urlscan.io logo urlscan.io
SecurityTrails logo

www.cyjax.com Open in urlscan Pro
185.117.199.239  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://cyjax.com/2022/11/14/fangxiao-a-chinese-threat-actor
Effective URL: https://www.cyjax.com/2022/11/14/fangxiao-a-chinese-threat-actor/
Submission: On January 26 via api from IT — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 4 countries across 13 domains to perform 44 HTTP transactions. The main IP is 185.117.199.239, located in United Kingdom and belongs to 24SHELLS, US. The main domain is www.cyjax.com.
TLS certificate: Issued by Starfield Secure Certificate Authorit... on October 18th 2022. Valid for: a year.
This is the only time www.cyjax.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 14 185.117.199.239 55081 (24SHELLS)
8 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 172.65.208.22 13335 (CLOUDFLAR...)
2 34.250.118.26 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
1 172.65.238.60 13335 (CLOUDFLAR...)
1 172.65.192.122 13335 (CLOUDFLAR...)
1 172.65.202.201 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 172.65.202.85 13335 (CLOUDFLAR...)
1 172.65.193.34 ()
1 172.65.240.166 ()
1 46.101.13.61 14061 (DIGITALOC...)
1 172.65.236.181 ()
44 17
14    185.117.199.239 (United Kingdom)

ASN55081 (24SHELLS, US)
cyjax.com
www.cyjax.com
8    2606:4700:20::681a:146 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-cookieyes.com
1    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    172.65.208.22 (United States)

ASN13335 (CLOUDFLARENET, US)
js-eu1.hs-scripts.com
2    34.250.118.26 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-118-26.eu-west-1.compute.amazonaws.com
log.cookieyes.com
5    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    172.65.238.60 (United States)

ASN13335 (CLOUDFLARENET, US)
js-eu1.hs-analytics.net
1    172.65.192.122 (United States)

ASN13335 (CLOUDFLARENET, US)
js-eu1.hscollectedforms.net
1    172.65.202.201 (United States)

ASN13335 (CLOUDFLARENET, US)
js-eu1.hs-banner.com
1    2606:4700::6811:eecc (United States)

ASN13335 (CLOUDFLARENET, US)
js-eu1.usemessages.com
2    172.65.202.85 (United States)

ASN13335 (CLOUDFLARENET, US)
api-eu1.hubspot.com
1    172.65.193.34 (None, )

ASN- ()
forms-eu1.hubspot.com
1    172.65.240.166 (None, )

ASN- ()
track-eu1.hubspot.com
1    46.101.13.61 (London, United Kingdom)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: 529751.cloudwaysapps.com
directory.cookieyes.com
1    172.65.236.181 (None, )

ASN- ()
app-eu1.hubspot.com
Apex Domain
Subdomains		 Transfer
14 cyjax.com
cyjax.com
www.cyjax.com
1 MB
8 cdn-cookieyes.com
cdn-cookieyes.com — Cisco Umbrella Rank: 17304
79 KB
5 hubspot.com
api-eu1.hubspot.com — Cisco Umbrella Rank: 55760
forms-eu1.hubspot.com
track-eu1.hubspot.com
app-eu1.hubspot.com
23 KB
5 gstatic.com
fonts.gstatic.com
80 KB
3 cookieyes.com
log.cookieyes.com — Cisco Umbrella Rank: 19255
directory.cookieyes.com — Cisco Umbrella Rank: 22515
628 B
1 usemessages.com
js-eu1.usemessages.com — Cisco Umbrella Rank: 61089
21 KB
1 hs-banner.com
js-eu1.hs-banner.com — Cisco Umbrella Rank: 20211
63 KB
1 hscollectedforms.net
js-eu1.hscollectedforms.net — Cisco Umbrella Rank: 31576
25 KB
1 hs-analytics.net
js-eu1.hs-analytics.net — Cisco Umbrella Rank: 20729
21 KB
1 hs-scripts.com
js-eu1.hs-scripts.com — Cisco Umbrella Rank: 18898
899 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 34
1 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
43 KB
0 hsappstatic.net Failed
static.hsappstatic.net Failed
44 13
Domain Requested by
12 www.cyjax.com www.cyjax.com
8 cdn-cookieyes.com www.cyjax.com
cdn-cookieyes.com
5 fonts.gstatic.com fonts.googleapis.com
2 api-eu1.hubspot.com js-eu1.usemessages.com
2 log.cookieyes.com cdn-cookieyes.com
2 cyjax.com 2 redirects
1 app-eu1.hubspot.com js-eu1.usemessages.com
1 directory.cookieyes.com cdn-cookieyes.com
1 track-eu1.hubspot.com
1 forms-eu1.hubspot.com js-eu1.hscollectedforms.net
1 js-eu1.usemessages.com js-eu1.hs-scripts.com
1 js-eu1.hs-banner.com js-eu1.hs-scripts.com
1 js-eu1.hscollectedforms.net js-eu1.hs-scripts.com
1 js-eu1.hs-analytics.net js-eu1.hs-scripts.com
1 js-eu1.hs-scripts.com www.cyjax.com
1 fonts.googleapis.com www.cyjax.com
1 www.googletagmanager.com www.cyjax.com
0 static.hsappstatic.net Failed app-eu1.hubspot.com
44 18

This site contains links to these domains. Also see Links.

Domain
www.cookieyes.com
twitter.com
www.linkedin.com
Subject Issuer Validity Valid
*.cyjax.com
Starfield Secure Certificate Authority - G2		 2022-10-18 -
2023-11-19		 a year crt.sh
*.cdn-cookieyes.com
E1		 2022-12-12 -
2023-03-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-03 -
2023-06-02		 a year crt.sh
log.cookieyes.com
Amazon		 2022-05-25 -
2023-06-23		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
hubspot.com
Cloudflare Inc ECC CA-3		 2022-03-08 -
2023-03-07		 a year crt.sh
directory.cookieyes.com
R3		 2023-01-14 -
2023-04-14		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.cyjax.com/2022/11/14/fangxiao-a-chinese-threat-actor/
Frame ID: A34DB7E360D40AA4C8E108C2BE90601F
Requests: 38 HTTP requests in this frame

Frame: https://app-eu1.hubspot.com/conversations-visitor/25481865/threads/utk/954e988839e64799b29980c927c689c6?uuid=6a372d6d34ff41e29667a4c0513a0cf2&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=cyjax.com&inApp53=false&messagesUtk=954e988839e64799b29980c927c689c6&url=https%3A%2F%2Fwww.cyjax.com%2F2022%2F11%2F14%2Ffangxiao-a-chinese-threat-actor%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Frame ID: 1C0569EEDE2D87452C0AE0C657B270E2
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

CyjaxDownPrevNextTwitterLinkedinClose

Page URL History Show full URLs

  1. http://cyjax.com/2022/11/14/fangxiao-a-chinese-threat-actor HTTP 301
    https://cyjax.com/2022/11/14/fangxiao-a-chinese-threat-actor HTTP 301
    https://www.cyjax.com/2022/11/14/fangxiao-a-chinese-threat-actor/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

44
Requests

91 %
HTTPS

31 %
IPv6

13
Domains

18
Subdomains

17
IPs

4
Countries

1725 kB
Transfer

2242 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://cyjax.com/2022/11/14/fangxiao-a-chinese-threat-actor HTTP 301
    https://cyjax.com/2022/11/14/fangxiao-a-chinese-threat-actor HTTP 301
    https://www.cyjax.com/2022/11/14/fangxiao-a-chinese-threat-actor/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

