javascript 13.224.193.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.6707e94afd136d068134.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-956284.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-121.fra2.r.cloudfront.net

Software

Resource Hash

147bbc69ada02cdca64ad72a0159564a5a2643efa09602f7f014459175d6823e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 12:26:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2410
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 59137
access-control-allow-origin: *
last-modified: Mon, 05 Jul 2021 12:25:45 GMT
etag: "bbcd672a21d2eac288769d4e100c556a"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: dRgvhG5cqRi8PDu7pREXoIgXu8Dk52TR_TgpW93rUO6H-LJIoA9lig==

GET
H2 200 box-25a418976ea02a6f393fbbe77cec94bb.html Show response
vars.hotjar.com/ Frame EB82 2 KB
1 KB 104ms
33ms Document
text/html 13.224.193.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-956284.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-12.fra2.r.cloudfront.net
Software: /
Resource Hash: 7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-25a418976ea02a6f393fbbe77cec94bb.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.guardicore.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.guardicore.com/

Response headers

content-type: text/html
content-length: 1044
date: Sun, 04 Jul 2021 20:03:42 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "76922233be8bdb14c053af468d29404a"
last-modified: Mon, 28 Jun 2021 11:17:19 GMT
x-amz-server-side-encryption: AES256
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 5ssPRy7oZhJuGbti4GmSq9RqHNzf7KI5t1dDUR2mx_OSwoKe0alsew==
age: 61353

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
438 B 806ms
506ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:06:16 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=QSgExRt6ecOOj8SSwesx1qGx72g3KF%2BXNBwkDl9ts3Sg270PC2AwZM04nk17Mx0wAJAUCuHW7v2F6leure2eCEBJ82ZO7H7HxsvwPRqP%2FsHNvEHk0TieSHttQ1dYh1it%2F4tOCK%2B3e4Cn%2BEE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0cf4378ca05dc-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H2 200 fonts_42240151fc53b9614c20ac9df402a866.css
whimsical.com/s/css/ Frame DF40 2 KB
1 KB 30ms
29ms Stylesheet
text/css 13.224.221.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://whimsical.com/s/css/fonts_42240151fc53b9614c20ac9df402a866.css
Requested by: Host: whimsical.com
URL: https://whimsical.com/embed/JB41vmcC4ixUuR5dsrXKpe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.221.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-221-128.lhr61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 916ab7aaacbc74895f204db9d9566e94a3cae718e01df6c3d8cc1e4c7e41426d

Request headers

Referer: https://whimsical.com/embed/JB41vmcC4ixUuR5dsrXKpe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 04 Jul 2021 21:32:50 GMT
content-encoding: gzip
age: 56006
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 604800
access-control-allow-origin: *
last-modified: Fri, 02 Jul 2021 06:49:48 GMT
server: AmazonS3
etag: W/"42240151fc53b9614c20ac9df402a866"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-version-id: vrJDwL8Xy6psHpLPMEsgyG0SFoDsGNlw
via: 1.1 2063ee702f4d3bcc9a2d5c54fdebd6e6.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: LHR61-C2
content-type: text/css
x-amz-cf-id: rqktOULtC5wehw2LN1KpfrLGTjw5UVXigEKivasqWFhwHTwu0kn-AA==

GET
H2 200 app_04d6ee80ec7ebdc8f7e2a0f54f22db71.css
whimsical.com/s/css/ Frame DF40 11 KB
3 KB 30ms
29ms Stylesheet
text/css 13.224.221.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://whimsical.com/s/css/app_04d6ee80ec7ebdc8f7e2a0f54f22db71.css
Requested by: Host: whimsical.com
URL: https://whimsical.com/embed/JB41vmcC4ixUuR5dsrXKpe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.221.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-221-128.lhr61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fdab6db4a2db88cc9799961049391621ff500a38e34763b8f7369062b5e48cbf

Request headers

Referer: https://whimsical.com/embed/JB41vmcC4ixUuR5dsrXKpe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: YZg2RLbGWOAHvYBUKYRFPD08rYcSnYga
content-encoding: gzip
etag: W/"04d6ee80ec7ebdc8f7e2a0f54f22db71"
age: 65305
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Fri, 02 Jul 2021 06:49:48 GMT
server: AmazonS3
date: Sun, 04 Jul 2021 18:57:51 GMT
access-control-max-age: 604800
access-control-allow-methods: GET
content-type: text/css
via: 1.1 2063ee702f4d3bcc9a2d5c54fdebd6e6.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: LHR61-C2
x-amz-cf-id: WfglmEU9O9wNdAFDbNOfnS6l94obmgrpnIoFTEPUvPJnLZma9ip3Hg==

GET
H2 200 shared_e3b634035309281f753f699e0720c655.js Show response
whimsical.com/s/app/ Frame DF40 239 KB
46 KB 30ms
29ms Script
application/javascript 13.224.221.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://whimsical.com/s/app/shared_e3b634035309281f753f699e0720c655.js
Requested by: Host: whimsical.com
URL: https://whimsical.com/embed/JB41vmcC4ixUuR5dsrXKpe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.221.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-221-128.lhr61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ab93e62292fdfe62091f56da4dc29d0be525f23d098219d92d164bcd41b426ac

Request headers

Referer: https://whimsical.com/embed/JB41vmcC4ixUuR5dsrXKpe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 05:03:16 GMT
content-encoding: gzip
age: 28980
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 604800
access-control-allow-origin: *
last-modified: Mon, 05 Jul 2021 04:36:33 GMT
server: AmazonS3
etag: W/"e3b634035309281f753f699e0720c655"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-version-id: v6W5x7ztrSkcjL5kjvdoAZADdFsS4IgE
via: 1.1 2063ee702f4d3bcc9a2d5c54fdebd6e6.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: LHR61-C2
content-type: application/javascript
x-amz-cf-id: TJqnRLIYdIL9PisK8NfUUZN8zi6Iz9wn_p4d830qccxsBe3TLSVd9g==

GET
H2 200 main_cb23d744d201f95cb03966eac47f4bdb.js Show response
whimsical.com/s/app/ Frame DF40 6 MB
2 MB 30ms
30ms Script
application/javascript 13.224.221.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://whimsical.com/s/app/main_cb23d744d201f95cb03966eac47f4bdb.js
Requested by: Host: whimsical.com
URL: https://whimsical.com/embed/JB41vmcC4ixUuR5dsrXKpe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.221.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-221-128.lhr61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fb2f94d7ac787b539fe4f82203f813ff614d7434cca5c2ccb5fa12ae01aa1174

Request headers

Referer: https://whimsical.com/embed/JB41vmcC4ixUuR5dsrXKpe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 05:03:16 GMT
content-encoding: gzip
age: 28980
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 604800
access-control-allow-origin: *
last-modified: Mon, 05 Jul 2021 04:36:31 GMT
server: AmazonS3
etag: W/"cb23d744d201f95cb03966eac47f4bdb"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-version-id: 9jTfsJWcC_nwIMWCc.6L2nZU_8Motrs9
via: 1.1 2063ee702f4d3bcc9a2d5c54fdebd6e6.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: LHR61-C2
content-type: application/javascript
x-amz-cf-id: S-eeRv0PBBv2tdcP-1PeE7Mxpkypcog4kLi0zs4y1Zq7EoQHHCJ7YQ==

GET
H2 200 rollbar.min.js Show response
cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/ Frame DF40 69 KB
19 KB 28ms
28ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js

Requested by

Host: whimsical.com
URL: https://whimsical.com/embed/JB41vmcC4ixUuR5dsrXKpe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b140f87ff144db782e0cddbdd64decbaa35b5c7c890f1e45b05fe2d8478b42e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://whimsical.com
Referer: https://whimsical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1524658
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 18862
cf-request-id: 0abd7f6d4d0000c2c719908000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fc1-112f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=bpZx5hnX8cWGYFN91WoPeywvzdfnTi%2BP0dyIWBt56OhkIgmRhI8RGhZourbTClMQpn2UnoNE5bz7dNWY9v0argJfUTQ7WvPMMgQ1xh8qWlPxAyRdQNZGJ8WgXQHq0h6rgnmh7VPDqcovOLNTvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 66a0cf420ae34aaf-FRA
expires: Sat, 25 Jun 2022 13:06:16 GMT

GET
H2 200 mtiFontTrackingCode.js Show response
whimsical.com/fonts/ Frame DF40 650 B
1 KB 98ms
98ms Script
application/javascript 13.224.221.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://whimsical.com/fonts/mtiFontTrackingCode.js
Requested by: Host: whimsical.com
URL: https://whimsical.com/embed/JB41vmcC4ixUuR5dsrXKpe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.221.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-221-128.lhr61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5c3c9df8b8f0a80f863c53dec5cbca7dedbdcc7697c6c6359520950774653960

Request headers

Referer: https://whimsical.com/embed/JB41vmcC4ixUuR5dsrXKpe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 04 Jul 2021 21:06:22 GMT
via: 1.1 2063ee702f4d3bcc9a2d5c54fdebd6e6.cloudfront.net (CloudFront)
age: 57595
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 650
last-modified: Fri, 02 Jul 2021 06:49:44 GMT
server: AmazonS3
etag: "32dd789522cc6923c80141fcf5d3a614"
access-control-max-age: 604800
access-control-allow-methods: GET
x-amz-version-id: XQUQKFTtWWII7qHAS9rDijPfk2Juq6Vx
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: LHR61-C2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: 1AylupLaARY05UM70fPtxx_PkQvgO4ucAyepI15jwtiIwJrIOpyTmg==

GET
H2 200 1.css
fast.fonts.net/t/ Frame DF40 0
408 B 119ms
100ms Stylesheet
text/css 2606:4700::6811:e14e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.fonts.net/t/1.css?apiType=css&projectid=7723b9c5-0291-47fe-9ba4-95bad24e01b3
Requested by: Host: t.co
URL: https://t.co/oHdkaebuMi
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:e14e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://whimsical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:16 GMT
cf-cache-status: HIT
age: 169353
cf-ray: 66a0cf42c8174e1f-FRA
content-length: 0
x-amz-id-2: IP15hFP3nTtX0y23aXg6uIKxMvIWP1YCNo5oKk3WvRAGgAvkZKibDBsM2c+WJk2LX6KfO1fu2ZU=
last-modified: Tue, 23 Mar 2021 12:59:23 GMT
server: cloudflare
etag: "d41d8cd98f00b204e9800998ecf8427e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 8YX3PTQ1ZEANNXM1
cache-control: public, max-age=0, s-maxage=604800
accept-ranges: bytes
content-type: text/css; charset=utf-8
x-amz-meta-mtime: 1519217722

GET
H/1.1 200
OK form.css
go.guardicore.com/css/ Frame B745 31 KB
8 KB 112ms
111ms Stylesheet
text/css 35.174.78.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go.guardicore.com/css/form.css?ver=2020-10-19
Requested by: Host: go.guardicore.com
URL: https://go.guardicore.com/l/503441/2019-11-13/29ntk8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.174.78.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pi0-lba1-5-ue1.aws.pardot.com
Software: PardotServer /
Resource Hash: 338de273f529e717971d06587c95a880c0c4240b0cd24e79e14ac07a9522cd1d

Request headers

Referer: https://go.guardicore.com/l/503441/2019-11-13/29ntk8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 05 Jul 2021 13:06:16 GMT
Content-Encoding: gzip
X-Pardot-Route: cb482e8713caadba289bc279c1db8a1d
X-Pardot-LB: d3d7f55bb0643f40d338b3c1e133d5c5
Last-Modified: Thu, 01 Jul 2021 05:18:57 GMT
Server: PardotServer
ETag: "7bd2-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: max-age=63072000
Accept-Ranges: bytes
Content-Length: 7657
Expires: Wed, 05 Jul 2023 13:06:16 GMT

