urlscan.io logo urlscan.io
SecurityTrails logo

www.aditumpartners.com Open in urlscan Pro
96.8.123.106  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.aditumpartners.com/access-splunk-attack-range-guide/clkn/https/www.aditumpartners.com/splunk-resources/blog/splunk-...
Effective URL: https://www.aditumpartners.com/splunk-resources/blog/splunk-attack-range-setup-guide/
Submission: On May 05 via manual from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 8 domains to perform 24 HTTP transactions. The main IP is 96.8.123.106, located in Buffalo, United States and belongs to AS-COLOCROSSING, US. The main domain is www.aditumpartners.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on February 26th 2020. Valid for: 3 months.
This is the only time www.aditumpartners.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

17    96.8.123.106 (Buffalo, United States)

ASN36352 (AS-COLOCROSSING, US)
PTR: server1.cobolthosting.com
www.aditumpartners.com
2    2606:4700::6811:d3cc (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-scripts.com
1    2a00:1450:4001:816::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:819::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:824::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:4001:81b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    2a00:1450:4001:814::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
17 www.aditumpartners.com 2 redirects www.aditumpartners.com
3 fonts.gstatic.com www.aditumpartners.com
ajax.googleapis.com
2 js.hs-scripts.com www.aditumpartners.com
1 fonts.googleapis.com ajax.googleapis.com
1 www.youtube.com www.aditumpartners.com
1 ajax.googleapis.com www.aditumpartners.com
1 www.google.de www.aditumpartners.com
1 www.google.com 1 redirects
1 googleads.g.doubleclick.net 1 redirects
24 9

This site contains links to these domains. Also see Links.

Domain
www.linkedin.com
twitter.com
Subject Issuer Validity Valid
aditumpartners.com
cPanel, Inc. Certification Authority		 2020-02-26 -
2020-05-26		 3 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-04-07 -
2020-10-09		 6 months crt.sh
www.google.de
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-04-15 -
2020-07-08		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.aditumpartners.com/splunk-resources/blog/splunk-attack-range-setup-guide/
Frame ID: 7BC3AC4438FA1AACE53F92F947A5E11C
Requests: 24 HTTP requests in this frame

Frame: https://www.youtube.com/embed/TJt83RwBf7A?feature=oembed
Frame ID: CB74AF189B6ACB48C57438258CDEAC3E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.aditumpartners.com/access-splunk-attack-range-guide/clkn/https/www.aditumpartners.com/splunk-re... HTTP 301
    https://www.aditumpartners.com/splunk-resources/blog/splunk-attack-range-setup-guide HTTP 301
    https://www.aditumpartners.com/splunk-resources/blog/splunk-attack-range-setup-guide/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /googleapis\.com\/.+webfont/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

24
Requests

100 %
HTTPS

89 %
IPv6

8
Domains

9
Subdomains

8
IPs

2
Countries

938 kB
Transfer

2276 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.aditumpartners.com/access-splunk-attack-range-guide/clkn/https/www.aditumpartners.com/splunk-resources/blog/splunk-attack-range-setup-guide HTTP 301
    https://www.aditumpartners.com/splunk-resources/blog/splunk-attack-range-setup-guide HTTP 301
    https://www.aditumpartners.com/splunk-resources/blog/splunk-attack-range-setup-guide/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/863211919/?guid=ON&script=0 HTTP 302
  • https://www.google.com/pagead/1p-user-list/863211919/?guid=ON&script=0&is_vtc=1&random=79460184 HTTP 302
  • https://www.google.de/pagead/1p-user-list/863211919/?guid=ON&script=0&is_vtc=1&random=79460184&ipr=y

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.aditumpartners.com/splunk-resources/blog/splunk-attack-range-setup-guide/
Redirect Chain
  • https://www.aditumpartners.com/access-splunk-attack-range-guide/clkn/https/www.aditumpartners.com/splunk-resources/blog/splunk-attack-range-setup-guide
  • https://www.aditumpartners.com/splunk-resources/blog/splunk-attack-range-setup-guide
  • https://www.aditumpartners.com/splunk-resources/blog/splunk-attack-range-setup-guide/
44 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.aditumpartners.com/splunk-resources/blog/splunk-attack-range-setup-guide/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.8.123.106 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
server1.cobolthosting.com
Software
Apache /
Resource Hash
c360f94ff383f46d160c95ea0a3e395fed1ef5183e596f75360d2c33c0677226