44 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.cyjax.com/2022/11/14/fangxiao-a-chinese-threat-actor/
Redirect Chain
  • http://cyjax.com/2022/11/14/fangxiao-a-chinese-threat-actor
  • https://cyjax.com/2022/11/14/fangxiao-a-chinese-threat-actor
  • https://www.cyjax.com/2022/11/14/fangxiao-a-chinese-threat-actor/
109 KB
111 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.cyjax.com/2022/11/14/fangxiao-a-chinese-threat-actor/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.117.199.239 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
nginx /
Resource Hash
6e9cdd4fc3e0cec79e10b9b9802a7fa344a314049d066635894996ae770bbfa3
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://js-eu1.hs-banner.com https://js-eu1.hs-analytics.net https://js-eu1.usemessages.com https://js-eu1.hscollectedforms.net https://js-eu1.hs-scripts.com https://cdn.syndication.twimg.com https://www.google-analytics.com https://ampcid.google.com https://www.googletagmanager.com https://platform.twitter.com https://cdn-cookieyes.com; img-src 'self' https://forms-eu1.hsforms.com https://cdn-cookieyes.com https://forms-eu1.hubspot.com https://track-eu1.hubspot.com https://ton.twimg.com https://platform.twitter.com https://abs.twimg.com https://pbs.twimg.com https://www.google-analytics.com https://secure.gravatar.com data: https://ssl.google-analytics.com; style-src 'self' 'unsafe-inline' https://ton.twimg.com https://platform.twitter.com https://fonts.googleapis.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' https://app-eu1.hubspot.com/ https://syndication.twitter.com https://platform.twitter.com; object-src 'self'; connect-src https://forms-eu1.hubspot.com https://api-eu1.hubspot.com https://ampcid.google.com https://www.google-analytics.com https://www.cyjax.com https://log.cookieyes.com https://cdn-cookieyes.com https://directory.cookieyes.com https://consentlog.cookieyes.com/
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Connection
keep-alive
Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://js-eu1.hs-banner.com https://js-eu1.hs-analytics.net https://js-eu1.usemessages.com https://js-eu1.hscollectedforms.net https://js-eu1.hs-scripts.com https://cdn.syndication.twimg.com https://www.google-analytics.com https://ampcid.google.com https://www.googletagmanager.com https://platform.twitter.com https://cdn-cookieyes.com; img-src 'self' https://forms-eu1.hsforms.com https://cdn-cookieyes.com https://forms-eu1.hubspot.com https://track-eu1.hubspot.com https://ton.twimg.com https://platform.twitter.com https://abs.twimg.com https://pbs.twimg.com https://www.google-analytics.com https://secure.gravatar.com data: https://ssl.google-analytics.com; style-src 'self' 'unsafe-inline' https://ton.twimg.com https://platform.twitter.com https://fonts.googleapis.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' https://app-eu1.hubspot.com/ https://syndication.twitter.com https://platform.twitter.com; object-src 'self'; connect-src https://forms-eu1.hubspot.com https://api-eu1.hubspot.com https://ampcid.google.com https://www.google-analytics.com https://www.cyjax.com https://log.cookieyes.com https://cdn-cookieyes.com https://directory.cookieyes.com https://consentlog.cookieyes.com/
Content-Type
text/html; charset=UTF-8
Date
Thu, 26 Jan 2023 00:07:29 GMT
Feature-Policy
sync-xhr
Link
<https://www.cyjax.com/wp-json/>; rel="https://api.w.org/" <https://www.cyjax.com/wp-json/wp/v2/posts/7175>; rel="alternate"; type="application/json" <https://www.cyjax.com/?p=7175>; rel=shortlink
Referrer-Policy
no-referrer
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://js-eu1.hs-banner.com https://js-eu1.hs-analytics.net https://js-eu1.usemessages.com https://js-eu1.hscollectedforms.net https://js-eu1.hs-scripts.com https://cdn.syndication.twimg.com https://www.google-analytics.com https://ampcid.google.com https://www.googletagmanager.com https://platform.twitter.com https://cdn-cookieyes.com; img-src 'self' https://forms-eu1.hsforms.com https://cdn-cookieyes.com https://forms-eu1.hubspot.com https://track-eu1.hubspot.com https://ton.twimg.com https://platform.twitter.com https://abs.twimg.com https://pbs.twimg.com https://www.google-analytics.com https://secure.gravatar.com data: https://ssl.google-analytics.com; style-src 'self' 'unsafe-inline' https://ton.twimg.com https://platform.twitter.com https://fonts.googleapis.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' https://app-eu1.hubspot.com/ https://syndication.twitter.com https://platform.twitter.com; object-src 'self'; connect-src https://forms-eu1.hubspot.com https://api-eu1.hubspot.com https://ampcid.google.com https://www.google-analytics.com https://www.cyjax.com https://log.cookieyes.com https://cdn-cookieyes.com https://directory.cookieyes.com https://consentlog.cookieyes.com/
Content-Type
text/html; charset=UTF-8
Date
Thu, 26 Jan 2023 00:07:28 GMT
Feature-Policy
sync-xhr
Location
https://www.cyjax.com/2022/11/14/fangxiao-a-chinese-threat-actor/
Referrer-Policy
no-referrer
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Redirect-By
WordPress
X-XSS-Protection
1; mode=block
script.js
cdn-cookieyes.com/client_data/275c30b519a9cb0dc574ce13/ 		94 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-cookieyes.com/client_data/275c30b519a9cb0dc574ce13/script.js
Requested by
Host: www.cyjax.com
URL: https://www.cyjax.com/2022/11/14/fangxiao-a-chinese-threat-actor/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
123200a955b1a1f93068038f842875bb26c0d51f9d4fcfe8bcccae410be3d4e8