GET
H/1.1 200
OK piUtils.js Show response
go.guardicore.com/js/ Frame B745 341 KB
99 KB 232ms
118ms Script
application/javascript 35.174.78.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go.guardicore.com/js/piUtils.js?ver=2020-10-19
Requested by: Host: go.guardicore.com
URL: https://go.guardicore.com/l/503441/2019-11-13/29ntk8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.174.78.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pi0-lba1-5-ue1.aws.pardot.com
Software: PardotServer /
Resource Hash: 744d368a676dabf6be331840fdf74176a9ad7a784bf3920e3f640c9ed89fc43c

Request headers

Referer: https://go.guardicore.com/l/503441/2019-11-13/29ntk8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 05 Jul 2021 13:06:16 GMT
Content-Encoding: gzip
X-Pardot-Route: cb482e8713caadba289bc279c1db8a1d
X-Pardot-LB: d3d7f55bb0643f40d338b3c1e133d5c5
Last-Modified: Thu, 01 Jul 2021 05:18:57 GMT
Server: PardotServer
ETag: "55586-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Cache-Control: max-age=63072000
Transfer-Encoding: chunked
Accept-Ranges: bytes
Expires: Wed, 05 Jul 2023 13:06:16 GMT

GET
H2 200 gaconnector.js Show response
track.gaconnector.com/ Frame B745 8 KB
3 KB 362ms
106ms Script
text/plain 34.197.34.29
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track.gaconnector.com/gaconnector.js
Requested by: Host: go.guardicore.com
URL: https://go.guardicore.com/l/503441/2019-11-13/29ntk8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.197.34.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-34-29.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 056cf1ad4d84c1438bd0efea62a6a10a21acab4f1adae279e87bd401ba83cd99

Request headers

Referer: https://go.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:16 GMT
access-control-request-method: *
server: nginx/1.18.0
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: gzip
access-control-allow-headers: *
content-length: 3080
expires: Mon, 05 Jul 2021 14:06:16 GMT

GET
H3-29 200 gtm.js Show response
www.googletagmanager.com/ Frame B745 219 KB
61 KB 31ms
30ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WDRGX6B

Requested by

Host: go.guardicore.com
URL: https://go.guardicore.com/l/503441/2019-11-13/29ntk8

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c65e5cf46cb54933645c9e74c2b8cddc5591cafa0174a6903d15df2f3d1bd1a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://go.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:16 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61972
x-xss-protection: 0
last-modified: Mon, 05 Jul 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 05 Jul 2021 13:06:16 GMT

GET
H2 200 / Show response
beacon-v2.helpscout.net/ Frame DF40 293 B
621 B 97ms
36ms Script
application/javascript 143.204.98.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon-v2.helpscout.net/
Requested by: Host: whimsical.com
URL: https://whimsical.com/embed/JB41vmcC4ixUuR5dsrXKpe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-74.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a69c0037019e6c8cec8652c2988389ce96a23dc737425822309d7e8eb9a17341

Request headers

Referer: https://whimsical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:05:39 GMT
content-encoding: gzip
last-modified: Tue, 29 Jun 2021 20:26:10 GMT
server: AmazonS3
age: 74
etag: "359d6434e62dc2be7a0d71d24c145b14"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
cache-control: max-age=120, s-maxage=120, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 244
x-amz-cf-id: mQBRd-QKEFv_v0Nl_FEBQCuqV9OcsrcqFBJTaUTJJ0n4xvwlEM54Ag==

GET
H2 200 094b15e3-94bd-435b-a595-d40edfde661a.woff2
whimsical.com/fonts/ Frame DF40 69 KB
69 KB 35ms
34ms Font
font/woff2 13.224.221.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://whimsical.com/fonts/094b15e3-94bd-435b-a595-d40edfde661a.woff2
Requested by: Host: whimsical.com
URL: https://whimsical.com/s/css/fonts_42240151fc53b9614c20ac9df402a866.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.221.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-221-128.lhr61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6f497512d1947b96e7f727d8bc1f357add3d996085532b6b809fd1f46a5926fb

Request headers

Origin: https://whimsical.com
Referer: https://whimsical.com/s/css/fonts_42240151fc53b9614c20ac9df402a866.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 4a1YTXik4knC2kaJQiZ.o5c6N4V79jqC
via: 1.1 2063ee702f4d3bcc9a2d5c54fdebd6e6.cloudfront.net (CloudFront)
etag: "94db95e9999925ba9473c77342875ced"
age: 62269
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 70444
last-modified: Fri, 02 Jul 2021 06:49:44 GMT
server: AmazonS3
date: Sun, 04 Jul 2021 19:48:28 GMT
access-control-max-age: 604800
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: LHR61-C2
accept-ranges: bytes
x-amz-cf-id: a4lmWtsLkfLxHx_3kvKWGl9dfYfCdAAmMad9xrawTnSIudvRwbwApA==

GET
H2 200 46251881-ffe9-4bfb-99c7-d6ce3bebaf3e.woff2
whimsical.com/fonts/ Frame DF40 58 KB
59 KB 35ms
34ms Font
font/woff2 13.224.221.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://whimsical.com/fonts/46251881-ffe9-4bfb-99c7-d6ce3bebaf3e.woff2
Requested by: Host: whimsical.com
URL: https://whimsical.com/s/css/fonts_42240151fc53b9614c20ac9df402a866.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.221.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-221-128.lhr61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cb141079dc8a7d193c67b7cbc71e283ecded63f65db850b61f8652341a92c77e

Request headers

Origin: https://whimsical.com
Referer: https://whimsical.com/s/css/fonts_42240151fc53b9614c20ac9df402a866.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: rWCD9TzxTKPRuyuZMn85NMdoH.lM3_AR
via: 1.1 2063ee702f4d3bcc9a2d5c54fdebd6e6.cloudfront.net (CloudFront)
etag: "78c41677940560c5b54869ecfe829ad7"
age: 80886
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 59612
last-modified: Fri, 02 Jul 2021 06:49:44 GMT
server: AmazonS3
date: Sun, 04 Jul 2021 14:38:11 GMT
access-control-max-age: 604800
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: LHR61-C2
accept-ranges: bytes
x-amz-cf-id: b3V0DoXi9czn5HsOaxAqpI60iPw5rpS5CSV--DlqQVqCctIRztCzPg==

GET
H2 200 7b29ae40-30ff-4f99-a2b9-cde88669fa2f.woff2
whimsical.com/fonts/ Frame DF40 68 KB
69 KB 35ms
34ms Font
font/woff2 13.224.221.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://whimsical.com/fonts/7b29ae40-30ff-4f99-a2b9-cde88669fa2f.woff2
Requested by: Host: whimsical.com
URL: https://whimsical.com/s/css/fonts_42240151fc53b9614c20ac9df402a866.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.221.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-221-128.lhr61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 37533822750ebd172bd73e5d8df4e9bd685d75b770d0af06f03e1bbbe9b3ae5c

Request headers

Origin: https://whimsical.com
Referer: https://whimsical.com/s/css/fonts_42240151fc53b9614c20ac9df402a866.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: FmZiBTVxB5mtRJM6CeuQt4cdLUWpCyGY
via: 1.1 2063ee702f4d3bcc9a2d5c54fdebd6e6.cloudfront.net (CloudFront)
etag: "b4065770cb88ed7159c8192fb1efdc94"
age: 67346
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 70064
last-modified: Fri, 02 Jul 2021 06:49:44 GMT
server: AmazonS3
date: Sun, 04 Jul 2021 18:23:51 GMT
access-control-max-age: 604800
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: LHR61-C2
accept-ranges: bytes
x-amz-cf-id: 7oMplvV7xjXVenhz72qN0RbuTVspUZba5IFTB250l-cZcjxBXNte8Q==

GET
H2 200 c7717981-647d-4b76-8817-33062e42d11f.woff2
whimsical.com/fonts/ Frame DF40 31 KB
31 KB 37ms
36ms Font
font/woff2 13.224.221.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://whimsical.com/fonts/c7717981-647d-4b76-8817-33062e42d11f.woff2
Requested by: Host: whimsical.com
URL: https://whimsical.com/s/css/fonts_42240151fc53b9614c20ac9df402a866.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.221.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-221-128.lhr61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d5c3c62c85d8821b972073ed49d7ede0cfac1a7d45d10781c23dae935ae69f49

Request headers

Origin: https://whimsical.com
Referer: https://whimsical.com/s/css/fonts_42240151fc53b9614c20ac9df402a866.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 8X9SpkIHUjgl7DDNq6d8G9T33zv9MZdH
via: 1.1 2063ee702f4d3bcc9a2d5c54fdebd6e6.cloudfront.net (CloudFront)
etag: "016291d031ed34462ba50ac8e19fd759"
age: 65294
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 31652
last-modified: Fri, 02 Jul 2021 06:49:44 GMT
server: AmazonS3
date: Sun, 04 Jul 2021 18:58:03 GMT
access-control-max-age: 604800
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: LHR61-C2
accept-ranges: bytes
x-amz-cf-id: mC9tzA8M31DTxrXrQqdZZFsG3oP0Vr2MoZqvS9ZIZcMCCPcOSjo-9w==

GET
H2 200 31704504-4671-47a6-a61e-397f07410d91.woff2
whimsical.com/fonts/ Frame DF40 58 KB
59 KB 35ms
34ms Font
font/woff2 13.224.221.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://whimsical.com/fonts/31704504-4671-47a6-a61e-397f07410d91.woff2
Requested by: Host: whimsical.com
URL: https://whimsical.com/s/css/fonts_42240151fc53b9614c20ac9df402a866.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.221.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-221-128.lhr61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee63601efc0a127a6eadcd9062a0e1622fcb1c705ab8b6499519148f8474fc39

Request headers

Origin: https://whimsical.com
Referer: https://whimsical.com/s/css/fonts_42240151fc53b9614c20ac9df402a866.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: _SosG3PFakplxA5OshBqLm.0HCNIGuaz
via: 1.1 2063ee702f4d3bcc9a2d5c54fdebd6e6.cloudfront.net (CloudFront)
etag: "71d1cd74ac15e3df21589055cfb04989"
age: 80886
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 59636
last-modified: Fri, 02 Jul 2021 06:49:43 GMT
server: AmazonS3
date: Sun, 04 Jul 2021 14:38:11 GMT
access-control-max-age: 604800
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: LHR61-C2
accept-ranges: bytes
x-amz-cf-id: wt3x4yW1yGGITagbhvp2BBsN4ZBpb1YPNS_hzY1Cyf7wuNUM7yenPQ==

GET
H2 200 4132c4c8-680c-4d6d-9251-a2da38503bbd.woff2
whimsical.com/fonts/ Frame DF40 59 KB
60 KB 35ms
34ms Font
font/woff2 13.224.221.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://whimsical.com/fonts/4132c4c8-680c-4d6d-9251-a2da38503bbd.woff2
Requested by: Host: whimsical.com
URL: https://whimsical.com/s/css/fonts_42240151fc53b9614c20ac9df402a866.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.221.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-221-128.lhr61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0be0dff23b790d714b6b7cc266fb5130a6260930ce52cfbc3e5b8f1c6cb45a5a

Request headers

Origin: https://whimsical.com
Referer: https://whimsical.com/s/css/fonts_42240151fc53b9614c20ac9df402a866.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 4LJO0vB1v4x50wQ77rRydRgAdEdR8qRH
via: 1.1 2063ee702f4d3bcc9a2d5c54fdebd6e6.cloudfront.net (CloudFront)
etag: "60ea8a138399e0f18bf9833c8ec5daaa"
age: 65294
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 60716
last-modified: Fri, 02 Jul 2021 06:49:44 GMT
server: AmazonS3
date: Sun, 04 Jul 2021 18:58:03 GMT
access-control-max-age: 604800
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: LHR61-C2
accept-ranges: bytes
x-amz-cf-id: rgELudMsjDsjuyHjD-YxFC71KE7sX2l1vkWtAdO89M2oGNxiRMfXWQ==