Request headers

Host
www.aditumpartners.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
PHPSESSID=7d77be416c6a2ee323eeb09ecd7c161b
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 05 May 2020 15:31:32 GMT
Server
Apache
Vary
Accept-Encoding,Cookie
Last-Modified
Tue, 05 May 2020 14:26:53 GMT
Accept-Ranges
bytes
Content-Length
10519
Cache-Control
max-age=3, must-revalidate
Expires
Tue, 05 May 2020 15:31:35 GMT
Keep-Alive
timeout=5, max=98
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Content-Encoding
gzip

Redirect headers

Date
Tue, 05 May 2020 15:31:31 GMT
Server
Apache
Vary
Accept-Encoding,Cookie,User-Agent
Pragma
no-cache
Expires
Tue, 05 May 2020 16:31:32 GMT
Cache-Control
max-age=3600
X-Redirect-By
WordPress
Set-Cookie
PHPSESSID=7d77be416c6a2ee323eeb09ecd7c161b; path=/
Location
https://www.aditumpartners.com/splunk-resources/blog/splunk-attack-range-setup-guide/
Content-Length
0
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
autoptimize_d93949778d7b482b36214bdb301cb596.css
www.aditumpartners.com/wp-content/cache/autoptimize/css/ 		652 KB
109 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.aditumpartners.com/wp-content/cache/autoptimize/css/autoptimize_d93949778d7b482b36214bdb301cb596.css
Requested by
Host: www.aditumpartners.com
URL: https://www.aditumpartners.com/splunk-resources/blog/splunk-attack-range-setup-guide/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.8.123.106 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
server1.cobolthosting.com
Software
Apache /
Resource Hash
8da7081257c9060af6524e170398df1abb7a8a74bd4aae8a167d0e9432383422

Request headers

Referer
https://www.aditumpartners.com/splunk-resources/blog/splunk-attack-range-setup-guide/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 05 May 2020 15:31:33 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 May 2020 21:21:46 GMT
Server
Apache
Vary
Accept-Encoding,Cookie
Content-Type
text/css
Cache-Control
max-age=3, must-revalidate, public, immutable
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Expires
Sun, 25 Apr 2021 15:31:33 GMT
dashicons.min.css
www.aditumpartners.com/wp-includes/css/ 		46 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.aditumpartners.com/wp-includes/css/dashicons.min.css?ver=fd4627748e0252407183ca56be53229d
Requested by
Host: www.aditumpartners.com
URL: https://www.aditumpartners.com/splunk-resources/blog/splunk-attack-range-setup-guide/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.8.123.106 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
server1.cobolthosting.com
Software
Apache /
Resource Hash
18aa66c192cbef43a61b1398c292ae5c6c1d40d679428ee998b1c6bfaf61d75a

Request headers

Referer
https://www.aditumpartners.com/splunk-resources/blog/splunk-attack-range-setup-guide/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 05 May 2020 15:31:33 GMT
Content-Encoding
gzip
Last-Modified
Wed, 19 Jun 2019 19:11:17 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
28481
Expires
Tue, 12 May 2020 15:31:33 GMT
jquery.js
www.aditumpartners.com/wp-includes/js/jquery/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.aditumpartners.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: www.aditumpartners.com
URL: https://www.aditumpartners.com/splunk-resources/blog/splunk-attack-range-setup-guide/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.8.123.106 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
server1.cobolthosting.com
Software
Apache /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer
https://www.aditumpartners.com/splunk-resources/blog/splunk-attack-range-setup-guide/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 05 May 2020 15:31:33 GMT
Content-Encoding
gzip
Last-Modified
Wed, 19 Jun 2019 19:11:17 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
33776
Expires
Tue, 12 May 2020 15:31:33 GMT
aditum-logo.png
www.aditumpartners.com/wp-content/uploads/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.aditumpartners.com/wp-content/uploads/aditum-logo.png
Requested by
Host: www.aditumpartners.com
URL: https://www.aditumpartners.com/splunk-resources/blog/splunk-attack-range-setup-guide/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.8.123.106 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
server1.cobolthosting.com
Software
Apache /
Resource Hash
9ebd3b82cb0c5b676b4918f5f81c8ad1fcd95d9c151be17bba88746462c4ec4d

