www.redcanary.com Open in urlscan Pro
2a0b:4d07:101::1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://link.virtualizationwebinars.com/l/y_QbIn_oKyDRKO1ZJ6bJp-sS6UEwq2l-wRSlqMyiz2c
Effective URL:
https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
Submission: On February 04 via manual (February 4th 2019, 7:56:33 pm UTC) from US

Summary HTTP 48 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 15 IPs in 3 countries across 14 domains to perform 48 HTTP transactions. The main IP is 2a0b:4d07:101::1, located in Germany and belongs to PROINITY PROINITY, DE. The main domain is www.redcanary.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on January 4th 2019. Valid for: 3 months.

This is the only time www.redcanary.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	199.127.241.13 199.127.241.13	53797 (PINPOINTE-N1) (PINPOINTE-N1 - Pinpointe On-Demand)
29	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
1	2a00:1450:400... 2a00:1450:4001:815::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2606:4700::68... 2606:4700::6811:b749	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	143.204.214.53 143.204.214.53	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2606:4700::68... 2606:4700::6811:d3cc	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2606:4700::68... 2606:4700::6813:c597	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2a00:1450:400... 2a00:1450:4001:81f::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2606:4700::68... 2606:4700::6810:5705	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2606:4700::68... 2606:4700::6811:ebcc	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2606:4700::68... 2606:4700::6811:45b0	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 2	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2606:4700::68... 2606:4700::6810:fa05	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2a00:1450:400... 2a00:1450:400c:c0a::9c	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2606:4700::68... 2606:4700::6810:fc05	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
48	15

1 199.127.241.13 (Danville, United States) 1 redirects

ASN53797 (PINPOINTE-N1 - Pinpointe On-Demand, Inc., US)
PTR: na03.mypinpointe.com

link.virtualizationwebinars.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a0b:4d07:101::1 (Germany)

ASN44239 (PROINITY PROINITY, DE)

www.redcanary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:b749 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.214.53 (Wilmington, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-214-53.fra53.r.cloudfront.net

vidassets.terminus.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:d3cc (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:c597 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5705 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:ebcc (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:45b0 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::200e (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:fa05 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9c (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:fc05 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	redcanary.com www.redcanary.com	1 MB
5	hubspot.com api.hubspot.com track.hubspot.com	1 KB
2	google-analytics.com 1 redirects www.google-analytics.com	17 KB
2	hs-scripts.com js.hs-scripts.com	1 KB
2	terminus.services vidassets.terminus.services	2 KB
2	googleapis.com fonts.googleapis.com ajax.googleapis.com	30 KB
1	doubleclick.net stats.g.doubleclick.net	102 B
1	hs-analytics.net js.hs-analytics.net	24 KB
1	usemessages.com js.usemessages.com	11 KB
1	hsforms.com forms.hsforms.com	2 KB
1	gstatic.com fonts.gstatic.com	13 KB
1	cloudflare.com cdnjs.cloudflare.com	1 KB
1	hsforms.net js.hsforms.net	109 KB
1	virtualizationwebinars.com 1 redirects link.virtualizationwebinars.com	1018 B
48	14

	Domain	Requested by
29	www.redcanary.com	www.redcanary.com js.hsforms.net ajax.googleapis.com
3	track.hubspot.com
2	api.hubspot.com	js.usemessages.com www.redcanary.com
2	www.google-analytics.com	1 redirects www.redcanary.com
2	js.hs-scripts.com	www.redcanary.com js.hs-analytics.net
2	vidassets.terminus.services	www.redcanary.com
1	stats.g.doubleclick.net	www.redcanary.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	forms.hsforms.com	js.hsforms.net
1	fonts.gstatic.com	www.redcanary.com
1	cdnjs.cloudflare.com	www.redcanary.com
1	js.hsforms.net	www.redcanary.com
1	ajax.googleapis.com	www.redcanary.com
1	fonts.googleapis.com	www.redcanary.com
1	link.virtualizationwebinars.com	1 redirects
48	16

This site contains links to these domains. Also see Links.

Domain
resources.redcanary.com
twitter.com
github.com
www.linkedin.com
www.youtube.com

Subject Issuer	Validity	Valid
www.redcanary.com Let's Encrypt Authority X3	`2019-01-04` - `2019-04-04`	3 months	crt.sh
*.googleapis.com Google Internet Authority G3	`2019-01-15` - `2019-04-09`	3 months	crt.sh
ssl766686.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-01-18` - `2019-07-27`	6 months	crt.sh
*.terminus.services Amazon	`2018-01-17` - `2019-02-17`	a year	crt.sh
ssl817718.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-09-25` - `2019-04-03`	6 months	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-09-22` - `2019-03-31`	6 months	crt.sh
*.google.com Google Internet Authority G3	`2019-01-15` - `2019-04-09`	3 months	crt.sh
ssl431287.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-09-05` - `2019-03-14`	6 months	crt.sh
ssl817703.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-09-25` - `2019-04-03`	6 months	crt.sh
ssl803670.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-12-19` - `2019-06-27`	6 months	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-01-15` - `2019-04-09`	3 months	crt.sh
hubspot.com CloudFlare Inc ECC CA-2	`2019-01-04` - `2020-01-04`	a year	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2019-01-15` - `2019-04-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
Frame ID: DFC0DCFAD8BE1EADD5E8423905DD16BB
Requests: 48 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://link.virtualizationwebinars.com/l/y_QbIn_oKyDRKO1ZJ6bJp-sS6UEwq2l-wRSlqMyiz2c HTTP 302
https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
meta generator /WordPress( [\d.]+)?/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
meta generator /WordPress( [\d.]+)?/i

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

env /^React$/i

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

env /^requirejs$/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+font-awesome(?:\.min)?\.css/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

HubSpot (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

env /^(?:_hsq|hubspot)$/i

KeyCDN (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^keycdn-engine$/i

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^Modernizr$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js/i
env /^jQuery$/i

Piwik () Expand

Overall confidence: 100%
Detected patterns

env /^_paq$/i

Page Statistics

48
Requests

100 %
HTTPS

88 %
IPv6

14
Domains

16
Subdomains

15
IPs

3
Countries

1424 kB
Transfer

3101 kB
Size

9
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://resources.redcanary.com/hubfs/Case%20Studies/5Reasons-OutsourcingSecurity-CaseStudy.pdf
Title: READ MORE

Search URL Search Domain Scan URL

URL: https://resources.redcanary.com/hubfs/Datasheets/Endgame-Datasheet.pdf
Title: Endgame EPP

Search URL Search Domain Scan URL

URL: https://resources.redcanary.com/edr-buyers-guide-request
Title: READ MORE

Search URL Search Domain Scan URL

URL: https://twitter.com/redcanaryco
Title: @redcanaryco

Search URL Search Domain Scan URL

URL: https://github.com/redcanaryco
Title: github/redcanaryco

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/redcanary
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCulDoWwoy0vNvRwl2tVX3-w
Title: YouTube

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://link.virtualizationwebinars.com/l/y_QbIn_oKyDRKO1ZJ6bJp-sS6UEwq2l-wRSlqMyiz2c HTTP 302
https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://www.google-analytics.com/r/collect?v=1&_v=j73&a=724963062&t=pageview&_s=1&dl=https%3A%2F%2Fwww.redcanary.com%2Flateral-movement%2F%3Futm_source%3DCarbonBlack%26utm_medium%3DEmail%26utm_term%3Dnone%26utm_content%3Dnone&ul=en-us&de=UTF-8&dt=ATT%26CK%20Deep%20Dive%3A%20Lateral%20Movement%20-%20Red%20Canary&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=59108177&gjid=908384573&cid=1583104466.1549310178&tid=UA-52702906-1&_gid=240699058.1549310178&_r=1&z=1217728630 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-52702906-1&cid=1583104466.1549310178&jid=59108177&_gid=240699058.1549310178&gjid=908384573&_v=j73&z=1217728630