GET
H2 200 PFDINMonoPro-Regular.woff
whimsical.com/fonts/ Frame DF40 48 KB
49 KB 36ms
35ms Font
font/woff 13.224.221.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://whimsical.com/fonts/PFDINMonoPro-Regular.woff
Requested by: Host: whimsical.com
URL: https://whimsical.com/s/css/fonts_42240151fc53b9614c20ac9df402a866.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.221.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-221-128.lhr61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4309fe7b036687b04b69f76218298f708159f674dad07c0581099035f5ca8050

Request headers

Origin: https://whimsical.com
Referer: https://whimsical.com/s/css/fonts_42240151fc53b9614c20ac9df402a866.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: XuBFzYvPlykGzHR3ArK6Mvm_ZRLtrjlm
via: 1.1 2063ee702f4d3bcc9a2d5c54fdebd6e6.cloudfront.net (CloudFront)
etag: "0cbfde128d47301077b804f8dece57fc"
age: 65294
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 49212
last-modified: Fri, 02 Jul 2021 06:49:44 GMT
server: AmazonS3
date: Sun, 04 Jul 2021 18:58:03 GMT
access-control-max-age: 604800
access-control-allow-methods: GET
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: LHR61-C2
accept-ranges: bytes
x-amz-cf-id: DfhtB4BpoAhTIZJZydto758b2OSmJHZpGTsLlQQQxZuwdpJ1zZzrJw==

GET
H2 200 PFDINMonoPro-Italic.woff
whimsical.com/fonts/ Frame DF40 54 KB
54 KB 35ms
34ms Font
font/woff 13.224.221.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://whimsical.com/fonts/PFDINMonoPro-Italic.woff
Requested by: Host: whimsical.com
URL: https://whimsical.com/s/css/fonts_42240151fc53b9614c20ac9df402a866.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.221.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-221-128.lhr61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dc0b32d7b2d078ebd0390050a25e4a9bcf32f1af1f2f6fa1555170c28d07fb84

Request headers

Origin: https://whimsical.com
Referer: https://whimsical.com/s/css/fonts_42240151fc53b9614c20ac9df402a866.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Z2HIH6NY8Kkfun_FojqgiEJqldehpf3d
via: 1.1 2063ee702f4d3bcc9a2d5c54fdebd6e6.cloudfront.net (CloudFront)
etag: "5f7c1c4b1d13ddafbaaf93b62fce6a50"
age: 65294
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 54868
last-modified: Fri, 02 Jul 2021 06:49:44 GMT
server: AmazonS3
date: Sun, 04 Jul 2021 18:58:03 GMT
access-control-max-age: 604800
access-control-allow-methods: GET
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: LHR61-C2
accept-ranges: bytes
x-amz-cf-id: _f6CpeyiPDtAOESBOgGdAkvSZnJ4RCJfvTjL_qUZ5dhq4CB95y-vqQ==

GET
H2 200 PFDINMonoPro-Bold.woff
whimsical.com/fonts/ Frame DF40 48 KB
49 KB 36ms
36ms Font
font/woff 13.224.221.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://whimsical.com/fonts/PFDINMonoPro-Bold.woff
Requested by: Host: whimsical.com
URL: https://whimsical.com/s/css/fonts_42240151fc53b9614c20ac9df402a866.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.221.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-221-128.lhr61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c9583ce91f61e5d79c64e30b548bf546eb76a2b9f04a4f21831d8033dc275acc

Request headers

Origin: https://whimsical.com
Referer: https://whimsical.com/s/css/fonts_42240151fc53b9614c20ac9df402a866.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: hAa0oQfwJnT5N6PTtLq3HdOVkb_jZgvm
via: 1.1 2063ee702f4d3bcc9a2d5c54fdebd6e6.cloudfront.net (CloudFront)
etag: "9674197973ef6c189b598eaa9b47a407"
age: 65294
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 49316
last-modified: Fri, 02 Jul 2021 06:49:44 GMT
server: AmazonS3
date: Sun, 04 Jul 2021 18:58:03 GMT
access-control-max-age: 604800
access-control-allow-methods: GET
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: LHR61-C2
accept-ranges: bytes
x-amz-cf-id: eNou1_IWwBjU_5PDlfQnerRJOLVC7yfaozlZXq3GAUlNQeAQOg1QRg==

GET
H2 200 PFDINMonoPro-BoldItalic.woff
whimsical.com/fonts/ Frame DF40 54 KB
54 KB 37ms
36ms Font
font/woff 13.224.221.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://whimsical.com/fonts/PFDINMonoPro-BoldItalic.woff
Requested by: Host: whimsical.com
URL: https://whimsical.com/s/css/fonts_42240151fc53b9614c20ac9df402a866.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.221.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-221-128.lhr61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: baa8cb02e0fce843c48ebfb75a646e4f84364e54a62fc308f1d112d98896e32b

Request headers

Origin: https://whimsical.com
Referer: https://whimsical.com/s/css/fonts_42240151fc53b9614c20ac9df402a866.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 1p.GveDUs2O_eKXeNK8icYD6Puo_5KId
via: 1.1 2063ee702f4d3bcc9a2d5c54fdebd6e6.cloudfront.net (CloudFront)
etag: "0e8dd5af3698c424e6cb9eb34ea7c091"
age: 80886
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 55264
last-modified: Fri, 02 Jul 2021 06:49:44 GMT
server: AmazonS3
date: Sun, 04 Jul 2021 14:38:11 GMT
access-control-max-age: 604800
access-control-allow-methods: GET
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: LHR61-C2
accept-ranges: bytes
x-amz-cf-id: yhLIIZXl2e6cX6_MV3Jq8O1L9tcTPHxby4eURWA-gYoGLpFKXucnCg==

GET
H2 200 open-in-whimsical@2x_688af10572d02d60782fc501718f1d22.png
whimsical.com/s/images/ Frame DF40 6 KB
6 KB 26ms
25ms Image
image/png 13.224.221.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://whimsical.com/s/images/open-in-whimsical@2x_688af10572d02d60782fc501718f1d22.png
Requested by: Host: whimsical.com
URL: https://whimsical.com/embed/JB41vmcC4ixUuR5dsrXKpe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.221.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-221-128.lhr61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 92c8a3c1c84ff1c97503a7a63b3ff3a6d44af33b9d55f8cd278ee3dfe40e0565

Request headers

Referer: https://whimsical.com/embed/JB41vmcC4ixUuR5dsrXKpe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 04 Jul 2021 19:14:07 GMT
via: 1.1 2063ee702f4d3bcc9a2d5c54fdebd6e6.cloudfront.net (CloudFront)
age: 64330
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 5728
last-modified: Fri, 02 Jul 2021 06:49:54 GMT
server: AmazonS3
etag: "688af10572d02d60782fc501718f1d22"
access-control-max-age: 604800
access-control-allow-methods: GET
x-amz-version-id: 5t_k6k5lQpsgE_IOcXMC3ythPU.I.T2B
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: LHR61-C2
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: -5KnobCOSvD-yV7ouoZwdFyNQ9SO0B7li3Jlr-ChR2AN5aCcyp7SoA==

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
464 B 412ms
112ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:06:17 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=hGtUXpOMDflvRG%2BVdE51IazonYsXm3h3rugoBhFwOO%2BR%2FsdQt5DYToJ43ewZC6x6RUTN7lUsj6iM%2BQRR%2Fh6l4KIrhFnBJIz33l7VxV6Pi%2BCERmskMmZe8uXBYQmvUVatokVNrcorP89pAZc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0cf47cd5605dc-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 12ms
7ms Ping
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryFahmYjfAPdgNbg5p

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Mon, 05 Jul 2021 13:06:16 GMT
content-type: text/plain
access-control-allow-origin: https://www.guardicore.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

POST
H2 200 account.get-visitor-token Show response
whimsical.com/api/ Frame DF40 109 B
724 B 123ms
123ms XHR
application/edn 13.224.221.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://whimsical.com/api/account.get-visitor-token
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.221.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-221-128.lhr61.r.cloudfront.net
Software: /
Resource Hash: 8c68252e210addba0a4fef3c9f80d6ea940d255d57e519a0c6796051d4753903

Request headers

Accept: application/edn
Referer: https://whimsical.com/embed/JB41vmcC4ixUuR5dsrXKpe
X: -147885824
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/edn

Response headers

pragma: no-cache
date: Mon, 05 Jul 2021 13:06:16 GMT
via: 1.1 2063ee702f4d3bcc9a2d5c54fdebd6e6.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
x-cache: Miss from cloudfront
content-type: application/edn
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-length: 109
x-amz-cf-id: FlZRh-SbK2wDCvJ5QU36dkGPkdPDXaIHp2kgU5EnC7rwKn2iL5ocog==
expires: 0

GET
H/1.1 200
OK pd.js Show response
pi.pardot.com/ Frame B745 5 KB
2 KB 423ms
107ms Script
application/javascript 35.174.78.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/pd.js
Requested by: Host: go.guardicore.com
URL: https://go.guardicore.com/l/503441/2019-11-13/29ntk8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.174.78.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pi0-lba1-5-ue1.aws.pardot.com
Software: PardotServer /
Resource Hash: b7939e67e521a72f9344e54fe85a3edff247ac537235f178a522ae836dbf6820

Request headers

Referer: https://go.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 05 Jul 2021 13:06:17 GMT
Content-Encoding: gzip
X-Pardot-Route: 4587f66dff94d6e76a668284fbf3dba1
X-Pardot-LB: d3d7f55bb0643f40d338b3c1e133d5c5
Last-Modified: Thu, 01 Jul 2021 05:18:58 GMT
Server: PardotServer
ETag: "14be-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Cache-Control: max-age=63072000
Accept-Ranges: bytes
Content-Length: 1923
Expires: Wed, 05 Jul 2023 13:06:17 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ Frame B745 5 KB
2 KB 12ms
11ms Script
application/x-javascript 2a02:26f0:6c00:28c::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDRGX6B
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28c::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 6e6e6a03e72a528c28884b50bf296425667f38dd0aaf1dd17ce89199ffc85271

Request headers

Referer: https://go.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 05 Jul 2021 13:06:16 GMT
Content-Encoding: gzip
Last-Modified: Tue, 15 Jun 2021 01:25:13 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=34923
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2079

GET
H3-29 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame B745 36 KB
14 KB 75ms
39ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDRGX6B

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

92bd24374fb205c765a133d522acb2772693d2ccd486b7855e2447918de296a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14011
x-xss-protection: 0
server: cafe
etag: 1690124483490796579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 05 Jul 2021 13:06:16 GMT

GET
H2 200 hotjar-956284.js Show response
static.hotjar.com/c/ Frame B745 4 KB
2 KB 34ms
34ms Script
application/javascript 13.225.87.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-956284.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDRGX6B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.87.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-87-76.fra2.r.cloudfront.net

Software

Resource Hash

08314d800c2117a8da2191541640b44c310ad2e80c6c0c909952507e57d35058

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:15 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
age: 1
etag: W/62942a71ca62539e640dd10e59c2f781
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
x-amz-cf-pop: FRA2-C2
content-length: 1879
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62f.cloudfront.net (CloudFront)
x-amz-cf-id: W4v1nO5leILHJzrNfi51IhZUDsRS9wABNw2x7Fkg-1LdsiUCWLVYgQ==

GET
H2 200 bat.js Show response
bat.bing.com/ Frame B745 30 KB
9 KB 29ms
29ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDRGX6B
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 73e2e5173ed0d5a77b02914fa0ef1f67bb53143da75f0348f558f95565220ca1

Request headers

Referer: https://go.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:16 GMT
content-encoding: gzip
last-modified: Fri, 28 May 2021 20:25:24 GMT
x-msedge-ref: Ref A: 79972F62CF3D4C118DB361608E7A3890 Ref B: FRAEDGE1310 Ref C: 2021-07-05T13:06:16Z
etag: "0d2a696ff53d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 9008

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ Frame B745 5 KB
2 KB 26ms
26ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDRGX6B
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ce8edccdc98a1f67c6d81ce452ac32192a9fc0c7a2828ea2dc6747c291cb5919