Request headers

Referer
https://www.aditumpartners.com/splunk-resources/blog/splunk-attack-range-setup-guide/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 05 May 2020 15:31:34 GMT
Last-Modified
Tue, 23 Jan 2018 17:14:45 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
8638
Expires
Thu, 04 Jun 2020 15:31:34 GMT
slide-01-new-300x90.jpg
www.aditumpartners.com/wp-content/uploads/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.aditumpartners.com/wp-content/uploads/slide-01-new-300x90.jpg
Requested by
Host: www.aditumpartners.com
URL: https://www.aditumpartners.com/splunk-resources/blog/splunk-attack-range-setup-guide/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.8.123.106 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
server1.cobolthosting.com
Software
Apache /
Resource Hash
c3d9e47545cd08a3b6900d65b13c604fc62d61faee96c43ef9c7b3ed99af996a

Request headers

Referer
https://www.aditumpartners.com/splunk-resources/blog/splunk-attack-range-setup-guide/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 05 May 2020 15:31:34 GMT
Last-Modified
Thu, 13 Sep 2018 15:53:47 GMT
Server
Apache
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
2031
Expires
Thu, 04 Jun 2020 15:31:34 GMT
to-siem-or-not-to-siem-ebook-cta-4.png
www.aditumpartners.com/wp-content/uploads/ 		221 KB
222 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.aditumpartners.com/wp-content/uploads/to-siem-or-not-to-siem-ebook-cta-4.png
Requested by
Host: www.aditumpartners.com
URL: https://www.aditumpartners.com/splunk-resources/blog/splunk-attack-range-setup-guide/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.8.123.106 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
server1.cobolthosting.com
Software
Apache /
Resource Hash
3de03348d1a506c2ee921e7cfc001d56f396eed7f405984e74c3259cef9472b8

Request headers

Referer
https://www.aditumpartners.com/splunk-resources/blog/splunk-attack-range-setup-guide/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 05 May 2020 15:31:35 GMT
Last-Modified
Fri, 25 May 2018 19:44:34 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
226806
Expires
Thu, 04 Jun 2020 15:31:35 GMT
LGO-Splunk-Partnerplus-W-300x41.png
www.aditumpartners.com/wp-content/uploads/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.aditumpartners.com/wp-content/uploads/LGO-Splunk-Partnerplus-W-300x41.png
Requested by
Host: www.aditumpartners.com
URL: https://www.aditumpartners.com/splunk-resources/blog/splunk-attack-range-setup-guide/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.8.123.106 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
server1.cobolthosting.com
Software
Apache /
Resource Hash
0a18049c8ca716921949d1ef59b2ab1cbbcdcff7e0b1b37fcb290aa38fef59e9