48 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.redcanary.com/lateral-movement/
Redirect Chain

https://link.virtualizationwebinars.com/l/y_QbIn_oKyDRKO1ZJ6bJp-sS6UEwq2l-wRSlqMyiz2c
https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none

52 KB
8 KB

1068ms
990ms

Document
text/html

2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a0b:4d07:101::1 , Germany, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 2461db4b83ebc9ba94577306c6d7ff105406413d443ac6ffb354557559c16a75

Request headers

:method: GET
:authority: www.redcanary.com
:scheme: https
:path: /lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
server: keycdn-engine
date: Mon, 04 Feb 2019 19:55:56 GMT
content-type: text/html; charset=UTF-8
content-length: 7966
vary: Accept-Encoding
content-encoding: gzip
cache-control: public, max-age=3600, stale-while-revalidate=10800, stale-if-error=604800
expires: Mon, 04 Feb 2019 20:06:15 GMT
x-cache: MISS
x-edge-location: defr
access-control-allow-origin: *
accept-ranges: bytes

Redirect headers

Date: Mon, 04 Feb 2019 19:56:14 GMT
Server: Apache
X-Powered-By: PHP/5.6.37
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: IEMSESSIONID=4c2fc00cdffe00d5768decae07b5a615; path=/ PPVTOK=eyJuYTAzLm15cGlucG9pbnRlLmNvbSI6IjFzSEtuWEgzT25CUE9FUEU0NGlIRkdhWnFPdi01MDY0SWFHZ2o0Q1M5VTQifQ%3D%3D; expires=Wed, 05-Feb-2020 01:44:42 GMT; Max-Age=31556908; path=/; domain=virtualizationwebinars.com PPVTOK=eyJuYTAzLm15cGlucG9pbnRlLmNvbSI6InhJNDdQT3hBNjh4SGZTUWdQY2lFeUFFN050T3htQnZIRnZmWU9MeVVpMW8ifQ%3D%3D; expires=Wed, 05-Feb-2020 01:44:42 GMT; Max-Age=31556908; path=/; domain=virtualizationwebinars.com
Location: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
Vary: User-Agent
Keep-Alive: timeout=5
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 6bkco.css
www.redcanary.com/wp-content/cache/wpfc-minified/lwkvga5s/ 50 KB
9 KB 730ms
729ms Stylesheet
text/css 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redcanary.com/wp-content/cache/wpfc-minified/lwkvga5s/6bkco.css
Requested by: Host: www.redcanary.com
URL: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a0b:4d07:101::1 , Germany, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 9e3c63ec96c13d135563cef4074ed4e75f613f6209a0e18d2368b5cc8d3d4238

Request headers

:path: /wp-content/cache/wpfc-minified/lwkvga5s/6bkco.css
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: www.redcanary.com
referer: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
:scheme: https
:method: GET
Referer: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 04 Feb 2019 19:55:57 GMT
content-encoding: gzip
status: 200
last-modified: Thu, 24 Jan 2019 22:02:28 GMT
server: keycdn-engine
x-edge-location: defr
vary: Accept-Encoding
x-cache: REVALIDATED
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600, stale-while-revalidate=10800, stale-if-error=604800
accept-ranges: bytes
content-length: 8840
expires: max-age=2592000, public

GET
H2 200 6bkcn.css
www.redcanary.com/wp-content/cache/wpfc-minified/kwphjo9v/ 195 KB
33 KB 698ms
697ms Stylesheet
text/css 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redcanary.com/wp-content/cache/wpfc-minified/kwphjo9v/6bkcn.css
Requested by: Host: www.redcanary.com
URL: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a0b:4d07:101::1 , Germany, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software: keycdn-engine /
Resource Hash: a5c15a4b52a341047ceedc9d622359018af27c689900cab99dd080a154cb6bca

Request headers

:path: /wp-content/cache/wpfc-minified/kwphjo9v/6bkcn.css
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: www.redcanary.com
referer: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
:scheme: https
:method: GET
Referer: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 04 Feb 2019 19:55:56 GMT
content-encoding: gzip
status: 200
last-modified: Thu, 24 Jan 2019 22:02:27 GMT
server: keycdn-engine
x-edge-location: defr
vary: Accept-Encoding
x-cache: REVALIDATED
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600, stale-while-revalidate=10800, stale-if-error=604800
accept-ranges: bytes
content-length: 33809
expires: max-age=2592000, public

GET
H2 200 css
fonts.googleapis.com/ 5 KB
696 B 18ms
16ms Stylesheet
text/css 2a00:1450:4001:815::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%2C400i

Requested by

Host: www.redcanary.com
URL: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:815::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

a4fcbca8e2e58c2ffbb602c924b2c79f4fac33703b8a2dd8b94a08c859302852

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 04 Feb 2019 19:56:15 GMT
server: ESF
access-control-allow-origin: *
date: Mon, 04 Feb 2019 19:56:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 1; mode=block
expires: Mon, 04 Feb 2019 19:56:15 GMT

GET
H2 200 6bky8.css
www.redcanary.com/wp-content/cache/wpfc-minified/8id7mwq7/ 814 KB
87 KB 713ms
712ms Stylesheet
text/css 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redcanary.com/wp-content/cache/wpfc-minified/8id7mwq7/6bky8.css
Requested by: Host: www.redcanary.com
URL: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a0b:4d07:101::1 , Germany, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 0367923a077d5a93888506cdb2cad5df5f04622e0bb1f738f9854ba02b734a3b

Request headers

:path: /wp-content/cache/wpfc-minified/8id7mwq7/6bky8.css
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: www.redcanary.com
referer: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
:scheme: https
:method: GET
Referer: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 04 Feb 2019 19:55:56 GMT
content-encoding: gzip
status: 200
last-modified: Thu, 24 Jan 2019 22:05:34 GMT
server: keycdn-engine
x-edge-location: defr
vary: Accept-Encoding
x-cache: REVALIDATED
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600, stale-while-revalidate=10800, stale-if-error=604800
expires: max-age=2592000, public

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 85 KB
30 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:806::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: www.redcanary.com
URL: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:806::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 30 Jan 2019 17:50:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 439516
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 30399
x-xss-protection: 1; mode=block
last-modified: Thu, 25 Jan 2018 15:33:24 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Jan 2020 17:50:59 GMT

GET
H2 200 front.min.js Show response
www.redcanary.com/wp-content/plugins/cookie-notice/js/ 5 KB
1 KB 730ms
729ms Script
application/javascript 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redcanary.com/wp-content/plugins/cookie-notice/js/front.min.js
Requested by: Host: www.redcanary.com
URL: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a0b:4d07:101::1 , Germany, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software: keycdn-engine /
Resource Hash: b82eefb6a4f332f80cf77897057def50d542447398557c6be322d86a3ebe613b

Request headers

:path: /wp-content/plugins/cookie-notice/js/front.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.redcanary.com
referer: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
:scheme: https
:method: GET
Referer: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 04 Feb 2019 19:55:57 GMT
content-encoding: gzip
status: 200
last-modified: Fri, 01 Feb 2019 13:42:01 GMT
server: keycdn-engine
x-edge-location: defr
vary: Accept-Encoding
x-cache: REVALIDATED
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600, stale-while-revalidate=10800, stale-if-error=604800
accept-ranges: bytes
content-length: 1217
expires: max-age=2592000, public

GET
H2 200 cs-head.js Show response
www.redcanary.com/wp-content/plugins/cornerstone/assets/dist/js/site/ 24 KB
9 KB 729ms
728ms Script
application/javascript 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redcanary.com/wp-content/plugins/cornerstone/assets/dist/js/site/cs-head.js
Requested by: Host: www.redcanary.com
URL: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a0b:4d07:101::1 , Germany, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 59b515a91b666c15c02470b7de491904868085917284a6ed62ff32f7a2307227