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 26 Jan 2023 00:07:29 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 05 Jan 2023 00:37:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
230556
etag
W/"177e3-5f17981ef00a8-gzip"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mbUDSABElTWnQ%2FfGLj7blD5nf3v5nQy12q4%2BjNJeTuMY4weNsXEXVSfQfatrx%2BVuPvAzc7levsKI02S2li8pIE7AEdCsUh%2FWK0hE%2BIV8e8egMPm43WpO71oFpd8EYrjoC47uoV9Yc8CuyEVotZ%2F0"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray
78f5023a5f7b7735-LHR
js
www.googletagmanager.com/gtag/ 		110 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-67576708-1
Requested by
Host: www.cyjax.com
URL: https://www.cyjax.com/2022/11/14/fangxiao-a-chinese-threat-actor/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
57ed32ab780a656f95032e7126fda798afdf021b0b3bbbee0e4e5c94b64ad85c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 26 Jan 2023 00:07:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
43959
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 26 Jan 2023 00:07:29 GMT
style.min.css
www.cyjax.com/wp/wp-includes/css/dist/block-library/ 		93 KB
94 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cyjax.com/wp/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by
Host: www.cyjax.com
URL: https://www.cyjax.com/2022/11/14/fangxiao-a-chinese-threat-actor/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.117.199.239 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
nginx /
Resource Hash
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://js-eu1.hs-banner.com https://js-eu1.hs-analytics.net https://js-eu1.usemessages.com https://js-eu1.hscollectedforms.net https://js-eu1.hs-scripts.com https://cdn.syndication.twimg.com https://www.google-analytics.com https://ampcid.google.com https://www.googletagmanager.com https://platform.twitter.com https://cdn-cookieyes.com; img-src 'self' https://forms-eu1.hsforms.com https://cdn-cookieyes.com https://forms-eu1.hubspot.com https://track-eu1.hubspot.com https://ton.twimg.com https://platform.twitter.com https://abs.twimg.com https://pbs.twimg.com https://www.google-analytics.com https://secure.gravatar.com data: https://ssl.google-analytics.com; style-src 'self' 'unsafe-inline' https://ton.twimg.com https://platform.twitter.com https://fonts.googleapis.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' https://app-eu1.hubspot.com/ https://syndication.twitter.com https://platform.twitter.com; object-src 'self'; connect-src https://forms-eu1.hubspot.com https://api-eu1.hubspot.com https://ampcid.google.com https://www.google-analytics.com https://www.cyjax.com https://log.cookieyes.com https://cdn-cookieyes.com https://directory.cookieyes.com https://consentlog.cookieyes.com/
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Thu, 26 Jan 2023 00:07:29 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
no-referrer
Last-Modified
Fri, 11 Nov 2022 14:56:45 GMT
Server
nginx
Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://js-eu1.hs-banner.com https://js-eu1.hs-analytics.net https://js-eu1.usemessages.com https://js-eu1.hscollectedforms.net https://js-eu1.hs-scripts.com https://cdn.syndication.twimg.com https://www.google-analytics.com https://ampcid.google.com https://www.googletagmanager.com https://platform.twitter.com https://cdn-cookieyes.com; img-src 'self' https://forms-eu1.hsforms.com https://cdn-cookieyes.com https://forms-eu1.hubspot.com https://track-eu1.hubspot.com https://ton.twimg.com https://platform.twitter.com https://abs.twimg.com https://pbs.twimg.com https://www.google-analytics.com https://secure.gravatar.com data: https://ssl.google-analytics.com; style-src 'self' 'unsafe-inline' https://ton.twimg.com https://platform.twitter.com https://fonts.googleapis.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' https://app-eu1.hubspot.com/ https://syndication.twitter.com https://platform.twitter.com; object-src 'self'; connect-src https://forms-eu1.hubspot.com https://api-eu1.hubspot.com https://ampcid.google.com https://www.google-analytics.com https://www.cyjax.com https://log.cookieyes.com https://cdn-cookieyes.com https://directory.cookieyes.com https://consentlog.cookieyes.com/
ETag
"636e62ad-172a9"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Feature-Policy
sync-xhr
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
94889
X-XSS-Protection
1; mode=block
classic-themes.min.css
www.cyjax.com/wp/wp-includes/css/ 		217 B
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cyjax.com/wp/wp-includes/css/classic-themes.min.css?ver=1
Requested by
Host: www.cyjax.com
URL: https://www.cyjax.com/2022/11/14/fangxiao-a-chinese-threat-actor/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.117.199.239 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
nginx /
Resource Hash
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://js-eu1.hs-banner.com https://js-eu1.hs-analytics.net https://js-eu1.usemessages.com https://js-eu1.hscollectedforms.net https://js-eu1.hs-scripts.com https://cdn.syndication.twimg.com https://www.google-analytics.com https://ampcid.google.com https://www.googletagmanager.com https://platform.twitter.com https://cdn-cookieyes.com; img-src 'self' https://forms-eu1.hsforms.com https://cdn-cookieyes.com https://forms-eu1.hubspot.com https://track-eu1.hubspot.com https://ton.twimg.com https://platform.twitter.com https://abs.twimg.com https://pbs.twimg.com https://www.google-analytics.com https://secure.gravatar.com data: https://ssl.google-analytics.com; style-src 'self' 'unsafe-inline' https://ton.twimg.com https://platform.twitter.com https://fonts.googleapis.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' https://app-eu1.hubspot.com/ https://syndication.twitter.com https://platform.twitter.com; object-src 'self'; connect-src https://forms-eu1.hubspot.com https://api-eu1.hubspot.com https://ampcid.google.com https://www.google-analytics.com https://www.cyjax.com https://log.cookieyes.com https://cdn-cookieyes.com https://directory.cookieyes.com https://consentlog.cookieyes.com/
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Thu, 26 Jan 2023 00:07:29 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
no-referrer
Last-Modified
Tue, 25 Oct 2022 13:45:16 GMT
Server
nginx
Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://js-eu1.hs-banner.com https://js-eu1.hs-analytics.net https://js-eu1.usemessages.com https://js-eu1.hscollectedforms.net https://js-eu1.hs-scripts.com https://cdn.syndication.twimg.com https://www.google-analytics.com https://ampcid.google.com https://www.googletagmanager.com https://platform.twitter.com https://cdn-cookieyes.com; img-src 'self' https://forms-eu1.hsforms.com https://cdn-cookieyes.com https://forms-eu1.hubspot.com https://track-eu1.hubspot.com https://ton.twimg.com https://platform.twitter.com https://abs.twimg.com https://pbs.twimg.com https://www.google-analytics.com https://secure.gravatar.com data: https://ssl.google-analytics.com; style-src 'self' 'unsafe-inline' https://ton.twimg.com https://platform.twitter.com https://fonts.googleapis.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' https://app-eu1.hubspot.com/ https://syndication.twitter.com https://platform.twitter.com; object-src 'self'; connect-src https://forms-eu1.hubspot.com https://api-eu1.hubspot.com https://ampcid.google.com https://www.google-analytics.com https://www.cyjax.com https://log.cookieyes.com https://cdn-cookieyes.com https://directory.cookieyes.com https://consentlog.cookieyes.com/
ETag
"6357e86c-d9"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Feature-Policy
sync-xhr
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
217
X-XSS-Protection
1; mode=block
default.css
www.cyjax.com/app/plugins/tablepress/css/build/ 		6 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cyjax.com/app/plugins/tablepress/css/build/default.css?ver=2.0.4
Requested by
Host: www.cyjax.com
URL: https://www.cyjax.com/2022/11/14/fangxiao-a-chinese-threat-actor/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.117.199.239 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
nginx /
Resource Hash
b7193bd1228920067e241fc9b5c987bfa8eb9b9dc06e986ff31e338b1f06d93f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://js-eu1.hs-banner.com https://js-eu1.hs-analytics.net https://js-eu1.usemessages.com https://js-eu1.hscollectedforms.net https://js-eu1.hs-scripts.com https://cdn.syndication.twimg.com https://www.google-analytics.com https://ampcid.google.com https://www.googletagmanager.com https://platform.twitter.com https://cdn-cookieyes.com; img-src 'self' https://forms-eu1.hsforms.com https://cdn-cookieyes.com https://forms-eu1.hubspot.com https://track-eu1.hubspot.com https://ton.twimg.com https://platform.twitter.com https://abs.twimg.com https://pbs.twimg.com https://www.google-analytics.com https://secure.gravatar.com data: https://ssl.google-analytics.com; style-src 'self' 'unsafe-inline' https://ton.twimg.com https://platform.twitter.com https://fonts.googleapis.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' https://app-eu1.hubspot.com/ https://syndication.twitter.com https://platform.twitter.com; object-src 'self'; connect-src https://forms-eu1.hubspot.com https://api-eu1.hubspot.com https://ampcid.google.com https://www.google-analytics.com https://www.cyjax.com https://log.cookieyes.com https://cdn-cookieyes.com https://directory.cookieyes.com https://consentlog.cookieyes.com/
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Thu, 26 Jan 2023 00:07:29 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
no-referrer
Last-Modified
Fri, 20 Jan 2023 06:25:00 GMT
Server
nginx
Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://js-eu1.hs-banner.com https://js-eu1.hs-analytics.net https://js-eu1.usemessages.com https://js-eu1.hscollectedforms.net https://js-eu1.hs-scripts.com https://cdn.syndication.twimg.com https://www.google-analytics.com https://ampcid.google.com https://www.googletagmanager.com https://platform.twitter.com https://cdn-cookieyes.com; img-src 'self' https://forms-eu1.hsforms.com https://cdn-cookieyes.com https://forms-eu1.hubspot.com https://track-eu1.hubspot.com https://ton.twimg.com https://platform.twitter.com https://abs.twimg.com https://pbs.twimg.com https://www.google-analytics.com https://secure.gravatar.com data: https://ssl.google-analytics.com; style-src 'self' 'unsafe-inline' https://ton.twimg.com https://platform.twitter.com https://fonts.googleapis.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' https://app-eu1.hubspot.com/ https://syndication.twitter.com https://platform.twitter.com; object-src 'self'; connect-src https://forms-eu1.hubspot.com https://api-eu1.hubspot.com https://ampcid.google.com https://www.google-analytics.com https://www.cyjax.com https://log.cookieyes.com https://cdn-cookieyes.com https://directory.cookieyes.com https://consentlog.cookieyes.com/
ETag
"63ca33bc-17b4"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Feature-Policy
sync-xhr
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6068
X-XSS-Protection
1; mode=block
main_373ca34c.css
www.cyjax.com/app/themes/cyjax/dist/styles/ 		295 KB
297 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cyjax.com/app/themes/cyjax/dist/styles/main_373ca34c.css
Requested by
Host: www.cyjax.com
URL: https://www.cyjax.com/2022/11/14/fangxiao-a-chinese-threat-actor/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.117.199.239 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
nginx /
Resource Hash
017f5ec24ebe961dfdd98f939ac7f680288987bef1d5f61db6e75de441103aa4
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://js-eu1.hs-banner.com https://js-eu1.hs-analytics.net https://js-eu1.usemessages.com https://js-eu1.hscollectedforms.net https://js-eu1.hs-scripts.com https://cdn.syndication.twimg.com https://www.google-analytics.com https://ampcid.google.com https://www.googletagmanager.com https://platform.twitter.com https://cdn-cookieyes.com; img-src 'self' https://forms-eu1.hsforms.com https://cdn-cookieyes.com https://forms-eu1.hubspot.com https://track-eu1.hubspot.com https://ton.twimg.com https://platform.twitter.com https://abs.twimg.com https://pbs.twimg.com https://www.google-analytics.com https://secure.gravatar.com data: https://ssl.google-analytics.com; style-src 'self' 'unsafe-inline' https://ton.twimg.com https://platform.twitter.com https://fonts.googleapis.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' https://app-eu1.hubspot.com/ https://syndication.twitter.com https://platform.twitter.com; object-src 'self'; connect-src https://forms-eu1.hubspot.com https://api-eu1.hubspot.com https://ampcid.google.com https://www.google-analytics.com https://www.cyjax.com https://log.cookieyes.com https://cdn-cookieyes.com https://directory.cookieyes.com https://consentlog.cookieyes.com/
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Thu, 26 Jan 2023 00:07:29 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
no-referrer
Last-Modified
Mon, 16 Jan 2023 15:52:40 GMT
Server
nginx
Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://js-eu1.hs-banner.com https://js-eu1.hs-analytics.net https://js-eu1.usemessages.com https://js-eu1.hscollectedforms.net https://js-eu1.hs-scripts.com https://cdn.syndication.twimg.com https://www.google-analytics.com https://ampcid.google.com https://www.googletagmanager.com https://platform.twitter.com https://cdn-cookieyes.com; img-src 'self' https://forms-eu1.hsforms.com https://cdn-cookieyes.com https://forms-eu1.hubspot.com https://track-eu1.hubspot.com https://ton.twimg.com https://platform.twitter.com https://abs.twimg.com https://pbs.twimg.com https://www.google-analytics.com https://secure.gravatar.com data: https://ssl.google-analytics.com; style-src 'self' 'unsafe-inline' https://ton.twimg.com https://platform.twitter.com https://fonts.googleapis.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' https://app-eu1.hubspot.com/ https://syndication.twitter.com https://platform.twitter.com; object-src 'self'; connect-src https://forms-eu1.hubspot.com https://api-eu1.hubspot.com https://ampcid.google.com https://www.google-analytics.com https://www.cyjax.com https://log.cookieyes.com https://cdn-cookieyes.com https://directory.cookieyes.com https://consentlog.cookieyes.com/
ETag
"63c572c8-49cbc"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Feature-Policy
sync-xhr
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
302268
X-XSS-Protection
1; mode=block
css
fonts.googleapis.com/ 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,700,700i&subset=latin-ext
Requested by
Host: www.cyjax.com
URL: https://www.cyjax.com/2022/11/14/fangxiao-a-chinese-threat-actor/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cdb22a8531a0d424501de38b5920f1093a58b458d33e0761fa9de692b0cafd98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
Origin
https://www.cyjax.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 26 Jan 2023 00:07:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 26 Jan 2023 00:07:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 26 Jan 2023 00:07:29 GMT
frontend-gtag.min.js
www.cyjax.com/app/plugins/exactmetrics-premium/assets/js/ 		12 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cyjax.com/app/plugins/exactmetrics-premium/assets/js/frontend-gtag.min.js?ver=7.12.1
Requested by
Host: www.cyjax.com
URL: https://www.cyjax.com/2022/11/14/fangxiao-a-chinese-threat-actor/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.117.199.239 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
nginx /
Resource Hash
23eb134e746f1e5c265c5d33d045af48c444617adaa281fb993d6070bdc04c9f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://js-eu1.hs-banner.com https://js-eu1.hs-analytics.net https://js-eu1.usemessages.com https://js-eu1.hscollectedforms.net https://js-eu1.hs-scripts.com https://cdn.syndication.twimg.com https://www.google-analytics.com https://ampcid.google.com https://www.googletagmanager.com https://platform.twitter.com https://cdn-cookieyes.com; img-src 'self' https://forms-eu1.hsforms.com https://cdn-cookieyes.com https://forms-eu1.hubspot.com https://track-eu1.hubspot.com https://ton.twimg.com https://platform.twitter.com https://abs.twimg.com https://pbs.twimg.com https://www.google-analytics.com https://secure.gravatar.com data: https://ssl.google-analytics.com; style-src 'self' 'unsafe-inline' https://ton.twimg.com https://platform.twitter.com https://fonts.googleapis.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' https://app-eu1.hubspot.com/ https://syndication.twitter.com https://platform.twitter.com; object-src 'self'; connect-src https://forms-eu1.hubspot.com https://api-eu1.hubspot.com https://ampcid.google.com https://www.google-analytics.com https://www.cyjax.com https://log.cookieyes.com https://cdn-cookieyes.com https://directory.cookieyes.com https://consentlog.cookieyes.com/
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Thu, 26 Jan 2023 00:07:29 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
no-referrer
Last-Modified
Mon, 16 Jan 2023 15:30:21 GMT
Server
nginx
Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://js-eu1.hs-banner.com https://js-eu1.hs-analytics.net https://js-eu1.usemessages.com https://js-eu1.hscollectedforms.net https://js-eu1.hs-scripts.com https://cdn.syndication.twimg.com https://www.google-analytics.com https://ampcid.google.com https://www.googletagmanager.com https://platform.twitter.com https://cdn-cookieyes.com; img-src 'self' https://forms-eu1.hsforms.com https://cdn-cookieyes.com https://forms-eu1.hubspot.com https://track-eu1.hubspot.com https://ton.twimg.com https://platform.twitter.com https://abs.twimg.com https://pbs.twimg.com https://www.google-analytics.com https://secure.gravatar.com data: https://ssl.google-analytics.com; style-src 'self' 'unsafe-inline' https://ton.twimg.com https://platform.twitter.com https://fonts.googleapis.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' https://app-eu1.hubspot.com/ https://syndication.twitter.com https://platform.twitter.com; object-src 'self'; connect-src https://forms-eu1.hubspot.com https://api-eu1.hubspot.com https://ampcid.google.com https://www.google-analytics.com https://www.cyjax.com https://log.cookieyes.com https://cdn-cookieyes.com https://directory.cookieyes.com https://consentlog.cookieyes.com/
ETag
"63c56d8d-2e3b"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Feature-Policy
sync-xhr
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11835
X-XSS-Protection
1; mode=block
jquery.min.js
www.cyjax.com/wp/wp-includes/js/jquery/ 		88 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cyjax.com/wp/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by
Host: www.cyjax.com
URL: https://www.cyjax.com/2022/11/14/fangxiao-a-chinese-threat-actor/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.117.199.239 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
nginx /
Resource Hash
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://js-eu1.hs-banner.com https://js-eu1.hs-analytics.net https://js-eu1.usemessages.com https://js-eu1.hscollectedforms.net https://js-eu1.hs-scripts.com https://cdn.syndication.twimg.com https://www.google-analytics.com https://ampcid.google.com https://www.googletagmanager.com https://platform.twitter.com https://cdn-cookieyes.com; img-src 'self' https://forms-eu1.hsforms.com https://cdn-cookieyes.com https://forms-eu1.hubspot.com https://track-eu1.hubspot.com https://ton.twimg.com https://platform.twitter.com https://abs.twimg.com https://pbs.twimg.com https://www.google-analytics.com https://secure.gravatar.com data: https://ssl.google-analytics.com; style-src 'self' 'unsafe-inline' https://ton.twimg.com https://platform.twitter.com https://fonts.googleapis.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' https://app-eu1.hubspot.com/ https://syndication.twitter.com https://platform.twitter.com; object-src 'self'; connect-src https://forms-eu1.hubspot.com https://api-eu1.hubspot.com https://ampcid.google.com https://www.google-analytics.com https://www.cyjax.com https://log.cookieyes.com https://cdn-cookieyes.com https://directory.cookieyes.com https://consentlog.cookieyes.com/
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Thu, 26 Jan 2023 00:07:29 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
no-referrer
Last-Modified
Mon, 19 Sep 2022 14:16:24 GMT
Server
nginx
Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://js-eu1.hs-banner.com https://js-eu1.hs-analytics.net https://js-eu1.usemessages.com https://js-eu1.hscollectedforms.net https://js-eu1.hs-scripts.com https://cdn.syndication.twimg.com https://www.google-analytics.com https://ampcid.google.com https://www.googletagmanager.com https://platform.twitter.com https://cdn-cookieyes.com; img-src 'self' https://forms-eu1.hsforms.com https://cdn-cookieyes.com https://forms-eu1.hubspot.com https://track-eu1.hubspot.com https://ton.twimg.com https://platform.twitter.com https://abs.twimg.com https://pbs.twimg.com https://www.google-analytics.com https://secure.gravatar.com data: https://ssl.google-analytics.com; style-src 'self' 'unsafe-inline' https://ton.twimg.com https://platform.twitter.com https://fonts.googleapis.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' https://app-eu1.hubspot.com/ https://syndication.twitter.com https://platform.twitter.com; object-src 'self'; connect-src https://forms-eu1.hubspot.com https://api-eu1.hubspot.com https://ampcid.google.com https://www.google-analytics.com https://www.cyjax.com https://log.cookieyes.com https://cdn-cookieyes.com https://directory.cookieyes.com https://consentlog.cookieyes.com/
ETag
"632879b8-15e54"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Feature-Policy
sync-xhr
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
89684
X-XSS-Protection
1; mode=block
jquery-migrate.min.js
www.cyjax.com/wp/wp-includes/js/jquery/ 		11 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cyjax.com/wp/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: www.cyjax.com
URL: https://www.cyjax.com/2022/11/14/fangxiao-a-chinese-threat-actor/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.117.199.239 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://js-eu1.hs-banner.com https://js-eu1.hs-analytics.net https://js-eu1.usemessages.com https://js-eu1.hscollectedforms.net https://js-eu1.hs-scripts.com https://cdn.syndication.twimg.com https://www.google-analytics.com https://ampcid.google.com https://www.googletagmanager.com https://platform.twitter.com https://cdn-cookieyes.com; img-src 'self' https://forms-eu1.hsforms.com https://cdn-cookieyes.com https://forms-eu1.hubspot.com https://track-eu1.hubspot.com https://ton.twimg.com https://platform.twitter.com https://abs.twimg.com https://pbs.twimg.com https://www.google-analytics.com https://secure.gravatar.com data: https://ssl.google-analytics.com; style-src 'self' 'unsafe-inline' https://ton.twimg.com https://platform.twitter.com https://fonts.googleapis.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' https://app-eu1.hubspot.com/ https://syndication.twitter.com https://platform.twitter.com; object-src 'self'; connect-src https://forms-eu1.hubspot.com https://api-eu1.hubspot.com https://ampcid.google.com https://www.google-analytics.com https://www.cyjax.com https://log.cookieyes.com https://cdn-cookieyes.com https://directory.cookieyes.com https://consentlog.cookieyes.com/
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Thu, 26 Jan 2023 00:07:29 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
no-referrer
Last-Modified
Wed, 18 Nov 2020 09:06:06 GMT
Server
nginx
Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://js-eu1.hs-banner.com https://js-eu1.hs-analytics.net https://js-eu1.usemessages.com https://js-eu1.hscollectedforms.net https://js-eu1.hs-scripts.com https://cdn.syndication.twimg.com https://www.google-analytics.com https://ampcid.google.com https://www.googletagmanager.com https://platform.twitter.com https://cdn-cookieyes.com; img-src 'self' https://forms-eu1.hsforms.com https://cdn-cookieyes.com https://forms-eu1.hubspot.com https://track-eu1.hubspot.com https://ton.twimg.com https://platform.twitter.com https://abs.twimg.com https://pbs.twimg.com https://www.google-analytics.com https://secure.gravatar.com data: https://ssl.google-analytics.com; style-src 'self' 'unsafe-inline' https://ton.twimg.com https://platform.twitter.com https://fonts.googleapis.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' https://app-eu1.hubspot.com/ https://syndication.twitter.com https://platform.twitter.com; object-src 'self'; connect-src https://forms-eu1.hubspot.com https://api-eu1.hubspot.com https://ampcid.google.com https://www.google-analytics.com https://www.cyjax.com https://log.cookieyes.com https://cdn-cookieyes.com https://directory.cookieyes.com https://consentlog.cookieyes.com/
ETag
"5fb4e3fe-2bd8"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Feature-Policy
sync-xhr
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11224
X-XSS-Protection
1; mode=block
25481865.js
js-eu1.hs-scripts.com/ 		2 KB
899 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js-eu1.hs-scripts.com/25481865.js
Requested by
Host: www.cyjax.com
URL: https://www.cyjax.com/2022/11/14/fangxiao-a-chinese-threat-actor/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.208.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea11a2110742c094fe20954aa50e397b22a4d57858c50f8d826930fcc2f6e361