Request headers

Referer: https://go.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:16 GMT
via: 1.1 varnish
last-modified: Fri, 02 Jul 2021 22:49:15 GMT
age: 47190
etag: "cf581d46c3059bf617cb7f732c21a59e+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1958
x-timer: S1625490377.718907,VS0,VE0
x-served-by: cache-fra19176-FRA

GET
H3-29 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame B745 95 KB
24 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: t.co
URL: https://t.co/oHdkaebuMi

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f2a2056b7a1c989899886a9b194e93912b7d11767239e956de73d5c2ea237b32

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://go.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 24676
x-xss-protection: 0
pragma: public
x-fb-debug: PblFIwBXpwEeiu832hI3tvGYhYCBsa5Ix52ym2Mh6MBO1lnkaybn7Ju9WKXprHhJAt9nKxXtiKHLmwRbjyI7GQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 05 Jul 2021 13:06:16 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 vendor.899a59ba.js Show response
beacon-v2.helpscout.net/static/js/ Frame DF40 814 KB
199 KB 32ms
32ms Script
application/javascript 143.204.98.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon-v2.helpscout.net/static/js/vendor.899a59ba.js
Requested by: Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-74.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ba4dd4b5f97a58ad068d743dfdf7865ba3d7e4bff24379ca93ca634008c90a3e

Request headers

Referer: https://whimsical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 12:03:52 GMT
content-encoding: gzip
last-modified: Tue, 29 Jun 2021 20:26:10 GMT
server: AmazonS3
age: 3745
etag: "2222e44c8134901ae72782e44a0b603e"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
cache-control: max-age=315360000, s-maxage=7200, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 203388
x-amz-cf-id: N6amId8D6AomSl65Kx5VEXGbQz52nX5VAO6J5ymlLF1OKxhgwr722Q==

GET
H2 200 main.b314c378.js Show response
beacon-v2.helpscout.net/static/js/ Frame DF40 254 KB
64 KB 32ms
32ms Script
application/javascript 143.204.98.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon-v2.helpscout.net/static/js/main.b314c378.js
Requested by: Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-74.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0621ccf15f4c0c81dfc958917e75a6ab9a6fbcdeef4d4cf2b034c4132d1ac929

Request headers

Referer: https://whimsical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 11:07:55 GMT
content-encoding: gzip
last-modified: Tue, 29 Jun 2021 20:26:10 GMT
server: AmazonS3
age: 7101
etag: "7d2f1fc4ea6e714e76ff2ad57e4e302f"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
cache-control: max-age=315360000, s-maxage=7200, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 64821
x-amz-cf-id: 4qUdmkmwDuHCzbiGEOFOwyRIqAK_tsWl01MOzdCJ9G8w0CU9Bn_FnQ==

GET
H2

200

collect
px4.ads.linkedin.com/ Frame B745
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=265698&time=1625490376718&url=https%3A%2F%2Fwww.guardicore.com%2F
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=265698&time=1625490376718&url=https%3A%2F%2Fwww.guardicore.com%2F&e_ipv6=AQLVqDF-UxcsGQAAAXp2xshh-XrKvGHzYqaZmpwDj37OZzF2oxtHtmz1jJJgaBdCFed53flA

0
39 B

226ms
147ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=265698&time=1625490376718&url=https%3A%2F%2Fwww.guardicore.com%2F&e_ipv6=AQLVqDF-UxcsGQAAAXp2xshh-XrKvGHzYqaZmpwDj37OZzF2oxtHtmz1jJJgaBdCFed53flA
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:17 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-proto: http/2
x-li-pop: prod-edc2
content-type: application/javascript
content-length: 0
x-li-uuid: m1TFuuLmjhagUy/3OSsAAA==

Redirect headers

date: Mon, 05 Jul 2021 13:06:16 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=265698&time=1625490376718&url=https%3A%2F%2Fwww.guardicore.com%2F&e_ipv6=AQLVqDF-UxcsGQAAAXp2xshh-XrKvGHzYqaZmpwDj37OZzF2oxtHtmz1jJJgaBdCFed53flA
x-li-proto: http/2
x-li-pop: prod-eda6
content-length: 0
x-li-uuid: xf1CruLmjhZQ45GpxCoAAA==

GET
H3-29 200 260002655494040 Show response
connect.facebook.net/signals/config/ Frame B745 260 KB
74 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/260002655494040?v=2.9.43&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c87e155f6dd4a48a9c96082e28afe41af493426dcfa72f2bb64a9d48d750e5e5

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://go.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 75545
x-xss-protection: 0
pragma: public
x-fb-debug: dIc3dmqUW4QHjCm9rgJS/2oLyIbD8HkWAptZ9emQ83Tw2ykk4uQzZy0dh3fhJI2I2XSXE+Hb1UXqWR9q4tO8fA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 05 Jul 2021 13:06:16 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 /
www.facebook.com/tr/ Frame B745 44 B
88 B 6ms
6ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=260002655494040&ev=PageView&dl=https%3A%2F%2Fgo.guardicore.com%2Fl%2F503441%2F2019-11-13%2F29ntk8&rl=https%3A%2F%2Fwww.guardicore.com%2F&if=true&ts=1625490376742&sw=1600&sh=1200&v=2.9.43&r=stable&ec=0&o=30&fbp=fb.1.1625490375867.916258105&it=1625490376722&coo=false&rqm=GET

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://go.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Mon, 05 Jul 2021 13:06:16 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ Frame B745 31 B
658 B 189ms
134ms Script
application/javascript 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.0&p_id=Twitter&p_user_id=0&txn_id=o0jty&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=1&tw_document_referrer=https%3A%2F%2Fwww.guardicore.com%2F&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fgo.guardicore.com%2Fl%2F503441%2F2019-11-13%2F29ntk8

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://go.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
pragma: no-cache
last-modified: Mon, 05 Jul 2021 13:06:16 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 253dcc7d1a9982a54b66cc934885e196dd9e1b2cffd9709c2b3ef670a5f5d788
x-transaction: 444a0517798ae0aa
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 adsct
t.co/i/ Frame B745 43 B
165 B 134ms
133ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.0&p_id=Twitter&p_user_id=0&txn_id=o0jty&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=1&tw_document_referrer=https%3A%2F%2Fwww.guardicore.com%2F&tw_document_href=https%3A%2F%2Fgo.guardicore.com%2Fl%2F503441%2F2019-11-13%2F29ntk8

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://go.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Mon, 05 Jul 2021 13:06:16 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 31232488651f987e6f886d8737f45fb1f9adf0cd81e81982cfd3d6bdc3587bc8
x-transaction: 7c49c5f338139033
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 204 25022092.js Show response
bat.bing.com/p/action/ Frame B745 0
93 B 197ms
197ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/25022092.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ARR/3.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 05 Jul 2021 13:06:16 GMT
cache-control: private,max-age=86400
x-msedge-ref: Ref A: 57D523C9450A4AADBC92D75B76085BD6 Ref B: FRAEDGE1310 Ref C: 2021-07-05T13:06:16Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ Frame B745 0
94 B 33ms
31ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=25022092&tm=gtm001&Ver=2&mid=8a9d69e5-7d7b-487f-aeaf-bdefb0daf1d3&sid=c7dc8cc0dd9111ebb34bcbabd20718c4&vid=c7dca5e0dd9111ebb1ff2bb196d5ab24&vids=0&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fwww.guardicore.com%2F&r=&lt=1247&evt=pageLoad&ifm=1&msclkid=N&sv=1&rn=971512
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 05 Jul 2021 13:06:16 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 2D38CEF8BF474957B9D988208D17546C Ref B: FRAEDGE1310 Ref C: 2021-07-05T13:06:16Z
x-cache: CONFIG_NOCACHE
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.6707e94afd136d068134.js Show response
script.hotjar.com/ Frame B745 219 KB
58 KB 35ms
34ms Script
application/javascript 13.224.193.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.6707e94afd136d068134.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-956284.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-121.fra2.r.cloudfront.net

Software

Resource Hash

147bbc69ada02cdca64ad72a0159564a5a2643efa09602f7f014459175d6823e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 12:26:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2411
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 59137
access-control-allow-origin: *
last-modified: Mon, 05 Jul 2021 12:25:45 GMT
etag: "bbcd672a21d2eac288769d4e100c556a"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: JOBShjGzRRvO2fvYG5SsNg3DoDoCqb0KKb_cJq8dF5YYqdrpKif1LA==

GET
H3-29 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/814034752/ Frame B745 2 KB
1 KB 64ms
62ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/814034752/?random=1625490376788&cv=9&fst=1625490376788&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6u0&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fgo.guardicore.com%2Fl%2F503441%2F2019-11-13%2F29ntk8&ref=https%3A%2F%2Fwww.guardicore.com%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

384caefe9de16041d4044e515475f99c8b233e9d5fffdc68975e45c9d420691a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jul 2021 13:06:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1015
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-25a418976ea02a6f393fbbe77cec94bb.html Show response
vars.hotjar.com/ Frame AE7F 2 KB
1 KB 34ms
33ms Document
text/html 13.224.193.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-956284.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-12.fra2.r.cloudfront.net
Software: /
Resource Hash: 7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-25a418976ea02a6f393fbbe77cec94bb.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://go.guardicore.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://go.guardicore.com/

Response headers

content-type: text/html
content-length: 1044
date: Sun, 04 Jul 2021 20:03:42 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "76922233be8bdb14c053af468d29404a"
last-modified: Mon, 28 Jun 2021 11:17:19 GMT
x-amz-server-side-encryption: AES256
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: kz7rE5D6ZkZ9Oy9oAv6O2tSQVDn0nfeoh-oKiissxqSpq6VpZgxqlA==
age: 61353

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/814034752/ Frame B745 42 B
64 B 20ms
20ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/814034752/?random=1625490376788&cv=9&fst=1625490000000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6u0&sendb=1&frm=2&url=https%3A%2F%2Fgo.guardicore.com%2Fl%2F503441%2F2019-11-13%2F29ntk8&ref=https%3A%2F%2Fwww.guardicore.com%2F&async=1&fmt=3&is_vtc=1&random=1013012463&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jul 2021 13:06:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/814034752/ Frame B745 42 B
64 B 21ms
21ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/814034752/?random=1625490376788&cv=9&fst=1625490000000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6u0&sendb=1&frm=2&url=https%3A%2F%2Fgo.guardicore.com%2Fl%2F503441%2F2019-11-13%2F29ntk8&ref=https%3A%2F%2Fwww.guardicore.com%2F&async=1&fmt=3&is_vtc=1&random=1013012463&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jul 2021 13:06:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 items.get Show response
whimsical.com/api/ Frame DF40 906 B
1 KB 356ms
355ms XHR
application/transit+json 13.224.221.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://whimsical.com/api/items.get
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.221.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-221-128.lhr61.r.cloudfront.net
Software: /
Resource Hash: 4b44d35a36bd7d65aa676b68fd395ac3270f29037418c6c818ce2eb5dd0ea78d

Request headers

Authorization: Bearer 9FumGVaPQJMfI5csFRiCcfhFpQRzWzSq
Content-Type: application/transit+json
Accept: application/transit+json
Referer: https://whimsical.com/embed/JB41vmcC4ixUuR5dsrXKpe
W-Version: 20
W-App-Version: 9f3de62bfc5381cb74877d47223dce3c60c23455
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
W-Session-Id: 06bf569e-8ee1-4642-8b8d-7e52320c6d2a

Response headers

pragma: no-cache
date: Mon, 05 Jul 2021 13:06:17 GMT
content-encoding: gzip
x-amz-cf-pop: LHR61-C2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/transit+json
via: 1.1 2063ee702f4d3bcc9a2d5c54fdebd6e6.cloudfront.net (CloudFront)
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-amz-cf-id: IaK3Kj1FYgA_NxWmTcUUWZneVDAT-M2_ISKbICYhCR1rgQr5J11AhA==
expires: 0