Request headers

:path: /wp-content/plugins/cornerstone/assets/dist/js/site/cs-head.js
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.redcanary.com
referer: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
:scheme: https
:method: GET
Referer: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 04 Feb 2019 19:55:56 GMT
content-encoding: gzip
status: 200
last-modified: Tue, 15 Jan 2019 11:16:13 GMT
server: keycdn-engine
x-edge-location: defr
vary: Accept-Encoding
x-cache: REVALIDATED
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600, stale-while-revalidate=10800, stale-if-error=604800
accept-ranges: bytes
content-length: 8746
expires: max-age=2592000, public

GET
H2 200 header_logo1.png
www.redcanary.com/wp-content/uploads/ 12 KB
12 KB 730ms
730ms Image
image/png 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.redcanary.com/wp-content/uploads/header_logo1.png
Requested by: Host: www.redcanary.com
URL: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a0b:4d07:101::1 , Germany, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 07a4af7967da58c3d80165959d48df8526d9d3bc1557c4102cf5728e47e340e7

Request headers

:path: /wp-content/uploads/header_logo1.png
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.redcanary.com
referer: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
:scheme: https
:method: GET
Referer: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 04 Feb 2019 19:55:57 GMT
last-modified: Tue, 03 Nov 2015 20:02:52 GMT
server: keycdn-engine
x-edge-location: defr
status: 200
x-cache: REVALIDATED
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=3600, stale-while-revalidate=10800, stale-if-error=604800
accept-ranges: bytes
content-length: 12124
expires: max-age=2592000, public

GET
H2 200 products-icon-1.png
www.redcanary.com/wp-content/uploads/ 4 KB
4 KB 729ms
729ms Image
image/png 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.redcanary.com/wp-content/uploads/products-icon-1.png
Requested by: Host: www.redcanary.com
URL: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a0b:4d07:101::1 , Germany, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software: keycdn-engine /
Resource Hash: a08a9ee0dfd3289c3fb73f2061cfd20c57f4360b5d10959870ed8f629c4c15d3

Request headers

:path: /wp-content/uploads/products-icon-1.png
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.redcanary.com
referer: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
:scheme: https
:method: GET
Referer: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 04 Feb 2019 19:55:57 GMT
last-modified: Sat, 14 Apr 2018 19:07:14 GMT
server: keycdn-engine
x-edge-location: defr
status: 200
x-cache: REVALIDATED
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=3600, stale-while-revalidate=10800, stale-if-error=604800
accept-ranges: bytes
content-length: 3771
expires: max-age=2592000, public

GET
H2 200 Exec-Icon.png
www.redcanary.com/wp-content/uploads/ 5 KB
5 KB 1096ms
1095ms Image
image/png 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.redcanary.com/wp-content/uploads/Exec-Icon.png
Requested by: Host: www.redcanary.com
URL: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a0b:4d07:101::1 , Germany, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software: keycdn-engine /
Resource Hash: a3c2a7372ee31f06865d4aa5724408bee35e35cf926a8852372440f643eb081d

Request headers

:path: /wp-content/uploads/Exec-Icon.png
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.redcanary.com
referer: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
:scheme: https
:method: GET
Referer: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 04 Feb 2019 19:55:58 GMT
last-modified: Wed, 05 Sep 2018 16:21:26 GMT
server: keycdn-engine
x-edge-location: defr
status: 200
x-cache: REVALIDATED
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=3600, stale-while-revalidate=10800, stale-if-error=604800
accept-ranges: bytes
content-length: 4633
expires: max-age=2592000, public

GET
H2 200 products-icon-2.png
www.redcanary.com/wp-content/uploads/ 3 KB
3 KB 1081ms
1080ms Image
image/png 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.redcanary.com/wp-content/uploads/products-icon-2.png
Requested by: Host: www.redcanary.com
URL: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a0b:4d07:101::1 , Germany, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software: keycdn-engine /
Resource Hash: e4554d9d4fafe8778ea731096a74e71c622c5f132ec7ee7ea3b044acd1ddbcb8

Request headers

:path: /wp-content/uploads/products-icon-2.png
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.redcanary.com
referer: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
:scheme: https
:method: GET
Referer: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 04 Feb 2019 19:55:58 GMT
last-modified: Sat, 14 Apr 2018 19:07:52 GMT
server: keycdn-engine
x-edge-location: defr
status: 200
x-cache: REVALIDATED
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=3600, stale-while-revalidate=10800, stale-if-error=604800
accept-ranges: bytes
content-length: 2833
expires: max-age=2592000, public

GET
H2 200 Solutions-Outsource440.png
www.redcanary.com/wp-content/uploads/ 50 KB
50 KB 1081ms
1080ms Image
image/png 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.redcanary.com/wp-content/uploads/Solutions-Outsource440.png
Requested by: Host: www.redcanary.com
URL: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a0b:4d07:101::1 , Germany, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software: keycdn-engine /
Resource Hash: fd80e50f5b108ae2f3633871da65e3b622a75142f0946ebc19007fbe9f3f0667

Request headers

:path: /wp-content/uploads/Solutions-Outsource440.png
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.redcanary.com
referer: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
:scheme: https
:method: GET
Referer: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 04 Feb 2019 19:55:58 GMT
last-modified: Sat, 14 Apr 2018 19:10:56 GMT
server: keycdn-engine
x-edge-location: defr
status: 200
x-cache: REVALIDATED
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=3600, stale-while-revalidate=10800, stale-if-error=604800
accept-ranges: bytes
content-length: 51264
expires: max-age=2592000, public

GET
H2 200 EDR_Buyers_Guide.png
www.redcanary.com/wp-content/uploads/ 203 KB
204 KB 1055ms
1054ms Image
image/png 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.redcanary.com/wp-content/uploads/EDR_Buyers_Guide.png
Requested by: Host: www.redcanary.com
URL: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a0b:4d07:101::1 , Germany, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software: keycdn-engine /
Resource Hash: b0dadfe731d533cc40da26f9151bcca69a1bf0f9a916a42b7a73fcb0694cc81b

Request headers

:path: /wp-content/uploads/EDR_Buyers_Guide.png
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.redcanary.com
referer: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
:scheme: https
:method: GET
Referer: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 04 Feb 2019 19:55:58 GMT
last-modified: Sat, 14 Apr 2018 19:13:43 GMT
server: keycdn-engine
x-edge-location: defr
status: 200
x-cache: REVALIDATED
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=3600, stale-while-revalidate=10800, stale-if-error=604800
accept-ranges: bytes
content-length: 208158
expires: max-age=2592000, public

GET
H2 200 Header-Image.png
www.redcanary.com/wp-content/uploads/ 88 KB
88 KB 1097ms
1096ms Image
image/png 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.redcanary.com/wp-content/uploads/Header-Image.png
Requested by: Host: www.redcanary.com
URL: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a0b:4d07:101::1 , Germany, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software: keycdn-engine /
Resource Hash: c746baf3f58762c26b451fd0a803c33ad7d2f3a7a5bc5cdaf9a047685a6b8c7c

Request headers

:path: /wp-content/uploads/Header-Image.png
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.redcanary.com
referer: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
:scheme: https
:method: GET
Referer: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 04 Feb 2019 19:55:58 GMT
last-modified: Tue, 15 Jan 2019 16:41:20 GMT
server: keycdn-engine
x-edge-location: defr
status: 200
x-cache: REVALIDATED
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=3600, stale-while-revalidate=10800, stale-if-error=604800
accept-ranges: bytes
content-length: 89803
expires: max-age=2592000, public

GET
H2 200 Header-Logos.png
www.redcanary.com/wp-content/uploads/ 10 KB
10 KB 1103ms
1102ms Image
image/png 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.redcanary.com/wp-content/uploads/Header-Logos.png
Requested by: Host: www.redcanary.com
URL: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a0b:4d07:101::1 , Germany, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software: keycdn-engine /
Resource Hash: b51af9206ca85cd33bac0131f24d35165cea40d61465337d90f4c7dc09157d4f