Request headers

Referer
https://www.aditumpartners.com/splunk-resources/blog/splunk-attack-range-setup-guide/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 05 May 2020 15:31:35 GMT
Last-Modified
Tue, 23 Jan 2018 17:28:07 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
3604
Expires
Thu, 04 Jun 2020 15:31:35 GMT
index.php
www.aditumpartners.com/ 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.aditumpartners.com/index.php?rest_route=/calltrk/swap.js
Requested by
Host: www.aditumpartners.com
URL: https://www.aditumpartners.com/splunk-resources/blog/splunk-attack-range-setup-guide/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.8.123.106 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
server1.cobolthosting.com
Software
Apache /
Resource Hash
fae6cb206c1dd6bf7a5abd50b7454bb14b20f5e61071d6a9fe92c74a87fc59b7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.aditumpartners.com/splunk-resources/blog/splunk-attack-range-setup-guide/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 05 May 2020 15:31:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Access-Control-Allow-Headers
Authorization, Content-Type
X-CallTrk-WP-Version
0.4.2
Connection
Keep-Alive
Content-Length
9509
Pragma
no-cache
Link
<https://www.aditumpartners.com/wp-json/>; rel="https://api.w.org/"
Server
Apache
Vary
Accept-Encoding,Cookie,User-Agent
Content-Type
application/javascript; charset=UTF-8
Access-Control-Expose-Headers
X-WP-Total, X-WP-TotalPages
Cache-Control
max-age=60, public
X-Robots-Tag
noindex
Keep-Alive
timeout=5, max=99
Expires
Thu, 19 Nov 1981 08:52:00 GMT
2500102.js
js.hs-scripts.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/2500102.js?integration=WordPress
Requested by
Host: www.aditumpartners.com
URL: https://www.aditumpartners.com/splunk-resources/blog/splunk-attack-range-setup-guide/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:d3cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.aditumpartners.com/splunk-resources/blog/splunk-attack-range-setup-guide/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

access-control-allow-origin
https://www.aditumpartners.com
access-control-allow-credentials
true
access-control-max-age
3600
/
www.google.de/pagead/1p-user-list/863211919/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/863211919/?guid=ON&script=0
  • https://www.google.com/pagead/1p-user-list/863211919/?guid=ON&script=0&is_vtc=1&random=79460184
  • https://www.google.de/pagead/1p-user-list/863211919/?guid=ON&script=0&is_vtc=1&random=79460184&ipr=y
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/863211919/?guid=ON&script=0&is_vtc=1&random=79460184&ipr=y
Requested by
Host: www.aditumpartners.com
URL: https://www.aditumpartners.com/splunk-resources/blog/splunk-attack-range-setup-guide/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.aditumpartners.com/splunk-resources/blog/splunk-attack-range-setup-guide/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 May 2020 15:31:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 05 May 2020 15:31:34 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
image/gif
location
https://www.google.de/pagead/1p-user-list/863211919/?guid=ON&script=0&is_vtc=1&random=79460184&ipr=y
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
autoptimize_8e948c8a92a3b3cc0b36b7a1b036932c.js
www.aditumpartners.com/wp-content/cache/autoptimize/js/ 		910 KB
267 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.aditumpartners.com/wp-content/cache/autoptimize/js/autoptimize_8e948c8a92a3b3cc0b36b7a1b036932c.js
Requested by
Host: www.aditumpartners.com
URL: https://www.aditumpartners.com/splunk-resources/blog/splunk-attack-range-setup-guide/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.8.123.106 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
server1.cobolthosting.com
Software
Apache /
Resource Hash
997e2fa1c57e684e7ae5097512e3a265e56fe0866cfaf9caa3566e5c83c3a9c6

Request headers

Referer
https://www.aditumpartners.com/splunk-resources/blog/splunk-attack-range-setup-guide/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 05 May 2020 15:31:35 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 May 2020 21:21:46 GMT
Server
Apache
Vary
Accept-Encoding,Cookie
Content-Type
application/javascript
Cache-Control
max-age=3, must-revalidate, public, immutable
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Expires
Sun, 25 Apr 2021 15:31:35 GMT
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Requested by
Host: www.aditumpartners.com
URL: https://www.aditumpartners.com/splunk-resources/blog/splunk-attack-range-setup-guide/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.aditumpartners.com/splunk-resources/blog/splunk-attack-range-setup-guide/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 28 Mar 2020 07:23:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3312502
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Mar 2021 07:23:12 GMT
wp-emoji-release.min.js
www.aditumpartners.com/wp-includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.aditumpartners.com/wp-includes/js/wp-emoji-release.min.js?ver=fd4627748e0252407183ca56be53229d
Requested by
Host: www.aditumpartners.com
URL: https://www.aditumpartners.com/splunk-resources/blog/splunk-attack-range-setup-guide/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.8.123.106 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
server1.cobolthosting.com
Software
Apache /
Resource Hash
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee

Request headers

Referer
https://www.aditumpartners.com/splunk-resources/blog/splunk-attack-range-setup-guide/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 05 May 2020 15:31:35 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Feb 2020 11:55:05 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
4626
Expires
Tue, 12 May 2020 15:31:35 GMT
TJt83RwBf7A
www.youtube.com/embed/ Frame CB74 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/TJt83RwBf7A?feature=oembed
Requested by
Host: www.aditumpartners.com
URL: https://www.aditumpartners.com/splunk-resources/blog/splunk-attack-range-setup-guide/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/TJt83RwBf7A?feature=oembed
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.aditumpartners.com/splunk-resources/blog/splunk-attack-range-setup-guide/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.aditumpartners.com/splunk-resources/blog/splunk-attack-range-setup-guide/

Response headers

status
200
content-encoding
br
cache-control
no-cache
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-type
text/html; charset=utf-8
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
expires
Tue, 27 Apr 1971 19:44:06 GMT
date
Tue, 05 May 2020 15:31:34 GMT
server
YouTube Frontend Proxy
x-xss-protection
0
set-cookie
VISITOR_INFO1_LIVE=wcGUBscdwJ8; path=/; domain=.youtube.com; secure; expires=Sun, 01-Nov-2020 15:31:34 GMT; httponly; samesite=None YSC=46_MpmLnJl4; path=/; domain=.youtube.com; secure; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Tue, 05-May-2020 16:01:34 GMT VISITOR_INFO1_LIVE=wcGUBscdwJ8; path=/; domain=.youtube.com; secure; expires=Sun, 01-Nov-2020 15:31:34 GMT; httponly; samesite=None
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
banner-architecture.jpg
www.aditumpartners.com/wp-content/uploads/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.aditumpartners.com/wp-content/uploads/banner-architecture.jpg
Requested by
Host: www.aditumpartners.com
URL: https://www.aditumpartners.com/splunk-resources/blog/splunk-attack-range-setup-guide/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.8.123.106 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
server1.cobolthosting.com
Software
Apache /
Resource Hash
55d009210f9219f7b271061621dcbf92940338fd47625e581ecc00c61bf38c94

Request headers

Referer
https://www.aditumpartners.com/wp-content/cache/autoptimize/css/autoptimize_d93949778d7b482b36214bdb301cb596.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 05 May 2020 15:31:34 GMT
Last-Modified
Tue, 23 Jan 2018 17:16:21 GMT
Server
Apache
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
34087
Expires
Thu, 04 Jun 2020 15:31:34 GMT
social-icons-mono-light.png
www.aditumpartners.com/wp-content/uploads/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.aditumpartners.com/wp-content/uploads/social-icons-mono-light.png
Requested by
Host: www.aditumpartners.com
URL: https://www.aditumpartners.com/splunk-resources/blog/splunk-attack-range-setup-guide/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.8.123.106 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
server1.cobolthosting.com
Software
Apache /
Resource Hash
417258405f19c0f4df9dec2684e5673c2defca010a25ec50d3fef43f63991a67

Request headers

Referer
https://www.aditumpartners.com/wp-content/cache/autoptimize/css/autoptimize_d93949778d7b482b36214bdb301cb596.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 05 May 2020 15:31:35 GMT
Last-Modified
Thu, 26 May 2016 22:19:08 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
4471
Expires
Thu, 04 Jun 2020 15:31:35 GMT
ss-gizmo.woff
www.aditumpartners.com/wp-content/themes/dante/css/font/ 		60 KB
60 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.aditumpartners.com/wp-content/themes/dante/css/font/ss-gizmo.woff
Requested by
Host: www.aditumpartners.com
URL: https://www.aditumpartners.com/splunk-resources/blog/splunk-attack-range-setup-guide/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.8.123.106 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
server1.cobolthosting.com
Software
Apache /
Resource Hash
a008ccf1c8cc14acde946657cbbd710238df2199ba88db1049047596c1efae15