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
443 B 432ms
131ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:06:17 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2FLQ5XmT55bULI8ZcZ1jyDH62djNUGA0f1TnWgZt6fh56jQ9AdtN9NdSaPjVE5tkgKmjbejZxPuGD%2F%2FlyAeU%2BAU5B%2BJoT725Tl%2FF2lU2u0TPKNOSO5WeBbK29urRC%2BhcJEVi8fcZE3QTCnNQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0cf4acca705dc-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H/1.1 200
OK / Show response
c.6sc.co/ 47 B
374 B 85ms
28ms XHR
text/plain 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-233-140.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a1ff827045c0b7de4a24dff0d36a0ca84024750ea0ae8e8dff84c4de3bc2010d

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 05 Jul 2021 13:06:17 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.guardicore.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 47

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
437 B 414ms
113ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:06:17 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=6GRQ8%2BTlacIIvLWfscXg4nijy6NR1mccJUqasZV8L8tkIGo6FGXEdJfFDjNRD5w3ctFKk6zQVekLq5mX02F4lovuvEnrZvVCp%2F0vsoXkzEmQkL2xope6kHirMsh%2FfUyrympXMe1yvv4jqoE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0cf4accad05dc-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 276ms
219ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=0d8c67340d4aad8b32bfb9bcc7aa4ded&svisitor=null&session=cedfd648-eecf-44ed-83ec-cf37765c46ae&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Mon%2C%2005%20Jul%202021%2013%3A06%3A15%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22Guardicore%20Labs%20reveals%20more%20details%20on%20the%20Indexsinas%20(NSABuffMiner)%20SMB%20worm.%20The%20campaign%20has%20been%20active%20since%20at%20least%202019%20and%20has%20managed%20to%20infect%20servers%20from%20a%20wide%20range%20of%20industries%2C%20including%20healthcare%2C%20hospitality%2C%20telecommunications%20and%20education.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22SMB%20Worm%20%E2%80%9CIndexsinas%E2%80%9D%20Uses%20Lateral%20Movement%20to%20Infect%20Whole%20Networks%20-%20Guardicore%22%7D&cb=&r=https%3A%2F%2Ft.co%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.guardicore.com%2Flabs%2Fsmb-worm-indexsinas%2F&pageViewId=3428e4e0-05c5-4016-8218-f217227e0889

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 05 Jul 2021 13:06:17 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Fri, 21 Feb 2020 18:57:20 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5e502810-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
441 B 409ms
108ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:06:17 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=X1w7hro2wmLcFaThfSYtW%2B9CyNmRSpdhXJ%2BKA8xl5mBfUPfHzINNrX%2FsiQnn33zKjfU%2FEFuYGCiRT%2FQ2CycbFQMeQpNl1Y6LII7YAthXGo4KrYft1qNcQYMWORbkp69WVzr1SFDIzkBCMUA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0cf4accb305dc-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
158 B 134ms
133ms Script
application/javascript 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.0&p_id=Twitter&p_user_id=0&txn_id=o0jty&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.guardicore.com%2Flabs%2Fsmb-worm-indexsinas%2F

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
pragma: no-cache
last-modified: Mon, 05 Jul 2021 13:06:17 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 253dcc7d1a9982a54b66cc934885e196dd9e1b2cffd9709c2b3ef670a5f5d788
x-transaction: eaf988e3923d641b
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.0 200
OK analytics Show response
pi.pardot.com/ Frame B745 3 KB
3 KB 201ms
201ms Script
text/javascript 35.174.78.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://pi.pardot.com/analytics?ver=3&pi_form=true&visitor_id=427868592&visitor_id_sign=3248c4e072e549efbf229f3d9e1f27f6f871780fa245afb0df3ba2bf08225d0d35f96035b9d5080fc6b336a1dd12155d586d4ea5&pi_opt_in=&campaign_id=48793&account_id=504441&title=&url=https%3A%2F%2Fgo.guardicore.com%2Fl%2F503441%2F2019-11-13%2F29ntk8&referrer=https%3A%2F%2Fwww.guardicore.com%2F

Requested by

Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js

Protocol

HTTP/1.0

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.174.78.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

pi0-lba1-5-ue1.aws.pardot.com

Software

PardotServer /

Resource Hash

0437b2c1593ef4b6e97784145e936ddfffeb1a7f0574b5f78e4444d049475620

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://go.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 05 Jul 2021 13:06:17 GMT
Content-Encoding: gzip
X-Pardot-Route: d5a18e4517a9c8ba62b77de366a4cdb5
X-Pardot-LB: d3d7f55bb0643f40d338b3c1e133d5c5
X-Pardot-Rsp: 16/60/116
Vary: Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=31536000; includeSubDomains
P3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Content-Length: 1449
Server: PardotServer
Expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H2 200 items.scroll Show response
whimsical.com/api/ Frame DF40 163 KB
23 KB 424ms
424ms XHR
application/transit+json 13.224.221.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://whimsical.com/api/items.scroll
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.221.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-221-128.lhr61.r.cloudfront.net
Software: /
Resource Hash: 2789f68163f600c0f7e91f859ca0ef98100786ae15e98839448713e3941d0bca

Request headers

Authorization: Bearer 9FumGVaPQJMfI5csFRiCcfhFpQRzWzSq
Content-Type: application/transit+json
Accept: application/transit+json
Referer: https://whimsical.com/embed/JB41vmcC4ixUuR5dsrXKpe
W-Version: 20
W-App-Version: 9f3de62bfc5381cb74877d47223dce3c60c23455
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
W-Session-Id: 06bf569e-8ee1-4642-8b8d-7e52320c6d2a

Response headers

pragma: no-cache
date: Mon, 05 Jul 2021 13:06:17 GMT
content-encoding: gzip
x-amz-cf-pop: LHR61-C2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/transit+json
via: 1.1 2063ee702f4d3bcc9a2d5c54fdebd6e6.cloudfront.net (CloudFront)
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-amz-cf-id: r8KqHUJt_c3yzPKBTYLuz6Wt_jqemJ4NaUKSF3oT25vLN5HB5ubNhA==
expires: 0

GET
H/1.0 200
OK analytics Show response
go.guardicore.com/ Frame B745 50 B
1 KB 189ms
188ms Script
text/javascript 35.174.78.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go.guardicore.com/analytics?conly=true&pi_form=true&visitor_id=427868592&visitor_id_sign=3248c4e072e549efbf229f3d9e1f27f6f871780fa245afb0df3ba2bf08225d0d35f96035b9d5080fc6b336a1dd12155d586d4ea5&pi_opt_in=&campaign_id=48793&account_id=504441&title=&url=https%3A%2F%2Fgo.guardicore.com%2Fl%2F503441%2F2019-11-13%2F29ntk8&referrer=https%3A%2F%2Fwww.guardicore.com%2F
Requested by: Host: pi.pardot.com
URL: https://pi.pardot.com/analytics?ver=3&pi_form=true&visitor_id=427868592&visitor_id_sign=3248c4e072e549efbf229f3d9e1f27f6f871780fa245afb0df3ba2bf08225d0d35f96035b9d5080fc6b336a1dd12155d586d4ea5&pi_opt_in=&campaign_id=48793&account_id=504441&title=&url=https%3A%2F%2Fgo.guardicore.com%2Fl%2F503441%2F2019-11-13%2F29ntk8&referrer=https%3A%2F%2Fwww.guardicore.com%2F
Protocol: HTTP/1.0
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.174.78.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pi0-lba1-5-ue1.aws.pardot.com
Software: PardotServer /
Resource Hash: dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3

Request headers

Referer: https://go.guardicore.com/l/503441/2019-11-13/29ntk8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 05 Jul 2021 13:06:17 GMT
X-Pardot-Route: d5a18e4517a9c8ba62b77de366a4cdb5
X-Pardot-LB: d3d7f55bb0643f40d338b3c1e133d5c5
X-Pardot-Rsp: 16/109/110
Vary: User-Agent
P3p: CP="CAO DSP AND SO ON" policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Content-Length: 50
Server: PardotServer
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 embed_shepherd-v1.js Show response
fast.wistia.com/static/ Frame B745 571 KB
104 KB 27ms
6ms Script
application/javascript 2a04:4e42:3::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/static/embed_shepherd-v1.js

Requested by

Host: pi.pardot.com
URL: https://pi.pardot.com/analytics?ver=3&pi_form=true&visitor_id=427868592&visitor_id_sign=3248c4e072e549efbf229f3d9e1f27f6f871780fa245afb0df3ba2bf08225d0d35f96035b9d5080fc6b336a1dd12155d586d4ea5&pi_opt_in=&campaign_id=48793&account_id=504441&title=&url=https%3A%2F%2Fgo.guardicore.com%2Fl%2F503441%2F2019-11-13%2F29ntk8&referrer=https%3A%2F%2Fwww.guardicore.com%2F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a3f2c1ed3b6c5c8668af3066dc10e5aca023ab0b63c05be2cd42241f18dd9572

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://go.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:17 GMT
content-encoding: br
vary: Accept-Encoding
age: 112
x-cache: HIT, HIT
content-length: 106109
x-served-by: cache-dca17730-DCA, cache-fra19120-FRA
access-control-allow-origin: *
x-browser-version: 89
last-modified: Thu, 01 Jul 2021 15:01:32 GMT
x-timer: S1625490377.354163,VS0,VE0
etag: "60ddd8cc-19e7d"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2, 3

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
436 B 1453ms
1152ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:06:19 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=6tMdCYn8scPtjSGbnm5mG%2FGlfKDl6Tu6s0M%2Fi6hZfVF6gGK95pok6tfflbgv1k2kCBMTjpACKIZ7vbtFui7i5JeIsvOQdK6iNOlhgZK%2BR192c0X3Esv5C7Bal6L5tKrLMLB3fhzeoPV0h%2BQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0cf510ddd05dc-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 222ms
222ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=0d8c67340d4aad8b32bfb9bcc7aa4ded&svisitor=36bb100212570000c703e3600d0200002d8a0200&session=cedfd648-eecf-44ed-83ec-cf37765c46ae&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2005%20Jul%202021%2013%3A06%3A18%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2005%20Jul%202021%2013%3A06%3A15%20GMT%22%2C%22timeSpent%22%3A%222428%22%2C%22totalTimeSpent%22%3A%222428%22%7D&isIframe=false&m=%7B%22description%22%3A%22Guardicore%20Labs%20reveals%20more%20details%20on%20the%20Indexsinas%20(NSABuffMiner)%20SMB%20worm.%20The%20campaign%20has%20been%20active%20since%20at%20least%202019%20and%20has%20managed%20to%20infect%20servers%20from%20a%20wide%20range%20of%20industries%2C%20including%20healthcare%2C%20hospitality%2C%20telecommunications%20and%20education.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22SMB%20Worm%20%E2%80%9CIndexsinas%E2%80%9D%20Uses%20Lateral%20Movement%20to%20Infect%20Whole%20Networks%20-%20Guardicore%22%7D&cb=&r=https%3A%2F%2Ft.co%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.guardicore.com%2Flabs%2Fsmb-worm-indexsinas%2F&pageViewId=3428e4e0-05c5-4016-8218-f217227e0889

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 05 Jul 2021 13:06:18 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Fri, 21 Feb 2020 18:57:20 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5e502810-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H3-29 200 /
www.facebook.com/tr/ Frame B745 44 B
88 B 6ms
6ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=260002655494040&ev=Microdata&dl=https%3A%2F%2Fgo.guardicore.com%2Fl%2F503441%2F2019-11-13%2F29ntk8&rl=https%3A%2F%2Fwww.guardicore.com%2F&if=true&ts=1625490378248&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.43&r=stable&ec=1&o=30&fbp=fb.1.1625490375867.916258105&it=1625490376722&coo=false&es=automatic&tm=3&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://go.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:06:18 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Mon, 05 Jul 2021 13:06:18 GMT