Request headers

:path: /wp-content/uploads/Header-Logos.png
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.redcanary.com
referer: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
:scheme: https
:method: GET
Referer: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 04 Feb 2019 19:55:58 GMT
last-modified: Thu, 17 Jan 2019 17:49:58 GMT
server: keycdn-engine
x-edge-location: defr
status: 200
x-cache: REVALIDATED
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=3600, stale-while-revalidate=10800, stale-if-error=604800
accept-ranges: bytes
content-length: 9737
expires: max-age=2592000, public

GET
H2 200 Speakers-2-1.png
www.redcanary.com/wp-content/uploads/ 259 KB
259 KB 1103ms
1102ms Image
image/png 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.redcanary.com/wp-content/uploads/Speakers-2-1.png
Requested by: Host: www.redcanary.com
URL: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a0b:4d07:101::1 , Germany, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 85cf29fca28cbe90a4910cdf727fa0e32cdd949b514a28384afc669ded177fb5

Request headers

:path: /wp-content/uploads/Speakers-2-1.png
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.redcanary.com
referer: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
:scheme: https
:method: GET
Referer: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 04 Feb 2019 19:55:58 GMT
last-modified: Mon, 21 Jan 2019 23:38:38 GMT
server: keycdn-engine
x-edge-location: defr
status: 200
x-cache: REVALIDATED
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=3600, stale-while-revalidate=10800, stale-if-error=604800
accept-ranges: bytes
content-length: 264796
expires: max-age=2592000, public

GET
H2 200 phil-3.jpg
www.redcanary.com/wp-content/uploads/ 39 KB
39 KB 1087ms
1086ms Image
image/jpeg 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.redcanary.com/wp-content/uploads/phil-3.jpg
Requested by: Host: www.redcanary.com
URL: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a0b:4d07:101::1 , Germany, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software: keycdn-engine /
Resource Hash: e15725d1b3d9d96ac05f2600db5eee00f1c21265abda67dbc1a690e2f9a27699

Request headers

:path: /wp-content/uploads/phil-3.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.redcanary.com
referer: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
:scheme: https
:method: GET
Referer: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 04 Feb 2019 19:55:58 GMT
last-modified: Mon, 21 Jan 2019 23:38:10 GMT
server: keycdn-engine
x-edge-location: defr
status: 200
x-cache: REVALIDATED
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=3600, stale-while-revalidate=10800, stale-if-error=604800
accept-ranges: bytes
content-length: 39835
expires: max-age=2592000, public

GET
H2 200 shell.js Show response
js.hsforms.net/forms/ 382 KB
109 KB 157ms
123ms Script
application/javascript 2606:4700::6811:b749
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/shell.js

Requested by

Host: www.redcanary.com
URL: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:b749 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2fe63f7d028c030752f939de802265505ac85816a25b08c9de72dab152c45fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 04 Feb 2019 19:56:16 GMT
via: 1.1 4c6a785c53783dabd0a60dd4fd841146.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
x-cache: Hit from cloudfront
status: 200
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
content-type: application/javascript; charset=utf-8
last-modified: Mon, 28 Jan 2019 04:17:56 GMT
server: cloudflare
etag: W/"cefd44db6720a1750d4a64b84d91ffee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: DmFU3mBaDiLSpcgol2GZzmwXAjCfaiHE
access-control-allow-origin: *
cache-control: max-age=600
cf-ray: 4a3fb31b8eea233c-FRA
x-amz-cf-id: WGqwy_b9hPprM8QrEJpfXCm8vbnCK87AFAt-NgE2lVTuvTIqBm_dzQ==

GET
H2 200 t.js Show response
vidassets.terminus.services/69073ede-c166-43e2-9f42-e294ce366f17/ 3 KB
2 KB 72ms
26ms Script
application/javascript 143.204.214.53
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://vidassets.terminus.services/69073ede-c166-43e2-9f42-e294ce366f17/t.js

Requested by

Host: www.redcanary.com
URL: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.204.214.53 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-143-204-214-53.fra53.r.cloudfront.net

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

852d6ef7e1f541e29805a611f49b52f6ecb7a47679e966c9264db3c177234ba6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 02 Feb 2019 10:01:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: Hit from cloudfront
status: 200
via: 1.1 a75b67932d84d80b40e12159613deb17.cloudfront.net (CloudFront)
last-modified: Thu, 27 Sep 2018 20:34:17 GMT
server: nginx/1.10.3 (Ubuntu)
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,Authorization
cache-control: public, s-maxage=2700
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,Authorization
x-amz-cf-id: _MXxV1_JQNX5Wpd0T0SlG0viiNg57Z8ZZKBYVLrYYQtyIa_jcQdHiQ==

GET
H2 200 1860440.js Show response
js.hs-scripts.com/ 810 B
699 B 11ms
10ms Script
application/javascript 2606:4700::6811:d3cc
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/1860440.js?integration=wordpress
Requested by: Host: www.redcanary.com
URL: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:d3cc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37c93b23a2c30c3c6034a855de4f8a16c2b9edba4b9ed33795efb5ad34f56542

Request headers

Referer: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 04 Feb 2019 19:56:16 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-polished: origSize=1007
status: 200
access-control-max-age: 3600
cf-bgj: minify
server: cloudflare
x-trace: 2BD2E0F6739FE2EDB940217840BB3816AEC9036C47000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.redcanary.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 4a3fb31bbf0763a3-FRA
expires: Mon, 04 Feb 2019 19:57:16 GMT

GET
H2 200 cs-body.js Show response
www.redcanary.com/wp-content/plugins/cornerstone/assets/dist/js/site/ 154 KB
44 KB 1082ms
1080ms Script
application/javascript 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redcanary.com/wp-content/plugins/cornerstone/assets/dist/js/site/cs-body.js
Requested by: Host: www.redcanary.com
URL: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a0b:4d07:101::1 , Germany, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software: keycdn-engine /
Resource Hash: a717e804361113e44d4e081caef749a01c44cbd57703cb323cdcddbcaa26641f

Request headers

:path: /wp-content/plugins/cornerstone/assets/dist/js/site/cs-body.js
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.redcanary.com
referer: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
:scheme: https
:method: GET
Referer: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 04 Feb 2019 19:55:58 GMT
content-encoding: gzip
status: 200
last-modified: Tue, 15 Jan 2019 11:16:13 GMT
server: keycdn-engine
x-edge-location: defr
vary: Accept-Encoding
x-cache: REVALIDATED
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600, stale-while-revalidate=10800, stale-if-error=604800
accept-ranges: bytes
content-length: 44570
expires: max-age=2592000, public

GET
H2 200 x.js Show response
www.redcanary.com/wp-content/themes/x/framework/dist/js/site/ 61 KB
17 KB 1035ms
1033ms Script
application/javascript 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redcanary.com/wp-content/themes/x/framework/dist/js/site/x.js
Requested by: Host: www.redcanary.com
URL: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a0b:4d07:101::1 , Germany, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 651829a96ee6fe3f297753bd21ef556c463c091a0871d5b3fea1cf53fd5bf686

Request headers

:path: /wp-content/themes/x/framework/dist/js/site/x.js
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.redcanary.com
referer: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
:scheme: https
:method: GET
Referer: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 04 Feb 2019 19:55:58 GMT
content-encoding: gzip
status: 200
last-modified: Tue, 15 Jan 2019 11:19:14 GMT
server: keycdn-engine
x-edge-location: defr
vary: Accept-Encoding
x-cache: REVALIDATED
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600, stale-while-revalidate=10800, stale-if-error=604800
accept-ranges: bytes
content-length: 16983
expires: max-age=2592000, public

GET
H2 200 comment-reply.min.js Show response
www.redcanary.com/wp-includes/js/ 1 KB
897 B 1082ms
1080ms Script
application/javascript 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redcanary.com/wp-includes/js/comment-reply.min.js
Requested by: Host: www.redcanary.com
URL: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a0b:4d07:101::1 , Germany, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 1b1ca0f15010e0124bd4ca481404643c88f7eda1b276e9554d0ed83fb45b7e30