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 26 Jan 2023 00:07:31 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Thu, 26 Jan 2023 00:03:30 GMT
server
cloudflare
x-hubspot-correlation-id
9dd60a1c-0075-45c3-8ca6-311649d9b002
x-trace
2BB7C9B8D2B53F9452491930A1E6E4641F93BD1CDD000000000000000000
vary
origin, Accept-Encoding
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=30
access-control-allow-credentials
true
cf-ray
78f502432f7634c0-DUB
main_373ca34c.js
www.cyjax.com/app/themes/cyjax/dist/scripts/ 		145 KB
147 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cyjax.com/app/themes/cyjax/dist/scripts/main_373ca34c.js
Requested by
Host: www.cyjax.com
URL: https://www.cyjax.com/2022/11/14/fangxiao-a-chinese-threat-actor/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.117.199.239 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
nginx /
Resource Hash
3572099132901196532cfc5388de09f455be34c8541b4ebfae53f17e395245db
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://js-eu1.hs-banner.com https://js-eu1.hs-analytics.net https://js-eu1.usemessages.com https://js-eu1.hscollectedforms.net https://js-eu1.hs-scripts.com https://cdn.syndication.twimg.com https://www.google-analytics.com https://ampcid.google.com https://www.googletagmanager.com https://platform.twitter.com https://cdn-cookieyes.com; img-src 'self' https://forms-eu1.hsforms.com https://cdn-cookieyes.com https://forms-eu1.hubspot.com https://track-eu1.hubspot.com https://ton.twimg.com https://platform.twitter.com https://abs.twimg.com https://pbs.twimg.com https://www.google-analytics.com https://secure.gravatar.com data: https://ssl.google-analytics.com; style-src 'self' 'unsafe-inline' https://ton.twimg.com https://platform.twitter.com https://fonts.googleapis.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' https://app-eu1.hubspot.com/ https://syndication.twitter.com https://platform.twitter.com; object-src 'self'; connect-src https://forms-eu1.hubspot.com https://api-eu1.hubspot.com https://ampcid.google.com https://www.google-analytics.com https://www.cyjax.com https://log.cookieyes.com https://cdn-cookieyes.com https://directory.cookieyes.com https://consentlog.cookieyes.com/
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Thu, 26 Jan 2023 00:07:29 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
no-referrer
Last-Modified
Mon, 16 Jan 2023 15:52:40 GMT
Server
nginx
Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://js-eu1.hs-banner.com https://js-eu1.hs-analytics.net https://js-eu1.usemessages.com https://js-eu1.hscollectedforms.net https://js-eu1.hs-scripts.com https://cdn.syndication.twimg.com https://www.google-analytics.com https://ampcid.google.com https://www.googletagmanager.com https://platform.twitter.com https://cdn-cookieyes.com; img-src 'self' https://forms-eu1.hsforms.com https://cdn-cookieyes.com https://forms-eu1.hubspot.com https://track-eu1.hubspot.com https://ton.twimg.com https://platform.twitter.com https://abs.twimg.com https://pbs.twimg.com https://www.google-analytics.com https://secure.gravatar.com data: https://ssl.google-analytics.com; style-src 'self' 'unsafe-inline' https://ton.twimg.com https://platform.twitter.com https://fonts.googleapis.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' https://app-eu1.hubspot.com/ https://syndication.twitter.com https://platform.twitter.com; object-src 'self'; connect-src https://forms-eu1.hubspot.com https://api-eu1.hubspot.com https://ampcid.google.com https://www.google-analytics.com https://www.cyjax.com https://log.cookieyes.com https://cdn-cookieyes.com https://directory.cookieyes.com https://consentlog.cookieyes.com/
ETag
"63c572c8-2442a"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Feature-Policy
sync-xhr
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
148522
X-XSS-Protection
1; mode=block
log
log.cookieyes.com/api/v1/ 		2 B
153 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://log.cookieyes.com/api/v1/log
Requested by
Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/275c30b519a9cb0dc574ce13/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.118.26 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-118-26.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryAaRyj3lLAk2oHR1T