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
458 B 424ms
123ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:06:19 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ihM2sRQ118ICeyf%2FwNiTu9uytXtGetXPoouidn5Ge9tN00f6OrNHM0VtZslOR8dmmxC6A9SvdGB97DZSUrsxA0wCbRSjtWUsrI%2BMt6v9cJj4pgw%2FLzOKmFLV0MtraUyKG7BTiKRV4UUFtMc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0cf574e5905dc-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 209ms
208ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=0d8c67340d4aad8b32bfb9bcc7aa4ded&svisitor=36bb100212570000c703e3600d0200002d8a0200&session=cedfd648-eecf-44ed-83ec-cf37765c46ae&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2005%20Jul%202021%2013%3A06%3A19%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2005%20Jul%202021%2013%3A06%3A18%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%223429%22%7D&isIframe=false&m=%7B%22description%22%3A%22Guardicore%20Labs%20reveals%20more%20details%20on%20the%20Indexsinas%20(NSABuffMiner)%20SMB%20worm.%20The%20campaign%20has%20been%20active%20since%20at%20least%202019%20and%20has%20managed%20to%20infect%20servers%20from%20a%20wide%20range%20of%20industries%2C%20including%20healthcare%2C%20hospitality%2C%20telecommunications%20and%20education.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22SMB%20Worm%20%E2%80%9CIndexsinas%E2%80%9D%20Uses%20Lateral%20Movement%20to%20Infect%20Whole%20Networks%20-%20Guardicore%22%7D&cb=&r=https%3A%2F%2Ft.co%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.guardicore.com%2Flabs%2Fsmb-worm-indexsinas%2F&pageViewId=3428e4e0-05c5-4016-8218-f217227e0889

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 05 Jul 2021 13:06:19 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Mon, 07 Jun 2021 21:53:38 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60be9562-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
810 B 110ms
110ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:06:20 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=HGFnSW0DDuY1M367z3QEsqzQ4W%2BJbxy9o4KKYoiwb4Mla5qcDUbZR0E2MJRa2E1VBIabOQjYbe7Ga9SzQconBJddin1NS4Hv8zYynKKFF30wSlHp0RFBbm%2B2oWY5b1TOUYCHmi4POCh2514%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0cf5ba8f805dc-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 204ms
204ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=0d8c67340d4aad8b32bfb9bcc7aa4ded&svisitor=36bb100212570000c703e3600d0200002d8a0200&session=cedfd648-eecf-44ed-83ec-cf37765c46ae&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2005%20Jul%202021%2013%3A06%3A20%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2005%20Jul%202021%2013%3A06%3A19%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%224430%22%7D&isIframe=false&m=%7B%22description%22%3A%22Guardicore%20Labs%20reveals%20more%20details%20on%20the%20Indexsinas%20(NSABuffMiner)%20SMB%20worm.%20The%20campaign%20has%20been%20active%20since%20at%20least%202019%20and%20has%20managed%20to%20infect%20servers%20from%20a%20wide%20range%20of%20industries%2C%20including%20healthcare%2C%20hospitality%2C%20telecommunications%20and%20education.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22SMB%20Worm%20%E2%80%9CIndexsinas%E2%80%9D%20Uses%20Lateral%20Movement%20to%20Infect%20Whole%20Networks%20-%20Guardicore%22%7D&cb=&r=https%3A%2F%2Ft.co%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.guardicore.com%2Flabs%2Fsmb-worm-indexsinas%2F&pageViewId=3428e4e0-05c5-4016-8218-f217227e0889

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 05 Jul 2021 13:06:20 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Fri, 21 Feb 2020 18:57:20 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5e502810-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
468 B 112ms
112ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:06:21 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=AkZYpFGc3GLBffyCQEue%2BHvm%2BK%2B1y%2BKUE65KDa7YlPfrnASxxbSixZMNS8pIWq4VgpHiJDSfqhmKkzmIELEoS%2FLjykRSIdlwmTvuxFgJokRk97gqHGldt%2B2fChV5UpB%2FocNOXIzfWqXCtFA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0cf61e97005dc-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 200ms
200ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=0d8c67340d4aad8b32bfb9bcc7aa4ded&svisitor=36bb100212570000c703e3600d0200002d8a0200&session=cedfd648-eecf-44ed-83ec-cf37765c46ae&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2005%20Jul%202021%2013%3A06%3A21%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2005%20Jul%202021%2013%3A06%3A20%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%225431%22%7D&isIframe=false&m=%7B%22description%22%3A%22Guardicore%20Labs%20reveals%20more%20details%20on%20the%20Indexsinas%20(NSABuffMiner)%20SMB%20worm.%20The%20campaign%20has%20been%20active%20since%20at%20least%202019%20and%20has%20managed%20to%20infect%20servers%20from%20a%20wide%20range%20of%20industries%2C%20including%20healthcare%2C%20hospitality%2C%20telecommunications%20and%20education.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22SMB%20Worm%20%E2%80%9CIndexsinas%E2%80%9D%20Uses%20Lateral%20Movement%20to%20Infect%20Whole%20Networks%20-%20Guardicore%22%7D&cb=&r=https%3A%2F%2Ft.co%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.guardicore.com%2Flabs%2Fsmb-worm-indexsinas%2F&pageViewId=3428e4e0-05c5-4016-8218-f217227e0889

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 05 Jul 2021 13:06:21 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Fri, 21 Feb 2020 18:57:20 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5e502810-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
466 B 116ms
115ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:06:22 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=UB06I%2FdvRhzcFFZI6OnD96%2BkbgYiqRNXSjJwPVInNUwlHmjxeaADXtL6d6Z88rQP2zW6uJv2V9bp4kWpU8EwNsFhZGXVnOq1aLxxJbA6Th3qefp3eWHfdyv%2Fl1JqELVC6YrltdW%2B6wh%2Bk%2Bs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0cf682acb05dc-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 201ms
200ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=0d8c67340d4aad8b32bfb9bcc7aa4ded&svisitor=null&session=d0ebc837-71c1-48a8-8828-140358d9a79b&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2005%20Jul%202021%2013%3A06%3A22%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2005%20Jul%202021%2013%3A06%3A21%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%226432%22%7D&isIframe=false&m=%7B%22description%22%3A%22Guardicore%20Labs%20reveals%20more%20details%20on%20the%20Indexsinas%20(NSABuffMiner)%20SMB%20worm.%20The%20campaign%20has%20been%20active%20since%20at%20least%202019%20and%20has%20managed%20to%20infect%20servers%20from%20a%20wide%20range%20of%20industries%2C%20including%20healthcare%2C%20hospitality%2C%20telecommunications%20and%20education.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22SMB%20Worm%20%E2%80%9CIndexsinas%E2%80%9D%20Uses%20Lateral%20Movement%20to%20Infect%20Whole%20Networks%20-%20Guardicore%22%7D&cb=&r=https%3A%2F%2Ft.co%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.guardicore.com%2Flabs%2Fsmb-worm-indexsinas%2F&pageViewId=3428e4e0-05c5-4016-8218-f217227e0889

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 05 Jul 2021 13:06:22 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Mon, 07 Jun 2021 21:53:38 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60be9562-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
468 B 409ms
108ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:06:23 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=xasKyTfgzgvv7Z%2BR%2BjGAXw%2BVYhXsRYAoJIBohYtJgpUbeQMn59NHYA1wQF%2FYhopVTlVO%2FAPpY6%2FbxbZDAMxj2VfL8G4dL70C%2FFihnsJlK8OJaHbJHZzWZLOaNigG6oQgJIP%2FJw8AEuaVfso%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0cf704a6705dc-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 199ms
199ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=0d8c67340d4aad8b32bfb9bcc7aa4ded&svisitor=null&session=d0ebc837-71c1-48a8-8828-140358d9a79b&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2005%20Jul%202021%2013%3A06%3A23%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2005%20Jul%202021%2013%3A06%3A22%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%227433%22%7D&isIframe=false&m=%7B%22description%22%3A%22Guardicore%20Labs%20reveals%20more%20details%20on%20the%20Indexsinas%20(NSABuffMiner)%20SMB%20worm.%20The%20campaign%20has%20been%20active%20since%20at%20least%202019%20and%20has%20managed%20to%20infect%20servers%20from%20a%20wide%20range%20of%20industries%2C%20including%20healthcare%2C%20hospitality%2C%20telecommunications%20and%20education.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22SMB%20Worm%20%E2%80%9CIndexsinas%E2%80%9D%20Uses%20Lateral%20Movement%20to%20Infect%20Whole%20Networks%20-%20Guardicore%22%7D&cb=&r=https%3A%2F%2Ft.co%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.guardicore.com%2Flabs%2Fsmb-worm-indexsinas%2F&pageViewId=3428e4e0-05c5-4016-8218-f217227e0889

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 05 Jul 2021 13:06:23 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Mon, 07 Jun 2021 21:53:38 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60be9562-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
465 B 411ms
110ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:06:24 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=7wn2fu7jHb4C4WUV6HpcpiFaZMUEU2RdNZJpL5SeCvrMQ1zJOONT%2BuVL%2BcOkGpv4M0hLyAE%2F%2F1e22vz%2BnTF6jVH4uQZIUhRauhyepdScmNJPgnX5P0SFwp2luc8XeuI0CnVCyyCb5OFw3%2BY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0cf769ac105dc-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 210ms
210ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=0d8c67340d4aad8b32bfb9bcc7aa4ded&svisitor=null&session=d0ebc837-71c1-48a8-8828-140358d9a79b&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2005%20Jul%202021%2013%3A06%3A24%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2005%20Jul%202021%2013%3A06%3A23%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%228434%22%7D&isIframe=false&m=%7B%22description%22%3A%22Guardicore%20Labs%20reveals%20more%20details%20on%20the%20Indexsinas%20(NSABuffMiner)%20SMB%20worm.%20The%20campaign%20has%20been%20active%20since%20at%20least%202019%20and%20has%20managed%20to%20infect%20servers%20from%20a%20wide%20range%20of%20industries%2C%20including%20healthcare%2C%20hospitality%2C%20telecommunications%20and%20education.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22SMB%20Worm%20%E2%80%9CIndexsinas%E2%80%9D%20Uses%20Lateral%20Movement%20to%20Infect%20Whole%20Networks%20-%20Guardicore%22%7D&cb=&r=https%3A%2F%2Ft.co%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.guardicore.com%2Flabs%2Fsmb-worm-indexsinas%2F&pageViewId=3428e4e0-05c5-4016-8218-f217227e0889

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 05 Jul 2021 13:06:24 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Sat, 05 Jun 2021 07:56:05 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60bb2e15-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
459 B 415ms
114ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:06:25 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=NJmQBb96Rj8wtX06ax6j1otBoid6lWd42rmHl1D1YqD6RRfi%2FHdA2W5ixRovUDXHuRbwdufn5N%2Fm9Y%2BrdFotsWr0NoBu8KiLkoyf3Lw5y5w09zWtijwLgTpxhjZEvFbfA7wVf8nP%2BQlRhCA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0cf7cdb0205dc-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 223ms
222ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=0d8c67340d4aad8b32bfb9bcc7aa4ded&svisitor=null&session=d0ebc837-71c1-48a8-8828-140358d9a79b&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2005%20Jul%202021%2013%3A06%3A25%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2005%20Jul%202021%2013%3A06%3A24%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%229435%22%7D&isIframe=false&m=%7B%22description%22%3A%22Guardicore%20Labs%20reveals%20more%20details%20on%20the%20Indexsinas%20(NSABuffMiner)%20SMB%20worm.%20The%20campaign%20has%20been%20active%20since%20at%20least%202019%20and%20has%20managed%20to%20infect%20servers%20from%20a%20wide%20range%20of%20industries%2C%20including%20healthcare%2C%20hospitality%2C%20telecommunications%20and%20education.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22SMB%20Worm%20%E2%80%9CIndexsinas%E2%80%9D%20Uses%20Lateral%20Movement%20to%20Infect%20Whole%20Networks%20-%20Guardicore%22%7D&cb=&r=https%3A%2F%2Ft.co%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.guardicore.com%2Flabs%2Fsmb-worm-indexsinas%2F&pageViewId=3428e4e0-05c5-4016-8218-f217227e0889