Request headers

:path: /wp-includes/js/comment-reply.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.redcanary.com
referer: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
:scheme: https
:method: GET
Referer: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 04 Feb 2019 19:55:58 GMT
content-encoding: gzip
status: 200
last-modified: Thu, 10 Dec 2015 03:57:43 GMT
server: keycdn-engine
x-edge-location: defr
vary: Accept-Encoding
x-cache: REVALIDATED
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600, stale-while-revalidate=10800, stale-if-error=604800
accept-ranges: bytes
content-length: 589
expires: max-age=2592000, public

GET
H2 200 megamenu.js Show response
www.redcanary.com/wp-content/themes/x-child/ 5 KB
1 KB 1050ms
1049ms Script
application/javascript 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redcanary.com/wp-content/themes/x-child/megamenu.js
Requested by: Host: www.redcanary.com
URL: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a0b:4d07:101::1 , Germany, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 18a259db9fc33fc42f6db1e940b0a7d56b38af9ac739084bb6622c4c550f49a0

Request headers

:path: /wp-content/themes/x-child/megamenu.js
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.redcanary.com
referer: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
:scheme: https
:method: GET
Referer: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 04 Feb 2019 19:55:58 GMT
content-encoding: gzip
status: 200
last-modified: Thu, 17 May 2018 20:18:31 GMT
server: keycdn-engine
x-edge-location: defr
vary: Accept-Encoding
x-cache: REVALIDATED
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600, stale-while-revalidate=10800, stale-if-error=604800
accept-ranges: bytes
content-length: 812
expires: max-age=2592000, public

GET
H2 200 jquery.matchHeight-min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.matchHeight/0.7.2/ 3 KB
1 KB 15ms
13ms Script
application/javascript 2606:4700::6813:c597
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.matchHeight/0.7.2/jquery.matchHeight-min.js

Requested by

Host: www.redcanary.com
URL: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6813:c597 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa87904726726364ad19a7c4b2f2b20ee10637325601b5aa88ed8bfdcb7117a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 04 Feb 2019 19:56:16 GMT
content-encoding: br
cf-cache-status: HIT
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
last-modified: Thu, 17 May 2018 09:20:13 GMT
server: cloudflare
etag: W/"5afd494d-d34"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
expires: Sat, 25 Jan 2020 19:56:16 GMT
cache-control: public, max-age=30672000
cf-ray: 4a3fb31bbe679abe-FRA
served-in-seconds: 0.000

GET
H2 200 scripts-5085a165cf.min.js Show response
www.redcanary.com/wp-content/themes/x-child/assets/build/ 104 KB
29 KB 1040ms
1038ms Script
application/javascript 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redcanary.com/wp-content/themes/x-child/assets/build/scripts-5085a165cf.min.js
Requested by: Host: www.redcanary.com
URL: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a0b:4d07:101::1 , Germany, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 9db9c75020dd1206e1b4237c31397e8a2bb9b5a9ec03bcc05742b9cbebf52416

Request headers

:path: /wp-content/themes/x-child/assets/build/scripts-5085a165cf.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.redcanary.com
referer: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
:scheme: https
:method: GET
Referer: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 04 Feb 2019 19:55:58 GMT
content-encoding: gzip
status: 200
last-modified: Mon, 07 May 2018 19:47:24 GMT
server: keycdn-engine
x-edge-location: defr
vary: Accept-Encoding
x-cache: REVALIDATED
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600, stale-while-revalidate=10800, stale-if-error=604800
accept-ranges: bytes
content-length: 29392
expires: max-age=2592000, public

GET
H2 200 wp-embed.min.js Show response
www.redcanary.com/wp-includes/js/ 1 KB
1 KB 1088ms
1086ms Script
application/javascript 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redcanary.com/wp-includes/js/wp-embed.min.js
Requested by: Host: www.redcanary.com
URL: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a0b:4d07:101::1 , Germany, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7

Request headers

:path: /wp-includes/js/wp-embed.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.redcanary.com
referer: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
:scheme: https
:method: GET
Referer: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 04 Feb 2019 19:55:58 GMT
content-encoding: gzip
status: 200
last-modified: Sun, 09 Dec 2018 08:21:15 GMT
server: keycdn-engine
x-edge-location: defr
vary: Accept-Encoding
x-cache: REVALIDATED
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600, stale-while-revalidate=10800, stale-if-error=604800
accept-ranges: bytes
content-length: 753
expires: max-age=2592000, public

GET
H2 200 Light-Grey-1520x600.jpg
www.redcanary.com/wp-content/uploads/ 12 KB
12 KB 1089ms
1089ms Image
image/jpeg 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.redcanary.com/wp-content/uploads/Light-Grey-1520x600.jpg
Requested by: Host: www.redcanary.com
URL: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a0b:4d07:101::1 , Germany, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 68483ab3fe4490678f20a0ac8e6d2f703457d80e89da6f5a4d5770b2224a041e

Request headers

:path: /wp-content/uploads/Light-Grey-1520x600.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.redcanary.com
referer: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
:scheme: https
:method: GET
Referer: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 04 Feb 2019 19:55:58 GMT
last-modified: Mon, 14 Jan 2019 20:19:11 GMT
server: keycdn-engine
x-edge-location: defr
status: 200
x-cache: REVALIDATED
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=3600, stale-while-revalidate=10800, stale-if-error=604800
accept-ranges: bytes
content-length: 11817
expires: max-age=2592000, public

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2
fonts.gstatic.com/s/sourcesanspro/v11/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v11/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2

Requested by

Host: www.redcanary.com
URL: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81f::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

547ea67155dac1c27efb550426c4848b7364357ed040fd531719c4797e356a1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%2C400i
Origin: https://www.redcanary.com

Response headers

date: Fri, 25 Jan 2019 14:59:07 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 18:25:48 GMT
server: sffe
age: 881829
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 12960
x-xss-protection: 1; mode=block
expires: Sat, 25 Jan 2020 14:59:07 GMT

GET
H2 200 a73829e3-2ff0-48d9-a73f-8c9b4300ce1a Show response
forms.hsforms.com/embed/v3/form/1860440/ 17 KB
2 KB 163ms
124ms Script
application/javascript 2606:4700::6810:5705
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/1860440/a73829e3-2ff0-48d9-a73f-8c9b4300ce1a?callback=hs_reqwest_0&hutk=

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/shell.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:5705 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0ea1d10d94180ca9b96b0ed98fc4bcfb11b8044da58a78865e077d93dfae982

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 04 Feb 2019 19:56:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
content-disposition: attachment; filename=no-rfd.txt
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2032
server: cloudflare
x-trace: 2B7421303AA33E707DE784AE1251294E7F4117D925000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 4a3fb31d0c4d96f4-FRA

GET
H2 200 t.gif
vidassets.terminus.services/69073ede-c166-43e2-9f42-e294ce366f17/ 42 B
666 B 23ms
23ms Image
image/gif 143.204.214.53
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vidassets.terminus.services/69073ede-c166-43e2-9f42-e294ce366f17/t.gif?d=35138a0a-2e17-4026-b754-01bbb79a351c&s=29667d88-958d-4e35-93f4-f8003a15824f&cb=1549310176772

Requested by

Host: www.redcanary.com
URL: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.204.214.53 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-143-204-214-53.fra53.r.cloudfront.net

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 02 Feb 2019 16:55:13 GMT
via: 1.1 a75b67932d84d80b40e12159613deb17.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Thu, 27 Sep 2018 20:34:07 GMT
server: nginx/1.10.3 (Ubuntu)
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
status: 200
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,Authorization
cache-control: public, s-maxage=2700
x-cache: Hit from cloudfront
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,Authorization
content-length: 42
x-amz-cf-id: b8ZWdNhEW4liDXzaOPyF66a9p04VXC-2cN03v42OZXUVQyjBvG3Ykw==

GET
H2 200 fa-solid-900.woff2
www.redcanary.com/wp-content/themes/x/framework/fonts/font_awesome/ 90 KB
90 KB 913ms
912ms Font
application/font-woff2 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redcanary.com/wp-content/themes/x/framework/fonts/font_awesome/fa-solid-900.woff2
Requested by: Host: www.redcanary.com
URL: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a0b:4d07:101::1 , Germany, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software: keycdn-engine /
Resource Hash: a238cffffbfea4c2868fca1b142a3a9690574537a38c857dbe309ec27b033eb3

Request headers

:path: /wp-content/themes/x/framework/fonts/font_awesome/fa-solid-900.woff2
pragma: no-cache
cookie: d-a8e6=35138a0a-2e17-4026-b754-01bbb79a351c; s-9da4=29667d88-958d-4e35-93f4-f8003a15824f
origin: https://www.redcanary.com
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.redcanary.com
referer: https://www.redcanary.com/wp-content/cache/wpfc-minified/kwphjo9v/6bkcn.css
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.redcanary.com/wp-content/cache/wpfc-minified/kwphjo9v/6bkcn.css
Origin: https://www.redcanary.com

Response headers

date: Mon, 04 Feb 2019 19:55:58 GMT
last-modified: Tue, 15 Jan 2019 11:19:14 GMT
server: keycdn-engine
x-edge-location: defr
status: 200
x-cache: REVALIDATED
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=3600, stale-while-revalidate=10800, stale-if-error=604800
accept-ranges: bytes
content-length: 91792
expires: max-age=2592000, public

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 45 KB
11 KB 186ms
185ms Script
application/javascript 2606:4700::6811:ebcc
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/1860440.js?integration=wordpress
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:ebcc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8d366d473a418f82705e4b6274fd86c6b169dd3f0f1dda782c16fa1a02e2f30

Request headers

Referer: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 04 Feb 2019 19:56:16 GMT
via: 1.1 936f33bed45438343f0ef2adff442815.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-cache: Hit from cloudfront
status: 200
x-amz-replication-status: COMPLETED
content-encoding: br
x-amz-version-id: YjtkDizUp06HjYjNM_grdBXtc4yat4J_
last-modified: Mon, 04 Feb 2019 03:29:51 GMT
server: cloudflare
etag: W/"0ac080f4e3e373d27475cc5d0e5c6db0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=600
cf-ray: 4a3fb31cfeaa64c9-FRA
x-amz-cf-id: D_36Ev6ErUoNSiX8p-ml7kgtZtCyplzGrLF-AvaVDogaLJlnW32jig==

GET
H2 200 1860440.js Show response
js.hs-analytics.net/analytics/1549310100000/ 72 KB
24 KB 145ms
145ms Script
text/javascript 2606:4700::6811:45b0
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1549310100000/1860440.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/1860440.js?integration=wordpress
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:45b0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13c11885fad346a007e8c08d3ac797bb6876b7125ebed0515816bc9fff3d88df

Request headers

Referer: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 04 Feb 2019 19:56:16 GMT
content-encoding: gzip
cf-cache-status: MISS
x-amz-request-id: 4AE6040A8C1343C6
status: 200
content-type: text/javascript
content-length: 24682
x-amz-id-2: Un3hajFUkIikvnSK/rX69pSHuQ+I/iEE+fQnZlo0I0Pdam2Y3mfwSpnQ946sIfJ5BqODEWsiji8=
last-modified: Fri, 07 Dec 2018 18:35:16 GMT
server: cloudflare
etag: W/"da3ebcfc9f8860566f8600e34f0db6dd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 4a3fb31cfd61c2c9-FRA
expires: Mon, 04 Feb 2019 20:01:16 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:821::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.redcanary.com
URL: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:821::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 16 Jan 2019 20:01:45 GMT
server: Golfe2
age: 430
date: Mon, 04 Feb 2019 19:49:07 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 17543
expires: Mon, 04 Feb 2019 21:49:07 GMT

GET
H2 200 chevron-down.svg
www.redcanary.com/wp-content/themes/x-child/assets/img/ 1 KB
828 B 982ms
981ms Image
image/svg+xml 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.redcanary.com/wp-content/themes/x-child/assets/img/chevron-down.svg
Requested by: Host: js.hsforms.net
URL: https://js.hsforms.net/forms/shell.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a0b:4d07:101::1 , Germany, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software: keycdn-engine /
Resource Hash: e3f36635221f1124a500c7c4c0d113c08ff7ac3b27dfa1cc6025bdf610cca579

Request headers

:path: /wp-content/themes/x-child/assets/img/chevron-down.svg
pragma: no-cache
cookie: d-a8e6=35138a0a-2e17-4026-b754-01bbb79a351c; s-9da4=29667d88-958d-4e35-93f4-f8003a15824f
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.redcanary.com
referer: https://www.redcanary.com/wp-content/cache/wpfc-minified/8id7mwq7/6bky8.css
:scheme: https
:method: GET
Referer: https://www.redcanary.com/wp-content/cache/wpfc-minified/8id7mwq7/6bky8.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 04 Feb 2019 19:55:59 GMT
content-encoding: gzip
status: 200
last-modified: Fri, 20 Apr 2018 02:33:21 GMT
server: keycdn-engine
x-edge-location: defr
vary: Accept-Encoding
x-cache: REVALIDATED
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=3600, stale-while-revalidate=10800, stale-if-error=604800
accept-ranges: bytes
content-length: 525
expires: max-age=2592000, public

OPTIONS
H2 204 public Show response
api.hubspot.com/livechat/v1/message/ 0
245 B 112ms
112ms XHR
text/plain 2606:4700::6810:fa05
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat/v1/message/public?portalId=1860440&conversations-embed=static-1.1807&mobile=false&messagesUtk=5d633e8b13f540ab900f2990646d6de7

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:fa05 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Access-Control-Request-Method: GET
Origin: https://www.redcanary.com
Referer: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers: x-hubspot-messages-uri

Response headers

date: Mon, 04 Feb 2019 19:56:17 GMT
server: cloudflare
access-control-allow-origin: https://www.redcanary.com
x-trace: 2BD5AABCAFDDAFBA11674CB08CEDA012FE3038B00E000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
allow: OPTIONS,HEAD,GET
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
status: 204
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 4a3fb322efaebeb7-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H2 200 megamenu-products.png
www.redcanary.com/wp-content/uploads/ 52 KB
53 KB 981ms
981ms Image
image/png 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.redcanary.com/wp-content/uploads/megamenu-products.png
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a0b:4d07:101::1 , Germany, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software: keycdn-engine /
Resource Hash: ed147c770e6b75dadb5605b2dfb4002ebfbf67e89d58f79085ed6246f170f003

Request headers

:path: /wp-content/uploads/megamenu-products.png
pragma: no-cache
cookie: d-a8e6=35138a0a-2e17-4026-b754-01bbb79a351c; s-9da4=29667d88-958d-4e35-93f4-f8003a15824f
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.redcanary.com
referer: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
:scheme: https
:method: GET
Referer: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 04 Feb 2019 19:55:59 GMT
last-modified: Tue, 07 Aug 2018 15:23:06 GMT
server: keycdn-engine
x-edge-location: defr
status: 200
x-cache: REVALIDATED
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=3600, stale-while-revalidate=10800, stale-if-error=604800
accept-ranges: bytes
content-length: 53593
expires: max-age=2592000, public

GET
H2 200 megamenu-solutions.png
www.redcanary.com/wp-content/uploads/ 24 KB
24 KB 952ms
952ms Image
image/png 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.redcanary.com/wp-content/uploads/megamenu-solutions.png
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a0b:4d07:101::1 , Germany, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 55c8f08c254866d06d1efaf867dd6bff292c97a3bc915df9c71bd546afd64471