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.aditumpartners.com/wp-content/cache/autoptimize/css/autoptimize_d93949778d7b482b36214bdb301cb596.css
Origin
https://www.aditumpartners.com

Response headers

Date
Tue, 05 May 2020 15:31:34 GMT
Content-Encoding
gzip
Last-Modified
Wed, 26 Jun 2019 16:03:28 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
font/woff
Cache-Control
max-age=864000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
61247
Expires
Fri, 15 May 2020 15:31:34 GMT
css
fonts.googleapis.com/ 		4 KB
851 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400%7COswald:700%7CVidaloka
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fe36bf1b0b03ac56cc0042e975b29b92631807af559574cc86717abd0a32e7d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.aditumpartners.com/splunk-resources/blog/splunk-attack-range-setup-guide/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 05 May 2020 15:31:34 GMT
server
ESF
date
Tue, 05 May 2020 15:31:34 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 05 May 2020 15:31:34 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: www.aditumpartners.com
URL: https://www.aditumpartners.com/splunk-resources/blog/splunk-attack-range-setup-guide/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400%7COswald:700%7CVidaloka
Origin
https://www.aditumpartners.com

Response headers

date
Wed, 15 Apr 2020 23:49:44 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:49 GMT
server
sffe
age
1698110
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9132
x-xss-protection
0
expires
Thu, 15 Apr 2021 23:49:44 GMT
TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiYySUhiCXAA.woff
fonts.gstatic.com/s/oswald/v31/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v31/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiYySUhiCXAA.woff
Requested by
Host: www.aditumpartners.com
URL: https://www.aditumpartners.com/splunk-resources/blog/splunk-attack-range-setup-guide/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db38bbd1d1cdf5e5c1ea2d81bfa277fbfa0c39282998ca43999174f7e1292c14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400%7COswald:700%7CVidaloka
Origin
https://www.aditumpartners.com

Response headers

date
Tue, 14 Apr 2020 12:18:12 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Mar 2020 00:19:38 GMT
server
sffe
age
1826002
status
200
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13072
x-xss-protection
0
expires
Wed, 14 Apr 2021 12:18:12 GMT
7cHrv4c3ipenMKlEavs7wH8Dnzcj.woff2
fonts.gstatic.com/s/vidaloka/v12/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/vidaloka/v12/7cHrv4c3ipenMKlEavs7wH8Dnzcj.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c599ffec9cb9345b474af46450964b70c5934d9bc242cd82e17a7eb44bc4f6ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400%7COswald:700%7CVidaloka
Origin
https://www.aditumpartners.com

Response headers

date
Tue, 14 Apr 2020 12:23:44 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 03:02:09 GMT
server
sffe
age
1825670
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15940
x-xss-protection
0
expires
Wed, 14 Apr 2021 12:23:44 GMT
2500102.js
js.hs-scripts.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/2500102.js?integration=WordPress
Requested by
Host: www.aditumpartners.com
URL: https://www.aditumpartners.com/splunk-resources/blog/splunk-attack-range-setup-guide/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:d3cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.aditumpartners.com/splunk-resources/blog/splunk-attack-range-setup-guide/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

access-control-allow-origin
https://www.aditumpartners.com
access-control-allow-credentials
true
access-control-max-age
3600
fontawesome-webfont.woff2
www.aditumpartners.com/wp-content/themes/dante/css/font/ 		70 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.aditumpartners.com/wp-content/themes/dante/css/font/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: www.aditumpartners.com
URL: https://www.aditumpartners.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.8.123.106 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
server1.cobolthosting.com
Software
Apache /
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.aditumpartners.com/wp-content/cache/autoptimize/css/autoptimize_d93949778d7b482b36214bdb301cb596.css
Origin
https://www.aditumpartners.com

Response headers

Date
Tue, 05 May 2020 15:31:36 GMT
Content-Encoding
gzip
Last-Modified
Wed, 26 Jun 2019 16:03:28 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
font/woff2
Cache-Control
max-age=864000
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Expires
Fri, 15 May 2020 15:31:36 GMT
truncated
/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d02f66b2c4e26b3ba063c199ce126f434a81fc3f8746149a0955ea778fe5e853