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 05 Jul 2021 13:06:25 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Mon, 07 Jun 2021 21:53:38 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60be9562-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
469 B 106ms
106ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:06:26 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=6MWmaH4EPL4NLcPaPLy%2BdKIGjgjWpwNgcu3B%2F%2BIQwxz%2F5%2Bcl4YeaDhd5P%2FJ%2FJxvuFxBEVAs2ol5SZcVRQtNEyGVyfXBw36wrJbxUPo0wzuCCDBHNycd%2B0dT%2BrhxU28ZbentcthaBJlypoq0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0cf812d8005dc-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 206ms
206ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=0d8c67340d4aad8b32bfb9bcc7aa4ded&svisitor=null&session=62c29384-81a8-4566-8506-703b294b6585&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2005%20Jul%202021%2013%3A06%3A26%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2005%20Jul%202021%2013%3A06%3A25%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%2210435%22%7D&isIframe=false&m=%7B%22description%22%3A%22Guardicore%20Labs%20reveals%20more%20details%20on%20the%20Indexsinas%20(NSABuffMiner)%20SMB%20worm.%20The%20campaign%20has%20been%20active%20since%20at%20least%202019%20and%20has%20managed%20to%20infect%20servers%20from%20a%20wide%20range%20of%20industries%2C%20including%20healthcare%2C%20hospitality%2C%20telecommunications%20and%20education.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22SMB%20Worm%20%E2%80%9CIndexsinas%E2%80%9D%20Uses%20Lateral%20Movement%20to%20Infect%20Whole%20Networks%20-%20Guardicore%22%7D&cb=&r=https%3A%2F%2Ft.co%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.guardicore.com%2Flabs%2Fsmb-worm-indexsinas%2F&pageViewId=3428e4e0-05c5-4016-8218-f217227e0889

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 05 Jul 2021 13:06:26 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Sat, 05 Jun 2021 07:56:05 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60bb2e15-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
462 B 138ms
137ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:06:27 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ImJ2XkjwqMfG2wnx8topIvrvBSGiUEMn63Lsixuu8p34TNC70R3dEhavEdbGvYEjOaDbGpxCWZroLD2ZRtv7khCqb504eRElbG%2BPABXMnC7Mjp%2F4wJEtPWkNnkBZiLb7r%2BM6b%2BtIvVE4cmw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0cf878cea05dc-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 203ms
203ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=0d8c67340d4aad8b32bfb9bcc7aa4ded&svisitor=null&session=62c29384-81a8-4566-8506-703b294b6585&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2005%20Jul%202021%2013%3A06%3A27%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2005%20Jul%202021%2013%3A06%3A26%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%2211437%22%7D&isIframe=false&m=%7B%22description%22%3A%22Guardicore%20Labs%20reveals%20more%20details%20on%20the%20Indexsinas%20(NSABuffMiner)%20SMB%20worm.%20The%20campaign%20has%20been%20active%20since%20at%20least%202019%20and%20has%20managed%20to%20infect%20servers%20from%20a%20wide%20range%20of%20industries%2C%20including%20healthcare%2C%20hospitality%2C%20telecommunications%20and%20education.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22SMB%20Worm%20%E2%80%9CIndexsinas%E2%80%9D%20Uses%20Lateral%20Movement%20to%20Infect%20Whole%20Networks%20-%20Guardicore%22%7D&cb=&r=https%3A%2F%2Ft.co%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.guardicore.com%2Flabs%2Fsmb-worm-indexsinas%2F&pageViewId=3428e4e0-05c5-4016-8218-f217227e0889

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 05 Jul 2021 13:06:27 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Sat, 05 Jun 2021 07:56:05 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60bb2e15-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

Verdicts & Comments Add Verdict or Comment

152 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
go.guardicore.com/	1970-01-20 05:29:06	Name: visitor_id503441-hash Value: 3248c4e072e549efbf229f3d9e1f27f6f871780fa245afb0df3ba2bf08225d0d35f96035b9d5080fc6b336a1dd12155d586d4ea5
go.guardicore.com/	1970-01-20 05:29:06	Name: visitor_id503441 Value: 427868592
www.guardicore.com/	1970-01-20 13:02:42	Name: _gd_svisitor Value: 36bb100212570000c703e3600d0200002d8a0200
www.guardicore.com/	1970-01-20 13:02:42	Name: _gd_visitor Value: d2196e74-4787-4b39-83a5-5d9a45008d0f
.guardicore.com/	1970-01-20 04:53:06	Name: _uetvid Value: c7dca5e0dd9111ebb1ff2bb196d5ab24
.guardicore.com/	1970-01-19 19:31:30	Name: _dc_gtm_UA-53878132-1 Value: 1
.guardicore.com/	1970-01-19 19:31:32	Name: _hjFirstSeen Value: 1
.guardicore.com/	1970-01-19 19:32:56	Name: _gid Value: GA1.2.1073481397.1625490376
.guardicore.com/	1969-12-31 23:59:59	Name: _hjTLDTest Value: 1
.guardicore.com/	1970-01-19 21:41:06	Name: _fbp Value: fb.1.1625490375867.916258105
www.guardicore.com/	1970-01-19 19:31:44	Name: _gd_session Value: cedfd648-eecf-44ed-83ec-cf37765c46ae
.guardicore.com/	1970-01-19 19:32:56	Name: _uetsid Value: c7dc8cc0dd9111ebb34bcbabd20718c4
.guardicore.com/	1970-01-20 04:17:06	Name: _hjid Value: 7b8e44a6-36cd-417b-b899-bf5bc96410d2
.guardicore.com/	1970-01-19 21:41:06	Name: _gcl_au Value: 1.1.302582926.1625490376
.guardicore.com/	1970-01-20 13:02:42	Name: _ga Value: GA1.2.1795484937.1625490376
.guardicore.com/	1970-01-19 19:31:30	Name: _gat_gtag_UA_53878132_1 Value: 1

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.guardicore.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	warning	URL: https://www.guardicore.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1(Line 2) Message: jQuery.Deferred exception: Cannot read property 'getItem' of null TypeError: Cannot read property 'getItem' of null at _default.get (https://www.guardicore.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.2.5:2:56236) at _default.setViewsAndSessions (https://www.guardicore.com/wp-content/plugins/elementor-pro/assets/js/preloaded-elements-handlers.min.js?ver=3.3.1:2:89347) at new _default (https://www.guardicore.com/wp-content/plugins/elementor-pro/assets/js/preloaded-elements-handlers.min.js?ver=3.3.1:2:89098) at Function.<anonymous> (https://www.guardicore.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.3.1:2:5491) at Function.each (https://www.guardicore.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1:2:3026) at ElementorProFrontend.initModules (https://www.guardicore.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.3.1:2:5456) at ElementorProFrontend.onElementorFrontendInit (https://www.guardicore.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.3.1:2:5712) at dispatch (https://www.guardicore.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1:2:43090) at v.handle (https://www.guardicore.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1:2:41074) at Object.trigger (https://www.guardicore.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1:2:71513) undefined
console-api	error	URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js(Line 1) Message: Error getting from localStorage: TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js(Line 1) Message: Error getting from localStorage: TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js(Line 1) Message: Error storing in localStorage: TypeError: Cannot read property 'setItem' of null
console-api	error	URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js(Line 1) Message: Error getting from localStorage: TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js(Line 1) Message: Error getting from localStorage: TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js(Line 1) Message: Error getting from localStorage: TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js(Line 1) Message: Error getting from localStorage: TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js(Line 1) Message: Error getting from localStorage: TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js(Line 1) Message: Error storing in localStorage: TypeError: Cannot read property 'setItem' of null
console-api	error	URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js(Line 1) Message: Error storing in localStorage: TypeError: Cannot read property 'setItem' of null
console-api	error	URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js(Line 1) Message: Error storing in localStorage: TypeError: Cannot read property 'setItem' of null