Request headers

:path: /wp-content/uploads/megamenu-solutions.png
pragma: no-cache
cookie: d-a8e6=35138a0a-2e17-4026-b754-01bbb79a351c; s-9da4=29667d88-958d-4e35-93f4-f8003a15824f
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.redcanary.com
referer: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
:scheme: https
:method: GET
Referer: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 04 Feb 2019 19:55:59 GMT
last-modified: Tue, 07 Aug 2018 15:22:13 GMT
server: keycdn-engine
x-edge-location: defr
status: 200
x-cache: REVALIDATED
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=3600, stale-while-revalidate=10800, stale-if-error=604800
accept-ranges: bytes
content-length: 24263
expires: max-age=2592000, public

GET
H2 200 megamenu-resources.png
www.redcanary.com/wp-content/uploads/ 72 KB
72 KB 953ms
953ms Image
image/png 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.redcanary.com/wp-content/uploads/megamenu-resources.png
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a0b:4d07:101::1 , Germany, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 31340bff3dd5ad1a984f06f364f22e7350f945a19e386b074d52baae2aafb4cb

Request headers

:path: /wp-content/uploads/megamenu-resources.png
pragma: no-cache
cookie: d-a8e6=35138a0a-2e17-4026-b754-01bbb79a351c; s-9da4=29667d88-958d-4e35-93f4-f8003a15824f
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.redcanary.com
referer: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
:scheme: https
:method: GET
Referer: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 04 Feb 2019 19:55:59 GMT
last-modified: Tue, 07 Aug 2018 15:20:46 GMT
server: keycdn-engine
x-edge-location: defr
status: 200
x-cache: REVALIDATED
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=3600, stale-while-revalidate=10800, stale-if-error=604800
accept-ranges: bytes
content-length: 73775
expires: max-age=2592000, public

GET
H2 200 megamenu-company.png
www.redcanary.com/wp-content/uploads/ 44 KB
44 KB 935ms
935ms Image
image/png 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.redcanary.com/wp-content/uploads/megamenu-company.png
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a0b:4d07:101::1 , Germany, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software: keycdn-engine /
Resource Hash: c7cd1e71933602b0a3556dc98c221b3e9cec1a8f11a1c538101b513cde77ad73

Request headers

:path: /wp-content/uploads/megamenu-company.png
pragma: no-cache
cookie: d-a8e6=35138a0a-2e17-4026-b754-01bbb79a351c; s-9da4=29667d88-958d-4e35-93f4-f8003a15824f
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.redcanary.com
referer: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
:scheme: https
:method: GET
Referer: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 04 Feb 2019 19:55:59 GMT
last-modified: Tue, 07 Aug 2018 15:18:41 GMT
server: keycdn-engine
x-edge-location: defr
status: 200
x-cache: REVALIDATED
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=3600, stale-while-revalidate=10800, stale-if-error=604800
accept-ranges: bytes
content-length: 44804
expires: max-age=2592000, public

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j73&a=724963062&t=pageview&_s=1&dl=https%3A%2F%2Fwww.redcanary.com%2Flateral-movement%2F%3Futm_source%3DCarbonBlack%26utm_medium%3DEmail%26utm_term...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-52702906-1&cid=1583104466.1549310178&jid=59108177&_gid=240699058.1549310178&gjid=908384573&_v=j73&z=1217728630

35 B
102 B

16ms
15ms

Image
image/gif

2a00:1450:400c:c0a::9c
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-52702906-1&cid=1583104466.1549310178&jid=59108177&_gid=240699058.1549310178&gjid=908384573&_v=j73&z=1217728630

Requested by

Host: www.redcanary.com
URL: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:400c:c0a::9c , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Mon, 04 Feb 2019 19:56:17 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Feb 2019 19:56:17 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-52702906-1&cid=1583104466.1549310178&jid=59108177&_gid=240699058.1549310178&gjid=908384573&_v=j73&z=1217728630
content-type: text/html; charset=UTF-8
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 416
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 public Show response
api.hubspot.com/livechat/v1/message/ 306 B
359 B 192ms
192ms XHR
application/json 2606:4700::6810:fa05
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat/v1/message/public?portalId=1860440&conversations-embed=static-1.1807&mobile=false&messagesUtk=5d633e8b13f540ab900f2990646d6de7

Requested by

Host: www.redcanary.com
URL: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:fa05 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

eacd2b1738cca03d52449ed64ef122b2aff5d5d43df947f1c22fc1fef6223a72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
Origin: https://www.redcanary.com
X-HubSpot-Messages-Uri: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 04 Feb 2019 19:56:18 GMT
content-encoding: br
status: 200
server: cloudflare
x-trace: 2BE95BBE7E69B53282A4AD870629E1476FBF1F2B6B000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.redcanary.com
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 4a3fb323a8c3beb7-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H2 200 1860440.js Show response
js.hs-scripts.com/ 810 B
545 B 9ms
9ms Script
application/javascript 2606:4700::6811:d3cc
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/1860440.js
Requested by: Host: js.hs-analytics.net
URL: https://js.hs-analytics.net/analytics/1549310100000/1860440.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:d3cc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8725bb93cd2d9cb98eb9a598faf3549025e02c028b82b7deb9d8e31347b40895

Request headers

Referer: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 04 Feb 2019 19:56:18 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-polished: origSize=1007
status: 200
access-control-max-age: 3600
cf-bgj: minify
server: cloudflare
x-trace: 2BD81F4FD6885EC945E37D31BBD567CA16CE1709D7000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.redcanary.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 4a3fb3294e2e63a3-FRA
expires: Mon, 04 Feb 2019 19:57:18 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
103 B 21ms
21ms Image
image/gif 2606:4700::6810:fc05
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1332804328&v=1.1&a=1860440&ct=standard-page&pu=https%3A%2F%2Fwww.redcanary.com%2Flateral-movement%2F%3Futm_source%3DCarbonBlack%26utm_medium%3DEmail%26utm_term%3Dnone%26utm_content%3Dnone&t=ATT%26CK+Deep+Dive%3A+Lateral+Movement+-+Red+Canary&cts=1549310178764&vi=8c2eb5ce90587ad7e973338a050fba72&nc=true&u=188883380.8c2eb5ce90587ad7e973338a050fba72.1549310178761.1549310178761.1549310178761.1&b=188883380.1.1549310178761

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:fc05 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

cf-ray: 4a3fb3294873641b-FRA
date: Mon, 04 Feb 2019 19:56:18 GMT
via: 1.1 google
content-type: image/gif
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
p3p: CP="NOI CUR ADM OUR NOR STA NID"
status: 200
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none
alt-svc: clear

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
221 B 15ms
14ms Image
image/gif 2606:4700::6810:fc05
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=17&fi=a73829e3-2ff0-48d9-a73f-8c9b4300ce1a&fci=ed00894e-ef1b-44fa-a029-b6ef73460ce0&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1332804328&v=1.1&a=1860440&ct=standard-page&pu=https%3A%2F%2Fwww.redcanary.com%2Flateral-movement%2F%3Futm_source%3DCarbonBlack%26utm_medium%3DEmail%26utm_term%3Dnone%26utm_content%3Dnone&t=ATT%26CK+Deep+Dive%3A+Lateral+Movement+-+Red+Canary&cts=1549310178767&vi=8c2eb5ce90587ad7e973338a050fba72&nc=true&u=188883380.8c2eb5ce90587ad7e973338a050fba72.1549310178761.1549310178761.1549310178761.1&b=188883380.1.1549310178761

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:fc05 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

cf-ray: 4a3fb3294874641b-FRA
date: Mon, 04 Feb 2019 19:56:18 GMT
via: 1.1 google
content-type: image/gif
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
p3p: CP="NOI CUR ADM OUR NOR STA NID"
status: 200
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none
alt-svc: clear

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
103 B 24ms
23ms Image
image/gif 2606:4700::6810:fc05
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=a73829e3-2ff0-48d9-a73f-8c9b4300ce1a&fci=ed00894e-ef1b-44fa-a029-b6ef73460ce0&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1332804328&v=1.1&a=1860440&ct=standard-page&pu=https%3A%2F%2Fwww.redcanary.com%2Flateral-movement%2F%3Futm_source%3DCarbonBlack%26utm_medium%3DEmail%26utm_term%3Dnone%26utm_content%3Dnone&t=ATT%26CK+Deep+Dive%3A+Lateral+Movement+-+Red+Canary&cts=1549310178768&vi=8c2eb5ce90587ad7e973338a050fba72&nc=true&u=188883380.8c2eb5ce90587ad7e973338a050fba72.1549310178761.1549310178761.1549310178761.1&b=188883380.1.1549310178761

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:fc05 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.redcanary.com/lateral-movement/?utm_source=CarbonBlack&utm_medium=Email&utm_term=none&utm_content=none
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

cf-ray: 4a3fb3294875641b-FRA
date: Mon, 04 Feb 2019 19:56:18 GMT
via: 1.1 google
content-type: image/gif
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
p3p: CP="NOI CUR ADM OUR NOR STA NID"
status: 200
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none
alt-svc: clear

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.redcanary.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.redcanary.com/	1970-01-19 07:43:26	Name: __hstc Value: 188883380.8c2eb5ce90587ad7e973338a050fba72.1549310178761.1549310178761.1549310178761.1
www.redcanary.com/	1970-01-18 23:05:02	Name: d-a8e6 Value: 35138a0a-2e17-4026-b754-01bbb79a351c
.redcanary.com/	1970-01-18 22:23:16	Name: _gid Value: GA1.2.240699058.1549310178
.redcanary.com/	1970-01-18 22:21:51	Name: __hssc Value: 188883380.1.1549310178761
.redcanary.com/	1970-01-19 15:53:02	Name: _ga Value: GA1.2.1583104466.1549310178
www.redcanary.com/	1970-01-18 22:21:51	Name: s-9da4 Value: 29667d88-958d-4e35-93f4-f8003a15824f
.redcanary.com/	1970-01-19 07:43:26	Name: hubspotutk Value: 8c2eb5ce90587ad7e973338a050fba72
.redcanary.com/	1970-01-18 22:21:50	Name: _gat Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.hubspot.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
forms.hsforms.com
js.hs-analytics.net
js.hs-scripts.com
js.hsforms.net
js.usemessages.com
link.virtualizationwebinars.com
stats.g.doubleclick.net
track.hubspot.com
vidassets.terminus.services
www.google-analytics.com
www.redcanary.com
143.204.214.53
199.127.241.13
2606:4700::6810:5705
2606:4700::6810:fa05
2606:4700::6810:fc05
2606:4700::6811:45b0
2606:4700::6811:b749
2606:4700::6811:d3cc
2606:4700::6811:ebcc
2606:4700::6813:c597
2a00:1450:4001:806::200a
2a00:1450:4001:815::200a
2a00:1450:4001:81f::2003
2a00:1450:4001:821::200e
2a00:1450:400c:c0a::9c
2a0b:4d07:101::1
0367923a077d5a93888506cdb2cad5df5f04622e0bb1f738f9854ba02b734a3b
07a4af7967da58c3d80165959d48df8526d9d3bc1557c4102cf5728e47e340e7
13c11885fad346a007e8c08d3ac797bb6876b7125ebed0515816bc9fff3d88df
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
18a259db9fc33fc42f6db1e940b0a7d56b38af9ac739084bb6622c4c550f49a0
1b1ca0f15010e0124bd4ca481404643c88f7eda1b276e9554d0ed83fb45b7e30
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7
2461db4b83ebc9ba94577306c6d7ff105406413d443ac6ffb354557559c16a75
31340bff3dd5ad1a984f06f364f22e7350f945a19e386b074d52baae2aafb4cb
37c93b23a2c30c3c6034a855de4f8a16c2b9edba4b9ed33795efb5ad34f56542
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
547ea67155dac1c27efb550426c4848b7364357ed040fd531719c4797e356a1d
55c8f08c254866d06d1efaf867dd6bff292c97a3bc915df9c71bd546afd64471
59b515a91b666c15c02470b7de491904868085917284a6ed62ff32f7a2307227
651829a96ee6fe3f297753bd21ef556c463c091a0871d5b3fea1cf53fd5bf686
68483ab3fe4490678f20a0ac8e6d2f703457d80e89da6f5a4d5770b2224a041e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
852d6ef7e1f541e29805a611f49b52f6ecb7a47679e966c9264db3c177234ba6
85cf29fca28cbe90a4910cdf727fa0e32cdd949b514a28384afc669ded177fb5
8725bb93cd2d9cb98eb9a598faf3549025e02c028b82b7deb9d8e31347b40895
9db9c75020dd1206e1b4237c31397e8a2bb9b5a9ec03bcc05742b9cbebf52416
9e3c63ec96c13d135563cef4074ed4e75f613f6209a0e18d2368b5cc8d3d4238
a08a9ee0dfd3289c3fb73f2061cfd20c57f4360b5d10959870ed8f629c4c15d3
a238cffffbfea4c2868fca1b142a3a9690574537a38c857dbe309ec27b033eb3
a2fe63f7d028c030752f939de802265505ac85816a25b08c9de72dab152c45fc
a3c2a7372ee31f06865d4aa5724408bee35e35cf926a8852372440f643eb081d
a4fcbca8e2e58c2ffbb602c924b2c79f4fac33703b8a2dd8b94a08c859302852
a5c15a4b52a341047ceedc9d622359018af27c689900cab99dd080a154cb6bca
a717e804361113e44d4e081caef749a01c44cbd57703cb323cdcddbcaa26641f
b0dadfe731d533cc40da26f9151bcca69a1bf0f9a916a42b7a73fcb0694cc81b
b51af9206ca85cd33bac0131f24d35165cea40d61465337d90f4c7dc09157d4f
b82eefb6a4f332f80cf77897057def50d542447398557c6be322d86a3ebe613b
c746baf3f58762c26b451fd0a803c33ad7d2f3a7a5bc5cdaf9a047685a6b8c7c
c7cd1e71933602b0a3556dc98c221b3e9cec1a8f11a1c538101b513cde77ad73
c8d366d473a418f82705e4b6274fd86c6b169dd3f0f1dda782c16fa1a02e2f30
d0ea1d10d94180ca9b96b0ed98fc4bcfb11b8044da58a78865e077d93dfae982
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e15725d1b3d9d96ac05f2600db5eee00f1c21265abda67dbc1a690e2f9a27699
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f36635221f1124a500c7c4c0d113c08ff7ac3b27dfa1cc6025bdf610cca579
e4554d9d4fafe8778ea731096a74e71c622c5f132ec7ee7ea3b044acd1ddbcb8
eacd2b1738cca03d52449ed64ef122b2aff5d5d43df947f1c22fc1fef6223a72
ed147c770e6b75dadb5605b2dfb4002ebfbf67e89d58f79085ed6246f170f003
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fa87904726726364ad19a7c4b2f2b20ee10637325601b5aa88ed8bfdcb7117a7
fd80e50f5b108ae2f3633871da65e3b622a75142f0946ebc19007fbe9f3f0667

www.redcanary.com Open in urlscan Pro 2a0b:4d07:101::1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

48 Requests

100 %HTTPS

88 %IPv6

14 Domains

16 Subdomains

15 IPs

3 Countries

1424 kBTransfer

3101 kBSize

9 Cookies

7 Outgoing links

Page URL History

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.redcanary.com Open in urlscan Pro
2a0b:4d07:101::1 Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

100 %
HTTPS

88 %
IPv6

14
Domains

16
Subdomains

15
IPs

3
Countries

1424 kB
Transfer

3101 kB
Size

9
Cookies

48 HTTP transactions
0 data transactions