Response headers

access-control-allow-origin
*
date
Thu, 26 Jan 2023 00:07:29 GMT
x-powered-by
Express
content-length
2
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type
text/plain; charset=utf-8
banner.js
cdn-cookieyes.com/client_data/275c30b519a9cb0dc574ce13/ 		93 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-cookieyes.com/client_data/275c30b519a9cb0dc574ce13/banner.js
Requested by
Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/275c30b519a9cb0dc574ce13/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9efa9cd9b86034c8640d5284e1e4d287436ef924d84387e062c7203186e0394

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 26 Jan 2023 00:07:29 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 05 Jan 2023 00:37:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
230556
etag
W/"17286-5f17981eef108-gzip"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JmnJ0G2HSfWsZKgIFHMOiuYDJSVNfEwvKRfyKfdVGsLi56nH4UxSoCdAj9AnRiNTrsZccq0R3feXz726pSRONDPFbYzDRypQaXAvaDbxK05%2FpKT%2FkkaZzm3o38CWfpo0jlJVPlVo9qA3jPq69011"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray
78f5023bd9717735-LHR
wp-emoji-release.min.js
www.cyjax.com/wp/wp-includes/js/ 		18 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cyjax.com/wp/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
Requested by
Host: www.cyjax.com
URL: https://www.cyjax.com/2022/11/14/fangxiao-a-chinese-threat-actor/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.117.199.239 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
nginx /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://js-eu1.hs-banner.com https://js-eu1.hs-analytics.net https://js-eu1.usemessages.com https://js-eu1.hscollectedforms.net https://js-eu1.hs-scripts.com https://cdn.syndication.twimg.com https://www.google-analytics.com https://ampcid.google.com https://www.googletagmanager.com https://platform.twitter.com https://cdn-cookieyes.com; img-src 'self' https://forms-eu1.hsforms.com https://cdn-cookieyes.com https://forms-eu1.hubspot.com https://track-eu1.hubspot.com https://ton.twimg.com https://platform.twitter.com https://abs.twimg.com https://pbs.twimg.com https://www.google-analytics.com https://secure.gravatar.com data: https://ssl.google-analytics.com; style-src 'self' 'unsafe-inline' https://ton.twimg.com https://platform.twitter.com https://fonts.googleapis.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' https://app-eu1.hubspot.com/ https://syndication.twitter.com https://platform.twitter.com; object-src 'self'; connect-src https://forms-eu1.hubspot.com https://api-eu1.hubspot.com https://ampcid.google.com https://www.google-analytics.com https://www.cyjax.com https://log.cookieyes.com https://cdn-cookieyes.com https://directory.cookieyes.com https://consentlog.cookieyes.com/
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Thu, 26 Jan 2023 00:07:29 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
no-referrer
Last-Modified
Tue, 12 Apr 2022 05:56:23 GMT
Server
nginx
Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://js-eu1.hs-banner.com https://js-eu1.hs-analytics.net https://js-eu1.usemessages.com https://js-eu1.hscollectedforms.net https://js-eu1.hs-scripts.com https://cdn.syndication.twimg.com https://www.google-analytics.com https://ampcid.google.com https://www.googletagmanager.com https://platform.twitter.com https://cdn-cookieyes.com; img-src 'self' https://forms-eu1.hsforms.com https://cdn-cookieyes.com https://forms-eu1.hubspot.com https://track-eu1.hubspot.com https://ton.twimg.com https://platform.twitter.com https://abs.twimg.com https://pbs.twimg.com https://www.google-analytics.com https://secure.gravatar.com data: https://ssl.google-analytics.com; style-src 'self' 'unsafe-inline' https://ton.twimg.com https://platform.twitter.com https://fonts.googleapis.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' https://app-eu1.hubspot.com/ https://syndication.twitter.com https://platform.twitter.com; object-src 'self'; connect-src https://forms-eu1.hubspot.com https://api-eu1.hubspot.com https://ampcid.google.com https://www.google-analytics.com https://www.cyjax.com https://log.cookieyes.com https://cdn-cookieyes.com https://directory.cookieyes.com https://consentlog.cookieyes.com/
ETag
"62551487-48b9"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Feature-Policy
sync-xhr
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18617
X-XSS-Protection
1; mode=block
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,700,700i&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.cyjax.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 19:42:15 GMT
x-content-type-options
nosniff
age
534315
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 19 Jan 2024 19:42:15 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,700,700i&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.cyjax.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 20:40:44 GMT
x-content-type-options
nosniff
age
444406
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 20 Jan 2024 20:40:44 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,700,700i&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.cyjax.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 16:44:52 GMT
x-content-type-options
nosniff
age
199358
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 23 Jan 2024 16:44:52 GMT
cyjax-logo.svg
www.cyjax.com/app/uploads/2019/08/ 		9 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cyjax.com/app/uploads/2019/08/cyjax-logo.svg
Requested by
Host: www.cyjax.com
URL: https://www.cyjax.com/2022/11/14/fangxiao-a-chinese-threat-actor/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.117.199.239 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
nginx /
Resource Hash
760cfa12eb1fe2ed91229b6331571a31d72b31bd5080ecacc24a358b52b7591a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://js-eu1.hs-banner.com https://js-eu1.hs-analytics.net https://js-eu1.usemessages.com https://js-eu1.hscollectedforms.net https://js-eu1.hs-scripts.com https://cdn.syndication.twimg.com https://www.google-analytics.com https://ampcid.google.com https://www.googletagmanager.com https://platform.twitter.com https://cdn-cookieyes.com; img-src 'self' https://forms-eu1.hsforms.com https://cdn-cookieyes.com https://forms-eu1.hubspot.com https://track-eu1.hubspot.com https://ton.twimg.com https://platform.twitter.com https://abs.twimg.com https://pbs.twimg.com https://www.google-analytics.com https://secure.gravatar.com data: https://ssl.google-analytics.com; style-src 'self' 'unsafe-inline' https://ton.twimg.com https://platform.twitter.com https://fonts.googleapis.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' https://app-eu1.hubspot.com/ https://syndication.twitter.com https://platform.twitter.com; object-src 'self'; connect-src https://forms-eu1.hubspot.com https://api-eu1.hubspot.com https://ampcid.google.com https://www.google-analytics.com https://www.cyjax.com https://log.cookieyes.com https://cdn-cookieyes.com https://directory.cookieyes.com https://consentlog.cookieyes.com/
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Thu, 26 Jan 2023 00:07:29 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
no-referrer
Last-Modified
Sat, 27 Mar 2021 12:04:40 GMT
Server
nginx
Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://js-eu1.hs-banner.com https://js-eu1.hs-analytics.net https://js-eu1.usemessages.com https://js-eu1.hscollectedforms.net https://js-eu1.hs-scripts.com https://cdn.syndication.twimg.com https://www.google-analytics.com https://ampcid.google.com https://www.googletagmanager.com https://platform.twitter.com https://cdn-cookieyes.com; img-src 'self' https://forms-eu1.hsforms.com https://cdn-cookieyes.com https://forms-eu1.hubspot.com https://track-eu1.hubspot.com https://ton.twimg.com https://platform.twitter.com https://abs.twimg.com https://pbs.twimg.com https://www.google-analytics.com https://secure.gravatar.com data: https://ssl.google-analytics.com; style-src 'self' 'unsafe-inline' https://ton.twimg.com https://platform.twitter.com https://fonts.googleapis.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' https://app-eu1.hubspot.com/ https://syndication.twitter.com https://platform.twitter.com; object-src 'self'; connect-src https://forms-eu1.hubspot.com https://api-eu1.hubspot.com https://ampcid.google.com https://www.google-analytics.com https://www.cyjax.com https://log.cookieyes.com https://cdn-cookieyes.com https://directory.cookieyes.com https://consentlog.cookieyes.com/
ETag
"605f1f58-24b9"
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Feature-Policy
sync-xhr
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9401
X-XSS-Protection
1; mode=block
fangxiao-a-chinese-threat-actor.png
www.cyjax.com/app/uploads/2022/11/ 		560 KB
562 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cyjax.com/app/uploads/2022/11/fangxiao-a-chinese-threat-actor.png
Requested by
Host: www.cyjax.com
URL: https://www.cyjax.com/2022/11/14/fangxiao-a-chinese-threat-actor/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.117.199.239 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
nginx /
Resource Hash
5bc0aa92c7164ae43098af9a6ab77dada60ca71df78a35814c66a1883b50d8b5
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://js-eu1.hs-banner.com https://js-eu1.hs-analytics.net https://js-eu1.usemessages.com https://js-eu1.hscollectedforms.net https://js-eu1.hs-scripts.com https://cdn.syndication.twimg.com https://www.google-analytics.com https://ampcid.google.com https://www.googletagmanager.com https://platform.twitter.com https://cdn-cookieyes.com; img-src 'self' https://forms-eu1.hsforms.com https://cdn-cookieyes.com https://forms-eu1.hubspot.com https://track-eu1.hubspot.com https://ton.twimg.com https://platform.twitter.com https://abs.twimg.com https://pbs.twimg.com https://www.google-analytics.com https://secure.gravatar.com data: https://ssl.google-analytics.com; style-src 'self' 'unsafe-inline' https://ton.twimg.com https://platform.twitter.com https://fonts.googleapis.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' https://app-eu1.hubspot.com/ https://syndication.twitter.com https://platform.twitter.com; object-src 'self'; connect-src https://forms-eu1.hubspot.com https://api-eu1.hubspot.com https://ampcid.google.com https://www.google-analytics.com https://www.cyjax.com https://log.cookieyes.com https://cdn-cookieyes.com https://directory.cookieyes.com https://consentlog.cookieyes.com/
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Thu, 26 Jan 2023 00:07:29 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
no-referrer
Last-Modified
Fri, 11 Nov 2022 16:06:38 GMT
Server
nginx
Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://js-eu1.hs-banner.com https://js-eu1.hs-analytics.net https://js-eu1.usemessages.com https://js-eu1.hscollectedforms.net https://js-eu1.hs-scripts.com https://cdn.syndication.twimg.com https://www.google-analytics.com https://ampcid.google.com https://www.googletagmanager.com https://platform.twitter.com https://cdn-cookieyes.com; img-src 'self' https://forms-eu1.hsforms.com https://cdn-cookieyes.com https://forms-eu1.hubspot.com https://track-eu1.hubspot.com https://ton.twimg.com https://platform.twitter.com https://abs.twimg.com https://pbs.twimg.com https://www.google-analytics.com https://secure.gravatar.com data: https://ssl.google-analytics.com; style-src 'self' 'unsafe-inline' https://ton.twimg.com https://platform.twitter.com https://fonts.googleapis.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' https://app-eu1.hubspot.com/ https://syndication.twitter.com https://platform.twitter.com; object-src 'self'; connect-src https://forms-eu1.hubspot.com https://api-eu1.hubspot.com https://ampcid.google.com https://www.google-analytics.com https://www.cyjax.com https://log.cookieyes.com https://cdn-cookieyes.com https://directory.cookieyes.com https://consentlog.cookieyes.com/
ETag
"636e730e-8c0e8"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Feature-Policy
sync-xhr
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
573672
X-XSS-Protection
1; mode=block
25481865.js
js-eu1.hs-analytics.net/analytics/1674691500000/ 		65 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-eu1.hs-analytics.net/analytics/1674691500000/25481865.js
Requested by
Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/25481865.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.238.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d42847205fb00ce98291fb811bad5ed4bb4c2f0a4615ecc09a0b75c85013ad59