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
b.6sc.co
bat.bing.com
beacon-v2.helpscout.net
buff.ly
c.6sc.co
cdnjs.cloudflare.com
connect.facebook.net
fast.fonts.net
fast.wistia.com
fonts.googleapis.com
gate.rapidsec.net
go.guardicore.com
googleads.g.doubleclick.net
j.6sc.co
pi.pardot.com
px.ads.linkedin.com
px4.ads.linkedin.com
s.w.org
script.hotjar.com
secure.gravatar.com
snap.licdn.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
t.co
track.gaconnector.com
vars.hotjar.com
whimsical.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.guardicore.com
www.linkedin.com
104.111.233.140
104.244.42.67
104.244.42.69
108.174.10.14
13.224.193.12
13.224.193.121
13.224.221.128
13.225.87.76
142.250.186.66
143.204.98.74
151.101.12.157
192.0.77.48
2606:4700::6810:135e
2606:4700::6811:e14e
2606:4700:e0::ac40:6527
2620:119:50e3:101::6cae:b45
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:808::2004
2a00:1450:4001:811::2008
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::200a
2a00:1450:400c:c08::9b
2a00:1450:400c:c08::9d
2a02:26f0:6c00:28c::25ea
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a04:4e42:3::622
2a04:fa87:fffe::c000:4902
34.197.34.29
35.174.78.146
35.235.124.140
67.199.248.12
0018646720dd7fb919bd39bba73942b95a725590f3eca1dde849e088028b2b90
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0437b2c1593ef4b6e97784145e936ddfffeb1a7f0574b5f78e4444d049475620
056cf1ad4d84c1438bd0efea62a6a10a21acab4f1adae279e87bd401ba83cd99
0621ccf15f4c0c81dfc958917e75a6ab9a6fbcdeef4d4cf2b034c4132d1ac929
08314d800c2117a8da2191541640b44c310ad2e80c6c0c909952507e57d35058
0b140f87ff144db782e0cddbdd64decbaa35b5c7c890f1e45b05fe2d8478b42e
0be0dff23b790d714b6b7cc266fb5130a6260930ce52cfbc3e5b8f1c6cb45a5a
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e
0cdce53dc078014ad2af66256afb166fddb4db77945fa4113ad3007459e3aa06
0f5e95fc50f76666b87f3662e462236b80049d5e111bb083c409791e5d65101e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1396662705b0c8e4aece9ae751982e526b27e9e1271276d3bc02168d3491361e
13cbc75f4ec4fe7e354dff7e326e148da49f8a71b9bccd3f17605eba779a3f0d
147bbc69ada02cdca64ad72a0159564a5a2643efa09602f7f014459175d6823e
148b35f5e5d3dd37d6fc44caa577d6b478b0a62bb1200439d1f77e21f9c88c64
17f076500dca787c42b1dd6238ce50a0752771eafd040e8512c713a7ec947c65
19fb1c3c4a52d399f2b32a80c3fa35d97dde81f33e20bb7da6d95d4087c49ed6
1a74087f01c6bf2309a2f5d7ddb8c2309f5fac988dccd6a72e283ef5eb70a347
1ada5259a5ac61a7d68315f7efa6b98d61d2d0478df0545869c880afeaa67dcd
1c8231e24838de4ad2d966d5cb48563a2a6e540a15848d337fa3c466d0730775
1e5aeaa58ab4c2345953f77e07fbc20578326076a259ed702eea64e077fde675
205e4853afd7ec80018e17064a0f71965ff0007e19babf0b88b0625843ea8e6b
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
2253d28cf7e038400244b19b4fe87d90240a0388e16f0a145deeff4eaf47b14a
23711380d4aa9cb1d400ed80287482643d79b55ec2398da742d9804b8a12f216
238665a4e9c6f3e6fd4c936f560856580b5f30d2aaf8e508d07a2f56a0516fc1
23ad59d8614ad388eb5341dd0b4db738694d4eb9d18ddf4bd057e18f665c0f1a
2789f68163f600c0f7e91f859ca0ef98100786ae15e98839448713e3941d0bca
288960b7f569d9400fcee66853782b5c32613018935c0571e411237ba32b861f
28aa95a989d5e46ee060bb0d443fcd699d31db7320673379fad857f77fc776a8
29324a862ffba034fcc79da865e521ad3cb4bdfaf4acec27fd0c3d917fd960da
2989e0b9e836cb9de3274d641ec6a58c2052f039e790ddd59b22303930bfdeeb
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
32724c08701fcb0bb65c489c06718dca25268bc15b53bf0df19f89fbf8dd2676
338de273f529e717971d06587c95a880c0c4240b0cd24e79e14ac07a9522cd1d
37533822750ebd172bd73e5d8df4e9bd685d75b770d0af06f03e1bbbe9b3ae5c
384caefe9de16041d4044e515475f99c8b233e9d5fffdc68975e45c9d420691a
3a911565c50d12c7eddff1a62d2a410dbf4199e642d74628966126a9d9faaaec
3b1ae6cec7f06d999f0695e08022868275f74821104092579bc1a848db0f34de
3bb51227d2ff534e4834ff3137f722a77dc2a8a9c6f1fda503116c0d7f9f7b47
3c905981a0c3eb45cb3aa610f847bc3fc70a126acff5fc79c9d4d78dea3ee7ce
3e10b7ee8ea3952cb3da15f41abe49fb69db8a01cc191179591c4c250d3d3391
3f9c38934fc41ee2a85f1a6e1ad59e96f7f1e73b9b4e653394708715d5ab32c5
41ce2509fa9959868717986010e16b6334885fd46bc64d0d3c745a73ed3c41e4
4309fe7b036687b04b69f76218298f708159f674dad07c0581099035f5ca8050
4604fb3649c76594567706713285dd8be0c3538a2c3b0edfd49d74c9f5147972
47ae8f0c316caf1b0820b3fc47281e73ee11896b90cd172022965474bb5eaa21
4a7ee62eb33f3bbb66c2151e5cac6bf4904e28302efc36128f3e3ccae6fde580
4aecb207b56cac3dfc7a264fdf05de9a1322885f1daa182167eab999570e384a
4b44d35a36bd7d65aa676b68fd395ac3270f29037418c6c818ce2eb5dd0ea78d
4b8b06e8edfab1dd4475c13ee021e4f582b075677a9018e2f0ba56cc3fc2f0b6
4b9a7bdede208dc634debc53edee3ab4c7412e97063bd350c4726fb7625b532f
52adbaf8b7004e3e0ef2b06be5492748eeef0bdfbc2d91b4aa3aa7ddd7028703
552816c0181f22f4dc11728b99d077587e09299d57ecc9539a95233ba59d2b51
55d372262d6c1aca75034d99cb49419689270ff74765adf77ed15ded9ece52fe
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c3c9df8b8f0a80f863c53dec5cbca7dedbdcc7697c6c6359520950774653960
5ddb2729aaae248b99bc553da916346ac6a8d144b7b1afde0ddcdf0eeda1589c
5e13437dee929c20638ff3b3be2c584b73ecdf3188cdaa5215a498b855240789
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
60e04dcb9483e44801771aab65df07bfa3fabbaf9a4386fd05f568d0e4d8710d
641f4e0a0380efe7b30ff0cd45dc2d02edeeb1988f3a96fddee0eca86d288164
661ecc75f2bc78cea2b6407201598bcac2c92c852aa77131c55254557c68e53c
67f565f25c1bb8ae629cfca60c71766232073a0c905e0387e45895657b4ae3e7
6b52123640de6d13a94ebf0b28b2621535de362b536e775e84ac17362153293d
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
6cd0d6897b3d4779f7d88ce72531f22fbf75851b195fb14e6f3f23d051b3d1e9
6d7c73e67cbb5215d633ce9ad65f0c0377004621fce62982568024178ac4b589
6e6e6a03e72a528c28884b50bf296425667f38dd0aaf1dd17ce89199ffc85271
6f497512d1947b96e7f727d8bc1f357add3d996085532b6b809fd1f46a5926fb
71008cf308a9bb2a3a3ddaa973f816c0d3a11db5cc9e7bdd5498089423019b3e
71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba
72331d11d428c3ee2a07f27f50de5d46ee2dfed73a188788110271edce7972ff
730865a3662dc048745e9d47ba1204827d6de6602367aeedaf425c49c1827cc4
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
73e2e5173ed0d5a77b02914fa0ef1f67bb53143da75f0348f558f95565220ca1
744d368a676dabf6be331840fdf74176a9ad7a784bf3920e3f640c9ed89fc43c
785c1179e9138a30fccbcd502d81ad2920049a12fd3d83fae433052e9be4c62f
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87a4d24f8fb09eae43f4e07568e22c9f714ad5a86296516dd3721d7328922d71
88453621e7720bf12afcf1abb01eec2dfd56cc8de16ed8b85937e90a1b1fc9b2
88c7b96dcdb3c0c4d52f8dcfdc11b012497f5f4d2c31bcdd9ac429050d60c4a1
897ebbdf379aeb2c751275f083d298f15b094902c6bd6a66405ffb0604c64124
8c68252e210addba0a4fef3c9f80d6ea940d255d57e519a0c6796051d4753903
8ceba365f48b90d9f44b80d2323be5ed8cb3d6bc9a8601c2b555523aa84f8878
916ab7aaacbc74895f204db9d9566e94a3cae718e01df6c3d8cc1e4c7e41426d
92bd24374fb205c765a133d522acb2772693d2ccd486b7855e2447918de296a1
92c8a3c1c84ff1c97503a7a63b3ff3a6d44af33b9d55f8cd278ee3dfe40e0565
970fb3515835fc779193ba0f88531ff29972b3c9cd76aba2fb1222fb97beeab6
9e0156dd49c03744e79bbea60eebbbb94b5811c1b71b91f5fb38a8270dedfbaf
a1ff827045c0b7de4a24dff0d36a0ca84024750ea0ae8e8dff84c4de3bc2010d
a3f2c1ed3b6c5c8668af3066dc10e5aca023ab0b63c05be2cd42241f18dd9572
a48dea362116d7516a2cf97066a32758d353760ee02dbf900ddff86b02a16473
a5be724742b18d242a2532bded133564f8d8327b2ff622c4073f8a213cc67b16
a69c0037019e6c8cec8652c2988389ce96a23dc737425822309d7e8eb9a17341
aa4b003bb85142c7ff8d4fa84ba07f5a8c070cd2a504af3d406731884bd44fec
ab93e62292fdfe62091f56da4dc29d0be525f23d098219d92d164bcd41b426ac
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
af71cb6decf2066c163b45f4b8b5283f9fa4043a5de26bcea4b11597afa4e090
b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804
b5641645c15c48b3ff5ce52e718563e1d04d18492e552eb126862768327e2855
b763b49b4a8f7afccef98cc8a40f450a31d6c69150d30acb3438d81331222d41
b7939e67e521a72f9344e54fe85a3edff247ac537235f178a522ae836dbf6820
ba4dd4b5f97a58ad068d743dfdf7865ba3d7e4bff24379ca93ca634008c90a3e
baa8cb02e0fce843c48ebfb75a646e4f84364e54a62fc308f1d112d98896e32b
be28a35c24df4d07890eb60a8dc916d76b648a012b33439a11df136d5b6bb3f6
c2a282dd6dac10a3fbf469b4e67f489608777854e6d157bf11233dfbaa16851e
c4a56c561bd003b2bfa260025204e2d68174e30f78a7d17556f892f1844c43f3
c65e5cf46cb54933645c9e74c2b8cddc5591cafa0174a6903d15df2f3d1bd1a7
c87e155f6dd4a48a9c96082e28afe41af493426dcfa72f2bb64a9d48d750e5e5
c9583ce91f61e5d79c64e30b548bf546eb76a2b9f04a4f21831d8033dc275acc
c9b46437d7418e1712daaad6d73fa17c2c6afb5681770c90339c25428415b7fd
cb141079dc8a7d193c67b7cbc71e283ecded63f65db850b61f8652341a92c77e
cda985523c372cef46674a191a25e985efb7639934d701b2f50f341a7326dfa7
ce04afdc3d195c9c5b1f7ab1a0c639f027a366ea68f673666b0b0add1d376dae
ce8edccdc98a1f67c6d81ce452ac32192a9fc0c7a2828ea2dc6747c291cb5919
ceaa8c47e55f50794d42966a696f0f35149ffd1560c46eecbca911d6b48d9371
cf6787a72f1d1013b60c768f8e6db80fd19249cdea059b86253980177ee1a0c9
d4cfd8082109b47b94a9af2888657a68860315ad99736d4c9b0c49fb0152b68b
d5c3c62c85d8821b972073ed49d7ede0cfac1a7d45d10781c23dae935ae69f49
d882dbd828af87ed3434862bf608a2dee6d347817ae547421c9b2051ce29a905
d8e1bb6afaee4a9709470e6bc6712a4288aab63eff4a430e75935d0095648bb6
d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977
da1b60970149580c709bbc357622d24e7029d658e852e74ef1d861ffb22ad219
dc0b32d7b2d078ebd0390050a25e4a9bcf32f1af1f2f6fa1555170c28d07fb84
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3
dd1617feba063690e3bf1621308e1af67c6cabcdb2602e5a1df3a14b02b94d05
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dea55b37e19466581a356311932c0c963f4dfd933f72b25e52cd358274ec2a16
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e1549773d59ab2805e4db4ea0475b33a0e0295702d0f15c12107fc60e2caa99a
e36eaa6e7cebbd4138dfb008ee3d53ab8195f45953b0f4f27d0d8156ab059021
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea33b0ef01fbc24a9f2a3f6c858425fe2a19712e029eae43641ac3bfbc59c0e3
ea8b7b4867b15503d8ab0eac1f3bd7ad3b4d99efc82f1fc0f959316413f1e1aa
ea8db732b0c05833c674be800e81bf8dc72919a00feafde206c1f6001d1c6bcf
eadeeab2d21bc67094131dec97cf17504bdfae31d1bd1dfd329cd741f0677ab3
eb43b657e2bb320b9ef4581e4c7167c3f93a1a19b00fea14f4395deff2d82fa7
ee3bf73c6c9ad57355c0ea3d028c8578295c733d1386e9a884f12ee3fa87f0c2
ee63601efc0a127a6eadcd9062a0e1622fcb1c705ab8b6499519148f8474fc39
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef5778f747401ce5abeaa4accff79fa721b062dd375572c06e185e9f49130746
f2a2056b7a1c989899886a9b194e93912b7d11767239e956de73d5c2ea237b32
f3a7ddd6363de195ad182e5e26cdc0addd8ad09e6deba53fcd22831f9cb28803
f6ea484d6d98cf40416aa534105ecefa98b468463f86f63321d4ff473f266ebe
f770bc714b92d45af98259cc48f5b8033e6993147da9c35b70e7b845d379df25
f8d00356859998784bda26e1d14f2d981515921b96ded50d5d6f6f0e75bac15c
fb2f94d7ac787b539fe4f82203f813ff614d7434cca5c2ccb5fa12ae01aa1174
fdab6db4a2db88cc9799961049391621ff500a38e34763b8f7369062b5e48cbf
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c
fe5f91e8750420e8c460358e4ddf588f781c252c2426741e59132f238d6e6203
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

www.guardicore.com Open in urlscan Pro 35.235.124.140 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

250 Requests

100 %HTTPS

56 %IPv6

29 Domains

37 Subdomains

33 IPs

4 Countries

4920 kBTransfer

15607 kBSize

16 Cookies

15 Outgoing links

Page URL History

Redirected requests

250 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.guardicore.com Open in urlscan Pro
35.235.124.140 Public Scan

Screenshot
Live screenshot

Full Image

250
Requests

100 %
HTTPS

56 %
IPv6

29
Domains

37
Subdomains

33
IPs

4
Countries

4920 kB
Transfer

15607 kB
Size

16
Cookies

250 HTTP transactions
0 data transactions