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
Origin
https://www.aditumpartners.com

Response headers

Content-Type
application/x-font-woff;charset=utf-8

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| html object| WebFontConfig function| writeCookie string| the_cookie object| _wpemojiSettings undefined| $ function| jQuery object| uiAutocompleteL10n object| EM object| _hsq string| ajaxurl function| setREVStartSize number| crwpVer object| WebFont object| twemoji object| wp function| CallTrkSwap object| CallTrk object| leadin_wordpress object| mojospOptions function| em_load_jquery_css function| em_setup_datepicker function| em_setup_timepicker function| em_ajaxify boolean| em_maps_loaded object| maps object| maps_markers undefined| infoWindow function| em_maps_load function| em_maps_load_locations function| em_maps_load_location function| em_maps function| em_map_infobox function| em_esc_attr undefined| oldgs object| punchgs object| _gsScope function| si_captcha_refresh object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill undefined| oldgs_queue undefined| GreenSockGlobals undefined| _gsQueue object| jQuery11240825027976561755 object| html5 object| Modernizr function| yepnope object| classie function| AnimOnScroll function| getStyleProperty function| getSize object| eventie function| docReady function| EventEmitter function| matchesSelector function| Outlayer function| Masonry object| NiceScroll object| browserPrefixes function| Isotope function| imagesLoaded string| $arrow number| pl

3 Cookies

Domain/Path Name / Value
.youtube.com/ Name: GPS
Value: 1
.youtube.com/ Name: YSC
Value: 46_MpmLnJl4
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: wcGUBscdwJ8

1 Console Messages

Source Level URL
Text
console-api log URL: https://www.aditumpartners.com/wp-content/cache/autoptimize/js/autoptimize_8e948c8a92a3b3cc0b36b7a1b036932c.js(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js.hs-scripts.com
www.aditumpartners.com
www.google.com
www.google.de
www.youtube.com
2606:4700::6811:d3cc
2a00:1450:4001:800::2003
2a00:1450:4001:801::200e
2a00:1450:4001:814::200a
2a00:1450:4001:816::2002
2a00:1450:4001:819::2004
2a00:1450:4001:81b::200a
2a00:1450:4001:824::2003
96.8.123.106
0a18049c8ca716921949d1ef59b2ab1cbbcdcff7e0b1b37fcb290aa38fef59e9
18aa66c192cbef43a61b1398c292ae5c6c1d40d679428ee998b1c6bfaf61d75a
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
3de03348d1a506c2ee921e7cfc001d56f396eed7f405984e74c3259cef9472b8
417258405f19c0f4df9dec2684e5673c2defca010a25ec50d3fef43f63991a67
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
55d009210f9219f7b271061621dcbf92940338fd47625e581ecc00c61bf38c94
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8da7081257c9060af6524e170398df1abb7a8a74bd4aae8a167d0e9432383422
997e2fa1c57e684e7ae5097512e3a265e56fe0866cfaf9caa3566e5c83c3a9c6
9ebd3b82cb0c5b676b4918f5f81c8ad1fcd95d9c151be17bba88746462c4ec4d
a008ccf1c8cc14acde946657cbbd710238df2199ba88db1049047596c1efae15
c360f94ff383f46d160c95ea0a3e395fed1ef5183e596f75360d2c33c0677226
c3d9e47545cd08a3b6900d65b13c604fc62d61faee96c43ef9c7b3ed99af996a
c599ffec9cb9345b474af46450964b70c5934d9bc242cd82e17a7eb44bc4f6ce
d02f66b2c4e26b3ba063c199ce126f434a81fc3f8746149a0955ea778fe5e853
db38bbd1d1cdf5e5c1ea2d81bfa277fbfa0c39282998ca43999174f7e1292c14
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fae6cb206c1dd6bf7a5abd50b7454bb14b20f5e61071d6a9fe92c74a87fc59b7
fe36bf1b0b03ac56cc0042e975b29b92631807af559574cc86717abd0a32e7d7