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 26 Jan 2023 00:07:32 GMT
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
3Y525KTF40RRGPF4
x-amz-server-side-encryption
AES256
x-envoy-upstream-service-time
36
x-amz-id-2
ldF0FHOOaCDTuX6dozGnM188NKpiC4mATI8AgyQI8XbnhFECDJ5v4Z7mZFnvPGbksKTIf0171/E=
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
last-modified
Wed, 18 Jan 2023 20:11:06 GMT
server
cloudflare
x-evy-trace-route
nginx-catch-all
etag
W/"639f13669776cbf0ebdfeca5b99f21e9"
vary
origin, Accept-Encoding
content-type
text/javascript
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
fra04/analytics-js-proxy-td/envoy-proxy-5d6fcf645-ntnj2
cache-control
max-age=300,public
access-control-allow-credentials
false
cf-ray
78f5024b5e3260d9-DUB
expires
Thu, 26 Jan 2023 00:12:32 GMT
collectedforms.js
js-eu1.hscollectedforms.net/ 		68 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-eu1.hscollectedforms.net/collectedforms.js
Requested by
Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/25481865.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.192.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3999cf864b43937c278afeae5b60b6db69bb234d5641202c9e7a2385029aa3b7

Request headers

Referer
Origin
https://www.cyjax.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 26 Jan 2023 00:07:32 GMT
x-amz-version-id
SN4HXBautbT5xHa4DdPckLpyluwLE8QR
via
1.1 6c7a5d26be7fb35284e54d321f16b6f6.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-amz-cf-pop
FRA56-C2
age
241
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.312/bundles/project.js&cfRay=775e162a0f741b94-FRA
x-cache
Hit from cloudfront
cache-tag
staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-amz-replication-status
COMPLETED
last-modified
Wed, 07 Dec 2022 02:49:13 UTC
server
cloudflare
etag
W/"349cabd549e2249f8fb6ac3ac6f08e00"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-hs-cache-status
HIT
cache-control
s-maxage=600, max-age=300
cf-ray
78f5024b49971b9d-DUB
x-amz-cf-id
pU6rtLRtj1iBbPgldF9uT-swRgaPZ33qcCR1q-QMACz8_Wb9CR5OlA==
x-hs-target-asset
collected-forms-embed-js/static-1.312/bundles/project.js
banner.js
js-eu1.hs-banner.com/v2/25481865/ 		202 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-eu1.hs-banner.com/v2/25481865/banner.js
Requested by
Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/25481865.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.202.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
001bb7de24264982e97c166e5af3a3108aee106cb14339bcda938fad59ccf638

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 26 Jan 2023 00:07:32 GMT
x-amz-version-id
p4iz8k.l0Req8vlmrRHevy9HC5sJJ6Er
content-encoding
br
cf-cache-status
REVALIDATED
x-amz-request-id
CS7JRJE3XZN2KRXH
x-amz-server-side-encryption
AES256
x-amz-id-2
LsA/RANEaqV0dBRFGSkLXd0j+ht8B/wZMXojtAG9LnlNAO6VmViEYMkj7ityZ3kbbGfgyo4O3Qw=
last-modified
Thu, 08 Dec 2022 21:53:07 GMT
server
cloudflare
etag
W/"10035b584761d6441f2c80ea783f2cfb"
access-control-max-age
604800
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
text/javascript; charset=UTF-8
vary
origin, Accept-Encoding
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300, public
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
78f5024b692d1b8b-DUB
expires
Thu, 26 Jan 2023 00:12:32 GMT
conversations-embed.js
js-eu1.usemessages.com/ 		73 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-eu1.usemessages.com/conversations-embed.js
Requested by
Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/25481865.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:eecc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5009decc02679b2c0c48c00dbfe1719d4f8cd6cdecc4d64dda39818afd738d69

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 26 Jan 2023 00:07:31 GMT
x-amz-version-id
8xPU0Itz3x2c97cGNkXJfntuFL6NjR5U
via
1.1 0363fab377de19b9b4f85394469f6fca.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-amz-cf-pop
FRA56-C2
age
97
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.11886/bundles/project.js&cfRay=78f4ffe8985d8883-FRA
x-cache
Hit from cloudfront
cache-tag
staticjsapp-conversations-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
4
x-amz-replication-status
COMPLETED
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
last-modified
Tue, 24 Jan 2023 04:00:31 UTC
server
cloudflare
x-evy-trace-route
nginx-catch-all
etag
W/"0ea46a2ac748da80b25a4ee054a80350"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-hs-cache-status
HIT
x-evy-trace-virtual-host
all
cache-control
max-age=600
x-evy-trace-served-by-pod
fra04/app-td/envoy-proxy-6bdc87f4c5-x5jnd
cf-ray
78f502445d8872f4-LHR
x-amz-cf-id
lYlvILasWAyN-gLPHifwkQHXjf4ATAGv01cuw9BXeVgIIOIqh_MO2Q==
x-hs-target-asset
conversations-embed/static-1.11886/bundles/project.js
public
api-eu1.hubspot.com/livechat-public/v1/message/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-eu1.hubspot.com/livechat-public/v1/message/public?portalId=25481865&conversations-embed=static-1.11886&mobile=false&messagesUtk=954e988839e64799b29980c927c689c6&traceId=954e988839e64799b29980c927c689c6
Requested by
Host: js-eu1.usemessages.com
URL: https://js-eu1.usemessages.com/conversations-embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.202.85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c16c34a969fe67b63010f234c140a7cc49b44ad291e6fe296adcb9aac57df64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
accept-language
en-GB,en;q=0.9
X-HubSpot-Messages-Uri
https://www.cyjax.com/2022/11/14/fangxiao-a-chinese-threat-actor/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 26 Jan 2023 00:07:32 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-hubspot-correlation-id
ac1a3ea1-5023-4228-8600-202311e55c14
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1503
server
cloudflare
x-trace
2B47E3466AD71F9B16BB8F65354222351B857C186F000000000000000000
vary
origin
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.cyjax.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M1PBoDhZIS30c2tkP11TxGUfhup4FUKAsVXputV8%2BA8Zo6dnzEr8h%2B08s%2FSyIGwSg9gq2ddL9rwOClArwd4xZ%2BaJhd7ouraAdrh3759Q7oSsMSDyie73i59XLubScZY%2FKle7W6s%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials
false
cf-ray
78f5024d0b3d60f2-DUB
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
public
api-eu1.hubspot.com/livechat-public/v1/message/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-eu1.hubspot.com/livechat-public/v1/message/public?portalId=25481865&conversations-embed=static-1.11886&mobile=false&messagesUtk=954e988839e64799b29980c927c689c6&traceId=954e988839e64799b29980c927c689c6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.202.85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
x-hubspot-messages-uri
Access-Control-Request-Method
GET
Origin
https://www.cyjax.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
false
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin
https://www.cyjax.com
allow
HEAD,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
78f5024c3a4f60f2-DUB
content-length
18
content-type
text/plain; charset=utf-8
date
Thu, 26 Jan 2023 00:07:32 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=529kfwbccClr53%2F%2FQw6nNRzTiys2nR8DLARbOs8awhMXfLIQdEdbTeZROam50uBkkV59s4KxctUUy8JpDFCMgIf59K5EnCjUaEZ0zRkMSrjaoZKByRR6em%2F9nmz6YMIB47VVR4E%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
origin
x-hubspot-correlation-id
114801d7-0271-4c52-8fb6-091b07d0775d
x-trace
2BCBC3604B9BFA8F6BE1A96E5E2EDAB220474B56B7000000000000000000
json
forms-eu1.hubspot.com/collected-forms/v1/config/ 		116 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms-eu1.hubspot.com/collected-forms/v1/config/json?portalId=25481865&utk=
Requested by
Host: js-eu1.hscollectedforms.net
URL: https://js-eu1.hscollectedforms.net/collectedforms.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.193.34 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
26f494b9e0054cc98d317864f6baef774246c34e48e944708862afed3593ca5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
application/json, text/plain, */*
Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 26 Jan 2023 00:07:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
49259b40-cc20-4ee6-b992-9badd8790022
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
vary
origin
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.cyjax.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BfnAO%2FdX0vPQfXoFCRnxF8P9HidyMl4MJDFe9XCaZ%2Bouh7q2xF0sPJ7EcoDMYv%2Bc6vJGIl7lQh5Wou7fMC%2B0jxxAwlyK1CpV3jnCtKEuL470k2czC2ptP8ZbCFtMG7Uh7psOjubPVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age
180
access-control-allow-credentials
false
x-robots-tag
none
access-control-allow-headers
*
cf-ray
78f502538ba13501-DUB
0TI7-KnD.json
cdn-cookieyes.com/client_data/275c30b519a9cb0dc574ce13/ 		43 B
599 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-cookieyes.com/client_data/275c30b519a9cb0dc574ce13/0TI7-KnD.json
Requested by
Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/275c30b519a9cb0dc574ce13/banner.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f60e489ab0124f39d5696ca6e82d34078ea1a9d0aa825a61b60aed08707e94c

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 26 Jan 2023 00:07:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 05 Jan 2023 00:37:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
215953
etag
W/"2b-5f17981eee168"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YPH7zpEHaE7TgqgfybruOVjGOSkuJxmJ%2FPqhMi73YtHq%2BPqOBYxD%2Fib2UunjKISrXgf0MOFKvjVI26AT%2F3p%2F5qdhbieXSaPrIxGVu2Q8eDVKRjt7EMtUDG1wbY7AiyG74NSbx9uBtX3bckThOtAV"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray
78f5024d09507306-LHR
__ptq.gif
track-eu1.hubspot.com/ 		45 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-eu1.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1858685340&v=1.1&a=25481865&rcu=https%3A%2F%2Fwww.cyjax.com%2F2022%2F11%2F14%2Ffangxiao-a-chinese-threat-actor%2F&pu=https%3A%2F%2Fwww.cyjax.com%2F2022%2F11%2F14%2Ffangxiao-a-chinese-threat-actor%2F&t=Cyjax&cts=1674691652529&vi=4737623f8cdfc98b992e79614b807201&nc=true&u=14164584.4737623f8cdfc98b992e79614b807201.1674691652523.1674691652523.1674691652523.1&b=14164584.1.1674691652524&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.240.166 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 26 Jan 2023 00:07:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
134fd772-9b60-4a21-9810-67aa42616129
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
5
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
last-modified
Thu, 26 Jan 2023 00:07:33 GMT
server
cloudflare
x-evy-trace-route
nginx-catch-all
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TdIhH8noZ7kCyqxgUnUNYhBKCuO4MJe3BHac8qUxnZAVJL9ngk8bofF6d4kQkS5tF7zNNRoBiDGXiBuoRLumjh1B%2FSzm2rfOHnOxGctsT0t7n%2BP8Sm7%2Bg%2FihALjvPgFAZ0r%2B5NeITw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
fra04/analytics-tracking-td/envoy-proxy-888685f5b-8xh6j
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
accept-ranges
bytes
cf-ray
78f502551b0934ef-DUB
x-robots-tag
none
result.php
directory.cookieyes.com/geoip/checker/ 		121 B
323 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://directory.cookieyes.com/geoip/checker/result.php
Requested by
Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/275c30b519a9cb0dc574ce13/banner.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.101.13.61 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
529751.cloudwaysapps.com
Software
nginx /
Resource Hash
a5899cff705f71252de69fe48680940b6f7f2d4960dd3d7bbc9ddb247411672f

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 26 Jan 2023 00:07:33 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-allow-headers
*
content-length
123
954e988839e64799b29980c927c689c6
app-eu1.hubspot.com/conversations-visitor/25481865/threads/utk/ Frame 1C05 		51 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app-eu1.hubspot.com/conversations-visitor/25481865/threads/utk/954e988839e64799b29980c927c689c6?uuid=6a372d6d34ff41e29667a4c0513a0cf2&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=cyjax.com&inApp53=false&messagesUtk=954e988839e64799b29980c927c689c6&url=https%3A%2F%2Fwww.cyjax.com%2F2022%2F11%2F14%2Ffangxiao-a-chinese-threat-actor%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Requested by
Host: js-eu1.usemessages.com
URL: https://js-eu1.usemessages.com/conversations-embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.236.181 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
cb55961e39a7aca4ab4d918c2db2bcf64426466b58c08065ffb05f8b4ce982c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
false
age
2025
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=600
cache-tag
staticjsapp-conversations-visitor-ui-web-prod,staticjsapp-prod
cf-cache-status
DYNAMIC
cf-ray
78f502571d1d34de-DUB
content-encoding
br
content-security-policy-report-only
script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: connect.facebook.net www.gstatic.cn www.gstatic.com www.google.com *.fullstory.com fullstory.com apis.google.com snap.licdn.com; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-visitor-ui/static-1.14337/html/index.html&cfRay=78f502571d1d34de&reqUrl=https%3A%2F%2Fapp-eu1.hubspot.com%2Fconversations-visitor%2F25481865%2Fthreads%2Futk%2F954e988839e64799b29980c927c689c6%3Fuuid%3D6a372d6d34ff41e29667a4c0513a0cf2%26mobile%3Dfalse%26mobileSafari%3Dfalse%26hideWelcomeMessage%3Dfalse%26hstc%3Dnull%26domain%3Dcyjax.com%26inApp53%3Dfalse%26messagesUtk%3D954e988839e64799b29980c927c689c6%26url%3Dhttps%253A%252F%252Fwww.cyjax.com%252F2022%252F11%252F14%252Ffangxiao-a-chinese-threat-actor%252F%26inline%3Dfalse%26isFullscreen%3Dfalse%26globalCookieOptOut%3Dnull%26isFirstVisitorSession%3Dtrue%26isAttachmentDisabled%3Dfalse%26enableWidgetCookieBanner%3Dfalse%26isInCMS%3Dfalse&referrer=&cfenv=prod&pdt=2023-01-26&csp=ro
content-type
text/html; charset=utf-8
date
Thu, 26 Jan 2023 00:07:34 GMT
etag
W/"57868a89e679f9457a6d2018b6b01b6a"
last-modified
Tue, 24 Jan 2023 04:00:31 UTC
report-to
{"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports"}]}
reporting-endpoints
default="https://exceptions.hubspot.com/csp/reports?cfRay=78f502571d1d34de&resource=conversations-visitor-ui/static-1.14337/html/index.html"
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
origin, Accept-Encoding
via
1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
x-amz-cf-id
QlgXHptQ6cYkOR0Ge6d5Yqy77Cd-aAJn1TxhYp890dq2Q14XBXsA-A==
x-amz-cf-pop
FRA56-C2
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
3XfmiZbDiMVLNNEvarES70iHapZknvTX
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
7
x-evy-trace-listener
listener_https
x-evy-trace-route
nginx-catch-all
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-served-by-pod
fra04/app-td/envoy-proxy-6bdc87f4c5-pxdqq
x-evy-trace-virtual-host
all
x-hs-cache-status
MISS
x-hs-target-asset
conversations-visitor-ui/static-1.14337/html/index.html
x-hs-worker-debug-mode
false
Aw_ARrbn.json
cdn-cookieyes.com/client_data/275c30b519a9cb0dc574ce13/config/ 		29 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-cookieyes.com/client_data/275c30b519a9cb0dc574ce13/config/Aw_ARrbn.json
Requested by
Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/275c30b519a9cb0dc574ce13/banner.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
277feff6e31d6994284ea4895a7ae301b9f0c8b814cdd2897933ad3767a32d5a

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 26 Jan 2023 00:07:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 05 Jan 2023 00:37:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
215954
etag
W/"73b1-5f17981eef108"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A2QXy0iQ0QUq0aG2zloTYouCvZIItRpldEDFZLHqQsAvcFOviZxX%2FuwFMOrpZ0J81WPPsH6GgKdjGKCx4C765j3guHK8mFEv5bVKZrkLpCu8tZ%2FiqLBUBTgAhlKMk1%2Fs3zSpyIHs7wh6Jrqu%2BaEv"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray
78f5024fecb37306-LHR
Csy0G8TQ.json
cdn-cookieyes.com/client_data/275c30b519a9cb0dc574ce13/translations/ 		2 KB
1022 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-cookieyes.com/client_data/275c30b519a9cb0dc574ce13/translations/Csy0G8TQ.json
Requested by
Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/275c30b519a9cb0dc574ce13/banner.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16a881274bfdd2dce4a634986c6ad6361c3a27ff2ff5fe3a08c939274a016cf5

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 26 Jan 2023 00:07:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 05 Jan 2023 00:37:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
215953
etag
W/"6eb-5f17981ef00a8"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lXGR8e7zQ9F8aKdqsUgBl6cbgF0VaxLjow4ljgLgiPJoCcbelTWee89QkSQgh7DNZeaTkMywswhWzIHBY6GWxM3WdhDF8IkRji%2BQFJV7DwelYbRavgXxrOJppAGBFw%2BiCZXMETlEEQcCMuA%2FjxMi"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray
78f502502cf17306-LHR
Ar0ZG-Ln.json
cdn-cookieyes.com/client_data/275c30b519a9cb0dc574ce13/audit-table/ 		6 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-cookieyes.com/client_data/275c30b519a9cb0dc574ce13/audit-table/Ar0ZG-Ln.json
Requested by
Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/275c30b519a9cb0dc574ce13/banner.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87fbbae47e422a5f073d31ca8b9661413c4bec65d73baccc94f97cbcb00e00a1

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 26 Jan 2023 00:07:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 05 Jan 2023 00:37:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
215953
etag
W/"18e1-5f17981eef108"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ieDxp5Gtg3rA6YayuOSN9yxiYD8N5FJLXP0yMD559wbfPYXF0OOrGp3js1LMn1mcG%2BV1DHgpOOZDP%2FnbL1b6EklJEtO1oKtMnMGAO%2BnoaGIO5aT3dRmeMEnAIUT%2B0DJCUQkKE2NYsLwE8U1QrBDp"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray
78f502507d3a7306-LHR
close.svg
cdn-cookieyes.com/assets/images/ 		1 KB
990 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-cookieyes.com/assets/images/close.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a049e1abe441835a2bcf35258936072189a0a52d0000c4ed2094e59d2afd189b

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 26 Jan 2023 00:07:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 15 Mar 2022 04:40:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
228928
etag
W/"541-5da3a66c769d4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eb7wIDyuBYcaNXpDFD8PvRmafU3YoYFWRnlN0M7RS%2B0OJC0YWnC2kZb%2BrHiAZcUsMmYRR2HHPsZPFj%2FyyqNfS90GA1At5gKEClvQ694hZvVQAqob8fzfj%2F20ld9SApRCP7DBtdqk%2FZGratQWGRco"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=0, s-maxage=604800, proxy-revalidate
cf-ray
78f50250cc657735-LHR
poweredbtcky.svg
cdn-cookieyes.com/assets/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-cookieyes.com/assets/images/poweredbtcky.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
911f58b8d14bd6f73a83fd774e44bec97e896317c7093dc83e96921e64f1fbd5

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 26 Jan 2023 00:07:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 15 Mar 2022 04:41:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
167976
etag
W/"eb2-5da3a68c50d09"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=684KuIW3qrc50rCD2huD9tojifnAV4Y3OszkpU7zHcNqcwVnqA5FxV%2F0kFIeewYS8YrKLoZdTwMmIBqq%2Bh5Nu3ZYrKk7BgPZhqefISvUSwAnjqXdAn3jOKWI6adHHVMnUfScKR4VnIMQz2O4%2Byj9"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=0, s-maxage=604800, proxy-revalidate
cf-ray
78f50250cc667735-LHR
log
log.cookieyes.com/api/v1/ 		2 B
152 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://log.cookieyes.com/api/v1/log
Requested by
Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/275c30b519a9cb0dc574ce13/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.118.26 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-118-26.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryC5WBp4iBUwvtGBpc

Response headers

access-control-allow-origin
*
date
Thu, 26 Jan 2023 00:07:33 GMT
x-powered-by
Express
content-length
2
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type
text/plain; charset=utf-8
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,700,700i&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.cyjax.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 01:45:44 GMT
x-content-type-options
nosniff
age
166909
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 24 Jan 2024 01:45:44 GMT
KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,700,700i&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.cyjax.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 07:31:05 GMT
x-content-type-options
nosniff
age
59788
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17368
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Jan 2024 07:31:05 GMT
bundle.production.js
static.hsappstatic.net/head-dlb/static-1.245/ Frame 1C05 		0
0
visitor.css
static.hsappstatic.net/conversations-visitor-ui/static-1.14289/sass/ Frame 1C05 		0
0
bundle.production.js
static.hsappstatic.net/hubspot-dlb/static-1.346/ Frame 1C05 		0
0
visitor.js
static.hsappstatic.net/conversations-visitor-ui/static-1.14337/bundles/ Frame 1C05 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.hsappstatic.net
URL
https://static.hsappstatic.net/head-dlb/static-1.245/bundle.production.js
Domain
static.hsappstatic.net
URL
https://static.hsappstatic.net/conversations-visitor-ui/static-1.14289/sass/visitor.css
Domain
static.hsappstatic.net
URL
https://static.hsappstatic.net/hubspot-dlb/static-1.346/bundle.production.js
Domain
static.hsappstatic.net
URL
https://static.hsappstatic.net/conversations-visitor-ui/static-1.14337/bundles/visitor.js

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontentvisibilityautostatechange object| cookieyes string| em_version boolean| em_track_user string| em_no_track_reason object| disableStrs function| __gtagTrackerIsOptedOut undefined| index function| __gtagTrackerOptout function| gaOptout function| __gtagDataLayer function| __gtagTracker object| dataLayer object| ExactMetricsDualTracker function| gtag function| __gaTracker object| _wpemojiSettings function| ExactMetrics object| ExactMetricsObject object| exactmetrics_frontend undefined| $ function| jQuery function| exactmetrics_forms_record_impression function| exactmetrics_forms_has_class function| exactmetrics_forms_record_conversion function| exactmetrics_forms_load function| exactmetrics_add_bloom_forms_ids function| exactmetrics_find_parent_with_class object| cyjaxObj object| twemoji object| wp object| regeneratorRuntime function| revisitCkyConsent function| performBannerAction object| _hsp boolean| hubspot_live_messages_running object| HubSpotConversations object| _hsq object| __hsCollectedFormsDebug object| _paq function| sanitizeKey boolean| _hstc_loaded boolean| _hspb_loaded boolean| _hspb_ran boolean| _hstc_ran string| __hsUserToken number| expireDateTime

2 Cookies

Domain/Path Name / Value
.cyjax.com/ Name: __hssrc
Value: 1
.www.cyjax.com/ Name: cookieyes-consent
Value: consentid:MjM4RDF3czhyQ0xYSnlCeDdjdThDT0Q5VmE2WTlHMEo,consent:no,action:,necessary:yes,functional:no,analytics:no,performance:no

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://js-eu1.hs-banner.com https://js-eu1.hs-analytics.net https://js-eu1.usemessages.com https://js-eu1.hscollectedforms.net https://js-eu1.hs-scripts.com https://cdn.syndication.twimg.com https://www.google-analytics.com https://ampcid.google.com https://www.googletagmanager.com https://platform.twitter.com https://cdn-cookieyes.com; img-src 'self' https://forms-eu1.hsforms.com https://cdn-cookieyes.com https://forms-eu1.hubspot.com https://track-eu1.hubspot.com https://ton.twimg.com https://platform.twitter.com https://abs.twimg.com https://pbs.twimg.com https://www.google-analytics.com https://secure.gravatar.com data: https://ssl.google-analytics.com; style-src 'self' 'unsafe-inline' https://ton.twimg.com https://platform.twitter.com https://fonts.googleapis.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' https://app-eu1.hubspot.com/ https://syndication.twitter.com https://platform.twitter.com; object-src 'self'; connect-src https://forms-eu1.hubspot.com https://api-eu1.hubspot.com https://ampcid.google.com https://www.google-analytics.com https://www.cyjax.com https://log.cookieyes.com https://cdn-cookieyes.com https://directory.cookieyes.com https://consentlog.cookieyes.com/
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-eu1.hubspot.com
app-eu1.hubspot.com
cdn-cookieyes.com
cyjax.com
directory.cookieyes.com
fonts.googleapis.com
fonts.gstatic.com
forms-eu1.hubspot.com
js-eu1.hs-analytics.net
js-eu1.hs-banner.com
js-eu1.hs-scripts.com
js-eu1.hscollectedforms.net
js-eu1.usemessages.com
log.cookieyes.com
static.hsappstatic.net
track-eu1.hubspot.com
www.cyjax.com
www.googletagmanager.com
static.hsappstatic.net
172.65.192.122
172.65.193.34
172.65.202.201
172.65.202.85
172.65.208.22
172.65.236.181
172.65.238.60
172.65.240.166
185.117.199.239
2606:4700:20::681a:146
2606:4700::6811:eecc
2a00:1450:4001:80b::2003
2a00:1450:4001:80f::200a
2a00:1450:4001:811::2008
34.250.118.26
46.101.13.61
001bb7de24264982e97c166e5af3a3108aee106cb14339bcda938fad59ccf638
017f5ec24ebe961dfdd98f939ac7f680288987bef1d5f61db6e75de441103aa4
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0c16c34a969fe67b63010f234c140a7cc49b44ad291e6fe296adcb9aac57df64
123200a955b1a1f93068038f842875bb26c0d51f9d4fcfe8bcccae410be3d4e8
16a881274bfdd2dce4a634986c6ad6361c3a27ff2ff5fe3a08c939274a016cf5
23eb134e746f1e5c265c5d33d045af48c444617adaa281fb993d6070bdc04c9f
26f494b9e0054cc98d317864f6baef774246c34e48e944708862afed3593ca5e
277feff6e31d6994284ea4895a7ae301b9f0c8b814cdd2897933ad3767a32d5a
3572099132901196532cfc5388de09f455be34c8541b4ebfae53f17e395245db
3999cf864b43937c278afeae5b60b6db69bb234d5641202c9e7a2385029aa3b7
3f60e489ab0124f39d5696ca6e82d34078ea1a9d0aa825a61b60aed08707e94c
5009decc02679b2c0c48c00dbfe1719d4f8cd6cdecc4d64dda39818afd738d69
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57ed32ab780a656f95032e7126fda798afdf021b0b3bbbee0e4e5c94b64ad85c
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5bc0aa92c7164ae43098af9a6ab77dada60ca71df78a35814c66a1883b50d8b5
6e9cdd4fc3e0cec79e10b9b9802a7fa344a314049d066635894996ae770bbfa3
760cfa12eb1fe2ed91229b6331571a31d72b31bd5080ecacc24a358b52b7591a
87fbbae47e422a5f073d31ca8b9661413c4bec65d73baccc94f97cbcb00e00a1
911f58b8d14bd6f73a83fd774e44bec97e896317c7093dc83e96921e64f1fbd5
a049e1abe441835a2bcf35258936072189a0a52d0000c4ed2094e59d2afd189b
a5899cff705f71252de69fe48680940b6f7f2d4960dd3d7bbc9ddb247411672f
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b7193bd1228920067e241fc9b5c987bfa8eb9b9dc06e986ff31e338b1f06d93f
b9efa9cd9b86034c8640d5284e1e4d287436ef924d84387e062c7203186e0394
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
cb55961e39a7aca4ab4d918c2db2bcf64426466b58c08065ffb05f8b4ce982c9
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cdb22a8531a0d424501de38b5920f1093a58b458d33e0761fa9de692b0cafd98
d42847205fb00ce98291fb811bad5ed4bb4c2f0a4615ecc09a0b75c85013ad59
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
ea11a2110742c094fe20954aa50e397b22a4d57858c50f8d826930fcc2f6e361
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef