yoroi.company Open in urlscan Pro
2606:4700:3035::681f:45d6 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
Submission: On June 07 via api (June 7th 2020, 9:21:02 pm UTC) from US

Summary HTTP 61 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 9 IPs in 4 countries across 8 domains to perform 61 HTTP transactions. The main IP is 2606:4700:3035::681f:45d6, located in United States and belongs to CLOUDFLARENET, US. The main domain is yoroi.company.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on March 6th 2020. Valid for: 7 months.

This is the only time yoroi.company was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
37	2606:4700:303... 2606:4700:3035::681f:45d6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:815::200a	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:818::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:816::2004	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:81b::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:820::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
61	9

37 2606:4700:3035::681f:45d6 (United States)

ASN13335 (CLOUDFLARENET, US)

yoroi.company	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:818::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh5.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh4.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh6.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:816::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81b::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	yoroi.company yoroi.company	271 KB
15	googleusercontent.com lh3.googleusercontent.com lh5.googleusercontent.com lh6.googleusercontent.com lh4.googleusercontent.com	1 MB
2	gstatic.com www.gstatic.com fonts.gstatic.com	166 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	google.com www.google.com	602 B
2	jsdelivr.net cdn.jsdelivr.net	9 KB
1	doubleclick.net stats.g.doubleclick.net	99 B
1	googleapis.com fonts.googleapis.com	657 B
61	8

	Domain	Requested by
37	yoroi.company	yoroi.company
6	lh5.googleusercontent.com	yoroi.company
4	lh6.googleusercontent.com	yoroi.company
4	lh3.googleusercontent.com	yoroi.company
2	www.google-analytics.com	1 redirects yoroi.company
2	www.google.com	yoroi.company www.gstatic.com
2	cdn.jsdelivr.net	yoroi.company
1	stats.g.doubleclick.net	yoroi.company
1	fonts.gstatic.com	yoroi.company
1	www.gstatic.com	www.google.com
1	lh4.googleusercontent.com	yoroi.company
1	fonts.googleapis.com	yoroi.company
61	12

This site contains links to these domains. Also see Links.

Domain
unit42.paloaltonetworks.com
maps.google.com
www.facebook.com
twitter.com
www.linkedin.com
www.youtube.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-03-06` - `2020-10-09`	7 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-05-20` - `2020-08-12`	3 months	crt.sh
*.googleusercontent.com GTS CA 1O1	`2020-05-20` - `2020-08-12`	3 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-04-16` - `2021-04-17`	a year	crt.sh
www.google.com GTS CA 1O1	`2020-05-20` - `2020-08-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-05-20` - `2020-08-12`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-05-20` - `2020-08-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-05-20` - `2020-08-12`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
Frame ID: 1D12CD6FEF561819629FD1FF0D70291D
Requests: 60 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfTr-AUAAAAANb_RvhTeWu00N_K6josD9XFY1OD&co=aHR0cHM6Ly95b3JvaS5jb21wYW55OjQ0Mw..&hl=en&v=ADnAC3ZykfbIOflWgrKNsVVT&size=invisible&cb=g0zpe98sgacw
Frame ID: C46E8726676BC86BC4DF5AD710C5479E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+foundation[^>"]+css/i

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link [^>]+(?:\/([\d.]+)\/)?animate\.(?:min\.)?css/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

61
Requests

100 %
HTTPS

100 %
IPv6

8
Domains

12
Subdomains

9
IPs

4
Countries

1850 kB
Transfer

3011 kB
Size

4
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://unit42.paloaltonetworks.com/aggah-campaign-bit-ly-blogspot-and-pastebin-used-for-c2-in-large-scale-campaign/
Title: PaloAlto’s UNIT42

Search URL Search Domain Scan URL

URL: https://maps.google.com/?q=Via%20Giovanni%20Battista%20Martini%206,%20Roma%20RM,%2000198
Title: Via Giovanni Battista Martini 6, Roma RM, 00198

Search URL Search Domain Scan URL

URL: https://www.facebook.com/weareyoroi/

Search URL Search Domain Scan URL

URL: https://twitter.com/yoroisecurity

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/yoroi/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCb3woWzGtRO8tYHHpje3AMA

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58

https://www.google-analytics.com/r/collect?v=1&_v=j82&aip=1&a=1377731450&t=pageview&_s=1&dl=https%3A%2F%2Fyoroi.company%2Fresearch%2Fcyber-criminal-espionage-operation-insists-on-italian-manufacturing%2F&ul=en-us&de=UTF-8&dt=Cyber-Criminal%20espionage%20Operation%20insists%20on%20Italian%20Manufacturing%20-%20Yoroi&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUAB~&jid=300627975&gjid=482939582&cid=554160342.1591564838&tid=UA-54504571-1&_gid=1314980163.1591564838&_r=1&z=1544582201 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-54504571-1&cid=554160342.1591564838&jid=300627975&_gid=1314980163.1591564838&gjid=482939582&_v=j82&z=1544582201

61 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/ 168 KB
30 KB 922ms
891ms Document
text/html 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5a40d3fa5887da17647fad5c70a1b4145ba5b9692b9f10aadd1ac725d4a4f10

Request headers

:method: GET
:authority: yoroi.company
:scheme: https
:path: /research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Sun, 07 Jun 2020 21:20:36 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=dba313c917ef0db13cde4e4ef7c2b38821591564835; expires=Tue, 07-Jul-20 21:20:35 GMT; path=/; domain=.yoroi.company; HttpOnly; SameSite=Lax
vary: Accept-Encoding Cookie
host-header: WordPress.com
x-pingback: https://yoroi.company/xmlrpc.php
link: <https://yoroi.company/wp-json/>; rel="https://api.w.org/" <https://yoroi.company/?p=4618>; rel=shortlink
x-ac: 2.fra _atomic_dca
cf-cache-status: DYNAMIC
cf-request-id: 03324131a8000096aa6ba99200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 59fd6afc4f9796aa-FRA
content-encoding: br

GET
H2 200 dashicons.min.css
yoroi.company/wp-includes/css/ 46 KB
28 KB 20ms
16ms Stylesheet
text/css 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yoroi.company/wp-includes/css/dashicons.min.css?ver=5.4.1
Requested by: Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18aa66c192cbef43a61b1398c292ae5c6c1d40d679428ee998b1c6bfaf61d75a

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Jun 2020 21:20:36 GMT
x-ac: 2.fra _atomic_dca
cf-cache-status: HIT
age: 174140
status: 200
content-encoding: br
cf-request-id: 033241352b000096aa6baeb200000001
last-modified: Wed, 15 May 2019 16:08:57 GMT
server: cloudflare
etag: W/"5cdc3999-b9c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
cf-ray: 59fd6b01dbb596aa-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 elusive.min.css
yoroi.company/wp-content/plugins/slick-menu/includes/modules/slick-menu-icons/includes/library/slick-menu-icon-picker/css/types/ 12 KB
2 KB 18ms
15ms Stylesheet
text/css 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yoroi.company/wp-content/plugins/slick-menu/includes/modules/slick-menu-icons/includes/library/slick-menu-icon-picker/css/types/elusive.min.css?ver=2.0
Requested by: Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6cf390024b9fb02ae1756d257499f568393acc60c76ae6b13ce986a46f396e34

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Jun 2020 21:20:36 GMT
x-ac: 2.fra _atomic_dca
cf-cache-status: HIT
age: 172844
status: 200
content-encoding: br
cf-request-id: 033241352b000096aa6baec200000001
last-modified: Fri, 28 Feb 2020 09:19:08 GMT
server: cloudflare
etag: W/"5e58db0c-31f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
cf-ray: 59fd6b01dbb696aa-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 font-awesome.min.css
yoroi.company/wp-content/plugins/slick-menu/includes/modules/slick-menu-icons/includes/library/slick-menu-icon-picker/css/types/ 28 KB
6 KB 23ms
20ms Stylesheet
text/css 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yoroi.company/wp-content/plugins/slick-menu/includes/modules/slick-menu-icons/includes/library/slick-menu-icon-picker/css/types/font-awesome.min.css?ver=4.6.3
Requested by: Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fd50e41f2ce65b53589fb6ca59a03d2fc269d65db66f8c0b29fc5bc8ba84d08

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Jun 2020 21:20:36 GMT
x-ac: 2.fra _atomic_dca
cf-cache-status: HIT
age: 7660065
status: 200
content-encoding: br
cf-request-id: 033241352b000096aa6baed200000001
last-modified: Fri, 28 Feb 2020 09:19:08 GMT
server: cloudflare
etag: W/"5e58db0c-7160"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
cf-ray: 59fd6b01dbb796aa-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 foundation-icons.min.css
yoroi.company/wp-content/plugins/slick-menu/includes/modules/slick-menu-icons/includes/library/slick-menu-icon-picker/css/types/ 17 KB
3 KB 21ms
18ms Stylesheet
text/css 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yoroi.company/wp-content/plugins/slick-menu/includes/modules/slick-menu-icons/includes/library/slick-menu-icon-picker/css/types/foundation-icons.min.css?ver=3.0
Requested by: Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d51089ba164e46643145dc475cce83e53896a1e6541c68b20d841c1ab24e65b9

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Jun 2020 21:20:36 GMT
x-ac: 2.fra _atomic_dca
cf-cache-status: HIT
age: 1412347
status: 200
content-encoding: br
cf-request-id: 033241352b000096aa6baee200000001
last-modified: Fri, 28 Feb 2020 09:19:08 GMT
server: cloudflare
etag: W/"5e58db0c-439a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
cf-ray: 59fd6b01dbb896aa-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 genericons.min.css
yoroi.company/wp-content/plugins/slick-menu/includes/modules/slick-menu-icons/includes/library/slick-menu-icon-picker/css/types/ 26 KB
16 KB 26ms
23ms Stylesheet
text/css 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yoroi.company/wp-content/plugins/slick-menu/includes/modules/slick-menu-icons/includes/library/slick-menu-icon-picker/css/types/genericons.min.css?ver=3.4
Requested by: Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2deb67a6ea5e9e0e254330515f7aa291a07618b72715a63971274378cd4d06c4

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Jun 2020 21:20:36 GMT
x-ac: 2.fra _atomic_dca
cf-cache-status: HIT
age: 998818
status: 200
content-encoding: br
cf-request-id: 033241352b000096aa6baef200000001
last-modified: Fri, 28 Feb 2020 09:19:08 GMT
server: cloudflare
etag: W/"5e58db0c-683c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
cf-ray: 59fd6b01dbb996aa-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 extra.min.css
yoroi.company/wp-content/plugins/slick-menu/includes/modules/slick-menu-icons/css/ 1 KB
425 B 18ms
15ms Stylesheet
text/css 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yoroi.company/wp-content/plugins/slick-menu/includes/modules/slick-menu-icons/css/extra.min.css?ver=0.10.1
Requested by: Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 818b6cee88115de0ce32e93ec25d7ff9d675199286ff470d71117a3d97b2991a

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Jun 2020 21:20:36 GMT
x-ac: 2.fra _atomic_dca
cf-cache-status: HIT
age: 3846702
status: 200
content-encoding: br
cf-request-id: 033241352b000096aa6baf0200000001
last-modified: Fri, 28 Feb 2020 09:19:08 GMT
server: cloudflare
etag: W/"5e58db0c-4a0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
cf-ray: 59fd6b01dbba96aa-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.min.css
yoroi.company/wp-includes/css/dist/block-library/ 52 KB
7 KB 23ms
20ms Stylesheet
text/css 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yoroi.company/wp-includes/css/dist/block-library/style.min.css?ver=5.4.1
Requested by: Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d02934f0a5b722dbd076dda86e34373e037158a672a8a10409bcbdb5a9040b42

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Jun 2020 21:20:36 GMT
x-ac: 2.fra _atomic_dca
cf-cache-status: HIT
age: 3369410
status: 200
content-encoding: br
cf-request-id: 033241352b000096aa6baf1200000001
last-modified: Tue, 10 Mar 2020 15:42:14 GMT
server: cloudflare
etag: W/"5e67b556-d0f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
cf-ray: 59fd6b01dbbb96aa-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 styles.css
yoroi.company/wp-content/plugins/contact-form-7/includes/css/ 2 KB
707 B 24ms
21ms Stylesheet
text/css 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yoroi.company/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.7
Requested by: Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 811e8960b8f79f14983e30df80a4ccc69d82430ccc0520d2a1a3d1405cfbb2a1

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Jun 2020 21:20:36 GMT
x-ac: 2.fra _atomic_dca
cf-cache-status: HIT
age: 3846702
status: 200
content-encoding: br
cf-request-id: 033241352b000096aa6baf2200000001
last-modified: Mon, 09 Mar 2020 14:15:47 GMT
server: cloudflare
etag: W/"5e664f93-6d2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
cf-ray: 59fd6b01dbbc96aa-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 front.min.css
yoroi.company/wp-content/plugins/cookie-notice/css/ 5 KB
1 KB 24ms
21ms Stylesheet
text/css 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yoroi.company/wp-content/plugins/cookie-notice/css/front.min.css?ver=5.4.1
Requested by: Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb5fe511b68861796157104f45c01546db651f8d831390c388af04fb0b0d3039

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Jun 2020 21:20:36 GMT
x-ac: 2.fra _atomic_dca
cf-cache-status: HIT
age: 174140
status: 200
content-encoding: br
cf-request-id: 033241352b000096aa6baf3200000001
last-modified: Fri, 17 Apr 2020 13:27:48 GMT
server: cloudflare
etag: W/"5e99aed4-155d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
cf-ray: 59fd6b01dbbd96aa-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 aos.css
yoroi.company/wp-content/plugins/oxygen/component-framework/vendor/aos/ 25 KB
2 KB 24ms
22ms Stylesheet
text/css 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yoroi.company/wp-content/plugins/oxygen/component-framework/vendor/aos/aos.css?ver=5.4.1
Requested by: Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Jun 2020 21:20:36 GMT
x-ac: 2.fra _atomic_dca
cf-cache-status: HIT
age: 3372863
status: 200
content-encoding: br
cf-request-id: 033241352b000096aa6baf4200000001
last-modified: Mon, 03 Feb 2020 11:41:57 GMT
server: cloudflare
etag: W/"5e380705-65c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
cf-ray: 59fd6b01dbbe96aa-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 oxygen.css
yoroi.company/wp-content/plugins/oxygen/component-framework/ 18 KB
4 KB 20ms
17ms Stylesheet
text/css 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yoroi.company/wp-content/plugins/oxygen/component-framework/oxygen.css?ver=3.1.1
Requested by: Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9124a6fd00e218d97037cdcbc7ea4c40c73d95bd19da2a6a477789f1daa0bf7f

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Jun 2020 21:20:36 GMT
x-ac: 2.fra _atomic_dca
cf-cache-status: HIT
age: 7660065
status: 200
content-encoding: br
cf-request-id: 033241352b000096aa6baf5200000001
last-modified: Mon, 03 Feb 2020 11:40:54 GMT
server: cloudflare
etag: W/"5e3806c6-498b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
cf-ray: 59fd6b01dbbf96aa-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 contact-form-7-email-spam-blocker-public.css
yoroi.company/wp-content/plugins/wp-contact-form7-email-spam-blocker/public/css/ 98 B
202 B 21ms
19ms Stylesheet
text/css 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yoroi.company/wp-content/plugins/wp-contact-form7-email-spam-blocker/public/css/contact-form-7-email-spam-blocker-public.css?ver=1.0.0
Requested by: Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Jun 2020 21:20:36 GMT
x-ac: 2.fra _atomic_dca
cf-cache-status: HIT
age: 172844
status: 200
content-encoding: br
cf-request-id: 033241352d000096aa6baf6200000001
last-modified: Tue, 04 Feb 2020 11:21:55 GMT
server: cloudflare
etag: W/"5e3953d3-62"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
cf-ray: 59fd6b01ebc096aa-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 animate.css
yoroi.company/wp-content/plugins/slick-menu/assets/vendors/animate/ 77 KB
4 KB 21ms
19ms Stylesheet
text/css 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yoroi.company/wp-content/plugins/slick-menu/assets/vendors/animate/animate.css?ver=1.2.7
Requested by: Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97470c6fac60d3431c7309907a10d67d0356b563c7bab67f7a44301d4164ac38

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Jun 2020 21:20:36 GMT
x-ac: 2.fra _atomic_dca
cf-cache-status: HIT
age: 913810
status: 200
content-encoding: br
cf-request-id: 033241352d000096aa6baf7200000001
last-modified: Fri, 28 Feb 2020 09:19:08 GMT
server: cloudflare
etag: W/"5e58db0c-135d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
cf-ray: 59fd6b01ebc296aa-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 slickmenu.min.css
yoroi.company/wp-content/plugins/slick-menu/assets/css/ 48 KB
7 KB 28ms
26ms Stylesheet
text/css 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yoroi.company/wp-content/plugins/slick-menu/assets/css/slickmenu.min.css?ver=1.2.7
Requested by: Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81d95e3d8d470a9de65b68baab1200d56b39a812e7717d7d294910a37d635dd3

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Jun 2020 21:20:36 GMT
x-ac: 2.fra _atomic_dca
cf-cache-status: HIT
age: 280764
status: 200
content-encoding: br
cf-request-id: 033241352d000096aa6baf8200000001
last-modified: Fri, 28 Feb 2020 09:19:08 GMT
server: cloudflare
etag: W/"5e58db0c-beb1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
cf-ray: 59fd6b01ebc496aa-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 /
yoroi.company/ 243 KB
7 KB 530ms
529ms Stylesheet
text/css 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yoroi.company/?sm_ajax=dynamic_styles&t=1591564148&ver=1.2.7
Requested by: Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ea057066074e145942ce7d17112e74a6f88850c8d450ada79c920e78263ee94

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray: 59fd6b01ebc696aa-FRA
date: Sun, 07 Jun 2020 21:20:36 GMT
x-ac: 2.fra _atomic_dca
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Cookie
content-type: text/css; charset: UTF-8;charset=utf-8
status: 200
host-header: WordPress.com
content-encoding: br
cf-request-id: 033241352d000096aa6baf9200000001

GET
H2 200 jquery.js Show response
yoroi.company/wp-includes/js/jquery/ 95 KB
32 KB 29ms
27ms Script
application/javascript 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yoroi.company/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Jun 2020 21:20:36 GMT
x-ac: 2.fra _atomic_dca
cf-cache-status: HIT
age: 174139
status: 200
content-encoding: br
cf-request-id: 033241352d000096aa6bafa200000001
last-modified: Fri, 17 May 2019 04:25:54 GMT
server: cloudflare
etag: W/"5cde37d2-17a69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 59fd6b01ebc996aa-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 front.min.js Show response
yoroi.company/wp-content/plugins/cookie-notice/js/ 9 KB
2 KB 25ms
24ms Script
application/javascript 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yoroi.company/wp-content/plugins/cookie-notice/js/front.min.js?ver=1.3.1
Requested by: Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc51ed5137587b9033d06b65d9456d6d69dc52a4005cc51b2d23f85e69d4f8c8

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Jun 2020 21:20:36 GMT
x-ac: 2.fra _atomic_dca
cf-cache-status: HIT
age: 4188578
status: 200
content-encoding: br
cf-request-id: 0332413531000096aa6bafb200000001
last-modified: Fri, 17 Apr 2020 13:27:48 GMT
server: cloudflare
etag: W/"5e99aed4-2474"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 59fd6b01ebcb96aa-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 aos.js Show response
yoroi.company/wp-content/plugins/oxygen/component-framework/vendor/aos/ 14 KB
4 KB 26ms
24ms Script
application/javascript 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yoroi.company/wp-content/plugins/oxygen/component-framework/vendor/aos/aos.js?ver=1
Requested by: Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4460f1596174d06cca957fdaca2c71e1a377cf1d6f07ee4c75ffb3bf3fc97a03

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Jun 2020 21:20:36 GMT
x-ac: 2.fra _atomic_dca
cf-cache-status: HIT
age: 913810
status: 200
content-encoding: br
cf-request-id: 0332413531000096aa6bafd200000001
last-modified: Mon, 03 Feb 2020 11:41:57 GMT
server: cloudflare
etag: W/"5e380705-37a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 59fd6b01ebcf96aa-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 contact-form-7-email-spam-blocker-public.js Show response
yoroi.company/wp-content/plugins/wp-contact-form7-email-spam-blocker/public/js/ 838 B
545 B 21ms
20ms Script
application/javascript 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yoroi.company/wp-content/plugins/wp-contact-form7-email-spam-blocker/public/js/contact-form-7-email-spam-blocker-public.js?ver=1.0.0
Requested by: Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Jun 2020 21:20:36 GMT
x-ac: 2.fra _atomic_dca
cf-cache-status: HIT
age: 913810
status: 200
content-encoding: br
cf-request-id: 0332413531000096aa6bafe200000001
last-modified: Tue, 04 Feb 2020 11:21:55 GMT
server: cloudflare
etag: W/"5e3953d3-346"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 59fd6b01ebd096aa-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 9 KB
657 B 22ms
21ms Stylesheet
text/css 2a00:1450:4001:815::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Work+Sans:100,200,300,400,500,600,700,800,900|Work+Sans:100,200,300,400,500,600,700,800,900

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a112c1d99d51d54237d19b32f197efb30583bd80aada0a094bdaa7a9452a15ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 07 Jun 2020 21:20:36 GMT
server: ESF
date: Sun, 07 Jun 2020 21:20:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 07 Jun 2020 21:20:36 GMT

GET
H2 200 /
yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/ 34 KB
6 KB 856ms
856ms Stylesheet
text/css 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/?xlink=css&ver=5.4.1
Requested by: Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af73c24ded3f2637540ae5b80bacf564d968a70443f4a405182fb42c8a19c91b

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-pingback: https://yoroi.company/xmlrpc.php
date: Sun, 07 Jun 2020 21:20:36 GMT
x-ac: 2.fra _atomic_dca
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Cookie
content-type: text/css;charset=utf-8
status: 200
cf-ray: 59fd6b01ebcc96aa-FRA
host-header: WordPress.com
content-encoding: br
link: <https://yoroi.company/wp-json/>; rel="https://api.w.org/", <https://yoroi.company/?p=4618>; rel=shortlink
cf-request-id: 0332413531000096aa6bafc200000001

GET
H2 200 logo-head.svg
yoroi.company/wp-content/uploads/2020/01/ 3 KB
1 KB 22ms
16ms Image
image/svg+xml 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yoroi.company/wp-content/uploads/2020/01/logo-head.svg
Requested by: Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65158a29c17b7bd93fcb3409b97eda74a7c090d932a9ce494adb9f82d737894d

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Jun 2020 21:20:37 GMT
x-ac: 2.fra _atomic_dca
cf-cache-status: HIT
age: 317695
status: 200
content-encoding: br
cf-request-id: 0332413955000096aa6bb4a200000001
last-modified: Mon, 03 Feb 2020 11:41:20 GMT
server: cloudflare
etag: W/"5e3806e0-a21"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 59fd6b0888dc96aa-FRA
expires: Thu, 11 Jun 2020 05:05:42 GMT

GET
H2 200 hamburger.svg
yoroi.company/wp-content/uploads/2020/01/ 488 B
403 B 28ms
23ms Image
image/svg+xml 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yoroi.company/wp-content/uploads/2020/01/hamburger.svg
Requested by: Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f349f68dd834591897a2b648193d96446427a388772b17163e166c17bf4bb5f4

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Jun 2020 21:20:37 GMT
x-ac: 2.fra _atomic_dca
cf-cache-status: HIT
age: 184722
status: 200
content-encoding: br
cf-request-id: 0332413955000096aa6bb4b200000001
last-modified: Mon, 03 Feb 2020 11:41:17 GMT
server: cloudflare
etag: W/"5e3806dd-1e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 59fd6b0888dd96aa-FRA
expires: Fri, 12 Jun 2020 18:01:55 GMT

GET
H2 200 Risorsa-36-8.png
yoroi.company/wp-content/uploads/2020/01/ 30 KB
30 KB 26ms
21ms Image
image/png 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yoroi.company/wp-content/uploads/2020/01/Risorsa-36-8.png
Requested by: Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 048e7b54fbc9022c80b0bf1144f55baaf814f91fe575515dbd4263634317013f

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Jun 2020 21:20:37 GMT
x-ac: 2.fra _atomic_dca
cf-cache-status: HIT
age: 317695
status: 200
content-length: 30485
cf-request-id: 0332413955000096aa6bb4c200000001
last-modified: Mon, 03 Feb 2020 11:41:18 GMT
server: cloudflare
etag: "5e3806de-7715"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 59fd6b0888de96aa-FRA
expires: Thu, 11 Jun 2020 05:05:42 GMT

GET
H2 200 Zjha9-Haq9pIhQOXqU8yF2o10B93AMeGphJOoQtJBVaccZQfc6aPDT0NsyN9zpjzqQ1fFjIxnAZ12pRAai9OP5S0-xmZPlEhdaN77M0J_H2T-z5z21pny1HnbVlkCMm5I9zYBYc
lh3.googleusercontent.com/ 62 KB
62 KB 49ms
18ms Image
image/png 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/Zjha9-Haq9pIhQOXqU8yF2o10B93AMeGphJOoQtJBVaccZQfc6aPDT0NsyN9zpjzqQ1fFjIxnAZ12pRAai9OP5S0-xmZPlEhdaN77M0J_H2T-z5z21pny1HnbVlkCMm5I9zYBYc

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0393ca3e78ea20df43fe2aeb0b0edfaa8207dec4555bbc7afe49acc07a16eafd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Jun 2020 20:56:03 GMT
x-content-type-options: nosniff
age: 1474
status: 200
content-disposition: inline;filename="pasted image 0.png"
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63693
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 08 Jun 2020 10:39:00 GMT

GET
H2 200 AYz0w4ASVf03imxs2S8Z19CxzEgya5NAm0CPqRNSHvFY2mA2yOqti6FTGqWny0JKH9oQqeGTUYp9kGygz0WnPYmZAQbZBVNqpF1QBuahJJl1nUvMkAVjJfbaou0StPzHZCjDUE8
lh5.googleusercontent.com/ 18 KB
18 KB 202ms
171ms Image
image/png 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/AYz0w4ASVf03imxs2S8Z19CxzEgya5NAm0CPqRNSHvFY2mA2yOqti6FTGqWny0JKH9oQqeGTUYp9kGygz0WnPYmZAQbZBVNqpF1QBuahJJl1nUvMkAVjJfbaou0StPzHZCjDUE8

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2a2cf9a938c52aa4159c61435eae29f96a0abbbe0528afe1f98a63d9431218ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Jun 2020 21:20:37 GMT
x-content-type-options: nosniff
age: 0
status: 200
content-disposition: inline;filename="pasted image 0.png"
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18787
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 08 Jun 2020 10:39:00 GMT

GET
H2 200 ogxIs1oN2_TGi2MIkNytyTpGepS4Xn-Bvxq_hRFyn3kUj-0pLbstEmkFnHgDb9b3d9d27lfN8I03itpIwjxWx2j5S3EScne-AAem0_f2dpR5CcVAKjvmsRSsH3GauR2C_C6zMSI
lh5.googleusercontent.com/ 19 KB
19 KB 202ms
172ms Image
image/png 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/ogxIs1oN2_TGi2MIkNytyTpGepS4Xn-Bvxq_hRFyn3kUj-0pLbstEmkFnHgDb9b3d9d27lfN8I03itpIwjxWx2j5S3EScne-AAem0_f2dpR5CcVAKjvmsRSsH3GauR2C_C6zMSI

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

11afa87705977e06be751fce8cebbeecc0c93e5b5d90d0055ab3936a57eac385

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Jun 2020 21:20:37 GMT
x-content-type-options: nosniff
status: 200
content-disposition: inline;filename="pasted image 0.png"
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19164
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 08 Jun 2020 21:20:37 GMT

GET
H2 200 6_QIuMa3i-tbZ02nH1R8eUAfUL1jwZtEB52im9QEQVQHJ2wbn23w2pTSfpV8J0n-Kz_VAtl_lk95Zkqh-r2m4sZvS8yEg2EpDEEGmg-uWhYkt7NPAJf8_OuPi8uE93By8xYG0VI
lh5.googleusercontent.com/ 65 KB
65 KB 221ms
191ms Image
image/png 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/6_QIuMa3i-tbZ02nH1R8eUAfUL1jwZtEB52im9QEQVQHJ2wbn23w2pTSfpV8J0n-Kz_VAtl_lk95Zkqh-r2m4sZvS8yEg2EpDEEGmg-uWhYkt7NPAJf8_OuPi8uE93By8xYG0VI

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

873ec0a245593ff878fd6a363dd4ce3ef3d2292eaea64cd332d163f2cb7543d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Jun 2020 21:20:37 GMT
x-content-type-options: nosniff
age: 0
status: 200
content-disposition: inline;filename="pasted image 0.png"
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66639
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 08 Jun 2020 10:39:00 GMT

GET
H2 200 PotKj0cUukFOuAcbqvBAcA6PSsgEpjKYtwp5ZXDBPc-YalOMa9ODMYIxExHtA2XewO8awq-pXwx4NssKZmpK3Va-d8t0PVatLDBAvngv_M-V4XhnngWcc6abmXNNHF8azGYgc3c
lh6.googleusercontent.com/ 78 KB
78 KB 196ms
192ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/PotKj0cUukFOuAcbqvBAcA6PSsgEpjKYtwp5ZXDBPc-YalOMa9ODMYIxExHtA2XewO8awq-pXwx4NssKZmpK3Va-d8t0PVatLDBAvngv_M-V4XhnngWcc6abmXNNHF8azGYgc3c

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3c23e9a47403b2586844292fbc79cc03567ceba2f285cbfdbe0dc57814ce88af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Jun 2020 21:20:37 GMT
x-content-type-options: nosniff
status: 200
content-disposition: inline;filename="pasted image 0.png"
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 79889
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 08 Jun 2020 21:20:37 GMT

GET
H2 200 UtOWdf-myewjXoZcFC-kfW4yWlPU1qU2C4mHBiY_wJmorObxkZGLcBirioB_rOloY5tLVfPgwVJiUD9RmasMi1rRIJj_hwGI-qNpp4TqWqep8tirFVYDA7Kl4ytrwiMQAHE4_-k
lh5.googleusercontent.com/ 33 KB
33 KB 248ms
219ms Image
image/png 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/UtOWdf-myewjXoZcFC-kfW4yWlPU1qU2C4mHBiY_wJmorObxkZGLcBirioB_rOloY5tLVfPgwVJiUD9RmasMi1rRIJj_hwGI-qNpp4TqWqep8tirFVYDA7Kl4ytrwiMQAHE4_-k

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a5e4f9b4fcb23c33ecee407b2b25cd0216c141a6e169d78dcef21437fe9fa699

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Jun 2020 21:20:37 GMT
x-content-type-options: nosniff
age: 0
status: 200
content-disposition: inline;filename="pasted image 0.png"
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33591
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 08 Jun 2020 10:39:00 GMT

GET
H2 200 W6SvX6YKiJ5Ze7L_CtFNb1S3N-s6d5Mry_R8I9ItOI9ed0AokeysPmpPjKNS1wBlxsQ3AiyL2QsKh1LceWl0LtZS_MSbzgpRoy0q7xhieHDgjly6T1EkNshrEkZkPcHtKrliVVY
lh6.googleusercontent.com/ 34 KB
34 KB 204ms
199ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/W6SvX6YKiJ5Ze7L_CtFNb1S3N-s6d5Mry_R8I9ItOI9ed0AokeysPmpPjKNS1wBlxsQ3AiyL2QsKh1LceWl0LtZS_MSbzgpRoy0q7xhieHDgjly6T1EkNshrEkZkPcHtKrliVVY

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

cd26fabb30132bf676ebbea7cab03130fb76d6b6b3458ca43633f43ac66629c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Jun 2020 21:20:37 GMT
x-content-type-options: nosniff
status: 200
content-disposition: inline;filename="pasted image 0.png"
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35110
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 08 Jun 2020 21:20:37 GMT

GET
H2 200 UcFdk0S8hMEUqHzk3ieVAVD6wybVM8XouO9DQ5mZ-zz_tyfcm2yzVwPnaysITE1b0Nivw4XjNowmMGGaBLCKfQgLsU2e3WM1GLNsfkuxTNo2z_jIMDFxe1kB43eNVneC6UOf16M
lh5.googleusercontent.com/ 31 KB
31 KB 195ms
165ms Image
image/png 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/UcFdk0S8hMEUqHzk3ieVAVD6wybVM8XouO9DQ5mZ-zz_tyfcm2yzVwPnaysITE1b0Nivw4XjNowmMGGaBLCKfQgLsU2e3WM1GLNsfkuxTNo2z_jIMDFxe1kB43eNVneC6UOf16M

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f498badc611203564d7b2dbe60aa71a8cfd99f33dd2f1dd339659ee637cfda98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Jun 2020 21:20:37 GMT
x-content-type-options: nosniff
age: 0
status: 200
content-disposition: inline;filename="pasted image 0.png"
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31778
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 08 Jun 2020 10:39:00 GMT

GET
H2 200 -sPxsAFeZGiMwLS22rUID19RsZxJs5NJ4LDVXTBepT9aTfSAgW-nvLDpt-qT0lRdJ-by0jm51UIy4T58JCqCiE7ji7hwWIihVHhKEPGP9LbwoN9nNE79hS-Nx7iITypi1bgyzLY
lh3.googleusercontent.com/ 41 KB
42 KB 36ms
7ms Image
image/png 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/-sPxsAFeZGiMwLS22rUID19RsZxJs5NJ4LDVXTBepT9aTfSAgW-nvLDpt-qT0lRdJ-by0jm51UIy4T58JCqCiE7ji7hwWIihVHhKEPGP9LbwoN9nNE79hS-Nx7iITypi1bgyzLY

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ffada9a789139fda6ea91b3db07de8109264ba27a849900c80b80430cb3b9186

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Jun 2020 20:56:04 GMT
x-content-type-options: nosniff
age: 1473
status: 200
content-disposition: inline;filename="pasted image 0.png"
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42132
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 08 Jun 2020 10:39:00 GMT

GET
H2 200 gyTocUn7fuiueoWejFoJeniKcHrdZb-muWIpoQf-WKK5vxxK8DrHBKmEmAlBLRepgYztERoZBITwngWyE1N1qswsNbpjFrYMHfbvFAMgewcAqaUBpCWU-qqsta0Kr_C0FHD4EZM
lh6.googleusercontent.com/ 22 KB
22 KB 195ms
191ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/gyTocUn7fuiueoWejFoJeniKcHrdZb-muWIpoQf-WKK5vxxK8DrHBKmEmAlBLRepgYztERoZBITwngWyE1N1qswsNbpjFrYMHfbvFAMgewcAqaUBpCWU-qqsta0Kr_C0FHD4EZM

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

23e7c9ba61971cd992dc23560b8ae84b4c6e7292c7ad1a33c490ef4255f5b36a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Jun 2020 21:20:37 GMT
x-content-type-options: nosniff
status: 200
content-disposition: inline;filename="pasted image 0.png"
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22256
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 08 Jun 2020 21:20:37 GMT

GET
H2 200 pmtpPiEXWDDtV2hhyyl9JEOUr1iB5wCRhiawi2sdDrv76f9b4s8hljSZyB2fe5MeOIWDcOwVAy8owqtEoaEx9pEVLCjUwgrQkP7iqJHzh56JM2wGgzys5hbk2JRvF5l5I2ROtEs
lh4.googleusercontent.com/ 200 KB
200 KB 164ms
163ms Image
image/png 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.googleusercontent.com/pmtpPiEXWDDtV2hhyyl9JEOUr1iB5wCRhiawi2sdDrv76f9b4s8hljSZyB2fe5MeOIWDcOwVAy8owqtEoaEx9pEVLCjUwgrQkP7iqJHzh56JM2wGgzys5hbk2JRvF5l5I2ROtEs

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

797aa2ba5e3eb09bebee4a64989f3a5554e475a203c55ba08b82c99a09767914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Jun 2020 21:20:37 GMT
x-content-type-options: nosniff
status: 200
content-disposition: inline;filename="pasted image 0.png"
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 204778
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 08 Jun 2020 21:20:37 GMT

GET
H2 200 8fa-BymzQwqwOdO1mj05oz1yiPlPZLwHTni3o2Di7WDaMifGVEANe9eXQu_8eKbKDoAtzkXUy2mwn8AHzNUaldweJxDYnErDwFwquuvPgYbSeTkzaXHN5eHb9w8umRosIg9QaiY
lh5.googleusercontent.com/ 210 KB
210 KB 163ms
162ms Image
image/png 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/8fa-BymzQwqwOdO1mj05oz1yiPlPZLwHTni3o2Di7WDaMifGVEANe9eXQu_8eKbKDoAtzkXUy2mwn8AHzNUaldweJxDYnErDwFwquuvPgYbSeTkzaXHN5eHb9w8umRosIg9QaiY

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

62aecf5afa3266b749d56fd10300316d07ae7b5d995b4b862bf8e629bb950093

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Jun 2020 21:20:37 GMT
x-content-type-options: nosniff
age: 0
status: 200
content-disposition: inline;filename="pasted image 0.png"
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 215141
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 08 Jun 2020 10:39:00 GMT

GET
H2 200 74UPzLPgqv03jCSoo7VePc5H1DmBFo_0RXAwWq9gVw2iv9copR64jIXykWDdKDzkIs9hCauYl6vHZI8yPEQJmE3BUxQW_z_eWKvw0hvAvqhRVhdYw5hJgbkvC_m0-siyjVDtJ-g
lh3.googleusercontent.com/ 389 KB
389 KB 17ms
17ms Image
image/png 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/74UPzLPgqv03jCSoo7VePc5H1DmBFo_0RXAwWq9gVw2iv9copR64jIXykWDdKDzkIs9hCauYl6vHZI8yPEQJmE3BUxQW_z_eWKvw0hvAvqhRVhdYw5hJgbkvC_m0-siyjVDtJ-g

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0efbb0e114f9f0dd7d5b2205243474376ea75b11a72086412f9dccda5f3868ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Jun 2020 20:56:04 GMT
x-content-type-options: nosniff
age: 1473
status: 200
content-disposition: inline;filename="pasted image 0.png"
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 398260
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 28 May 2020 19:57:17 GMT

GET
H2 200 0bRl7gOtI5oaIi329gH0qhEeeL_Iko8z6XPkmkDF4y1DutiqJPk2rTl8Q3lEbCeJAhc4luewMgPnpmam1uj63h8GtYHQsHa0KpGo1knKaWPLs4XkfJd8qCa2W5CG2vueNh525zc
lh3.googleusercontent.com/ 158 KB
159 KB 9ms
8ms Image
image/png 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/0bRl7gOtI5oaIi329gH0qhEeeL_Iko8z6XPkmkDF4y1DutiqJPk2rTl8Q3lEbCeJAhc4luewMgPnpmam1uj63h8GtYHQsHa0KpGo1knKaWPLs4XkfJd8qCa2W5CG2vueNh525zc

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

50c5ded8f5b1d438955ba152608e8355210da6b23a4e84fb34b4397087f5c2a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Jun 2020 20:56:04 GMT
x-content-type-options: nosniff
age: 1473
status: 200
content-disposition: inline;filename="pasted image 0.png"
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 162216
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 08 Jun 2020 10:39:00 GMT

GET
H2 200 tgMVBUxnuJke7KlXx36-KgbvYfTTW8yAisXVYjNp7zrJVfY94fWJ7e4r5lGLYevxZhxN2M7uWSV3iR7YEZz_uOKWlM20qd32IGtPltdKf-dTzMyLwRTw0W7RzN0anZPbPPhhBE0
lh6.googleusercontent.com/ 21 KB
21 KB 186ms
186ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/tgMVBUxnuJke7KlXx36-KgbvYfTTW8yAisXVYjNp7zrJVfY94fWJ7e4r5lGLYevxZhxN2M7uWSV3iR7YEZz_uOKWlM20qd32IGtPltdKf-dTzMyLwRTw0W7RzN0anZPbPPhhBE0

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fe998e109942d4538c7f32e1167e58beb0078d27d213e950217f17753de52e34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Jun 2020 21:20:37 GMT
x-content-type-options: nosniff
status: 200
content-disposition: inline;filename="pasted image 0.png"
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21144
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 08 Jun 2020 21:20:37 GMT

GET
H2 200 email-decode.min.js Show response
yoroi.company/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
864 B 9ms
8ms Script
application/javascript 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://yoroi.company/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Jun 2020 21:20:37 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Tue, 02 Jun 2020 11:20:40 GMT
server: cloudflare
etag: W/"5ed63608-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
cf-ray: 59fd6b074fec96aa-FRA
cf-request-id: 0332413888000096aa6bb36200000001
expires: Tue, 09 Jun 2020 21:20:37 GMT

GET
H2 200 countUp.min.js Show response
yoroi.company/wp-content/assets/js/ 5 KB
2 KB 14ms
13ms Script
application/javascript 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yoroi.company/wp-content/assets/js/countUp.min.js
Requested by: Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c63a636fec47c33c1f90b009d2f95830d3492083c04e429cda86914834714967

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
Origin: https://yoroi.company

Response headers

date: Sun, 07 Jun 2020 21:20:37 GMT
x-ac: 2.fra _atomic_dca
cf-cache-status: HIT
age: 184721
status: 200
content-encoding: br
cf-request-id: 0332413892000096aa6bb38200000001
last-modified: Mon, 03 Feb 2020 11:40:49 GMT
server: cloudflare
etag: W/"5e3806c1-126e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
cf-ray: 59fd6b075ffc96aa-FRA
expires: Fri, 12 Jun 2020 18:01:55 GMT

GET
H2 200 counters.js Show response
yoroi.company/wp-content/assets/js/ 2 KB
804 B 14ms
14ms Script
application/javascript 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yoroi.company/wp-content/assets/js/counters.js
Requested by: Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c594062728319da3ecaa98c4c0b930b07d5e64207eb6e4987d4fcbff9134768

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
Origin: https://yoroi.company

Response headers

date: Sun, 07 Jun 2020 21:20:37 GMT
x-ac: 2.fra _atomic_dca
cf-cache-status: HIT
age: 184721
status: 200
content-encoding: br
cf-request-id: 03324138a2000096aa6bb3a200000001
last-modified: Mon, 03 Feb 2020 11:40:49 GMT
server: cloudflare
etag: W/"5e3806c1-78d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
cf-ray: 59fd6b07681096aa-FRA
expires: Fri, 12 Jun 2020 18:01:55 GMT

GET
H2 200 parallax.min.js Show response
yoroi.company/wp-content/assets/js/ 17 KB
5 KB 14ms
14ms Script
application/javascript 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yoroi.company/wp-content/assets/js/parallax.min.js
Requested by: Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf4d20b28de8c7f77428b24325ec3afb39b6f7e277f6b61666f3a0a17cc3b42b

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Jun 2020 21:20:37 GMT
x-ac: 2.fra _atomic_dca
cf-cache-status: HIT
age: 317695
status: 200
content-encoding: br
cf-request-id: 03324138b1000096aa6bb3b200000001
last-modified: Mon, 03 Feb 2020 11:40:49 GMT
server: cloudflare
etag: W/"5e3806c1-43a2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
cf-ray: 59fd6b07881c96aa-FRA
expires: Thu, 11 Jun 2020 05:05:42 GMT

GET
H2 200 intersection-observer.js Show response
cdn.jsdelivr.net/npm/intersection-observer@0.7.0/ 22 KB
6 KB 6ms
6ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/intersection-observer@0.7.0/intersection-observer.js

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1dc6d2d43514d1d8956877d1f2ef347cd5abdb8ecf8e47aba59d87b8a6da49bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 2325962
x-cache: HIT, HIT
status: 200
content-length: 6402
etag: W/"57ad-m3EaUx6495LHE8zS0+QpFP8kqM0"
x-served-by: cache-fra19152-FRA, cache-hhn4073-HHN
date: Sun, 07 Jun 2020 21:20:37 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 lazyload.min.js Show response
cdn.jsdelivr.net/npm/vanilla-lazyload@12.4.0/dist/ 6 KB
2 KB 9ms
8ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vanilla-lazyload@12.4.0/dist/lazyload.min.js

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0be502b9446e16b338d36ccadac232f4a68ab74655f98fec415ccdbbccbf5729

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 1754676
x-cache: HIT, HIT
status: 200
content-length: 2436
etag: W/"1926-ftj+zhhSvu4E/RMH3S02cxSkfWc"
x-served-by: cache-fra19168-FRA, cache-hhn4073-HHN
date: Sun, 07 Jun 2020 21:20:37 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 scripts.js Show response
yoroi.company/wp-content/plugins/contact-form-7/includes/js/ 14 KB
4 KB 14ms
14ms Script
application/javascript 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yoroi.company/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.7
Requested by: Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Jun 2020 21:20:37 GMT
x-ac: 2.fra _atomic_dca
cf-cache-status: HIT
age: 1195973
status: 200
content-encoding: br
cf-request-id: 03324138c0000096aa6bb3c200000001
last-modified: Mon, 09 Mar 2020 14:15:47 GMT
server: cloudflare
etag: W/"5e664f93-3868"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 59fd6b07982996aa-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 708 B
602 B 47ms
46ms Script
text/javascript 2a00:1450:4001:816::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LfTr-AUAAAAANb_RvhTeWu00N_K6josD9XFY1OD&ver=3.0

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6242f93bba057aaf8ff0b1bc9178ef741ee4ace7cfe61b926c36b69f1477671b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Jun 2020 21:20:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 476
x-xss-protection: 1; mode=block
expires: Sun, 07 Jun 2020 21:20:37 GMT

GET
H2 200 modernizr.js Show response
yoroi.company/wp-content/plugins/slick-menu/assets/vendors/modernizr/ 12 KB
5 KB 14ms
13ms Script
application/javascript 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yoroi.company/wp-content/plugins/slick-menu/assets/vendors/modernizr/modernizr.js?ver=1.2.7
Requested by: Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49cf0f2de45929d5674df4377cfc2363324674ca4dfdef454bc1dfeebcec9ca5

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Jun 2020 21:20:37 GMT
x-ac: 2.fra _atomic_dca
cf-cache-status: HIT
age: 913811
status: 200
content-encoding: br
cf-request-id: 0332413900000096aa6bb3f200000001
last-modified: Fri, 28 Feb 2020 09:19:08 GMT
server: cloudflare
etag: W/"5e58db0c-317b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 59fd6b08087696aa-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 TweenMax.min.js Show response
yoroi.company/wp-content/plugins/slick-menu/assets/vendors/greensock/ 108 KB
35 KB 23ms
22ms Script
application/javascript 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yoroi.company/wp-content/plugins/slick-menu/assets/vendors/greensock/TweenMax.min.js?ver=1.2.7
Requested by: Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97982680a892d29f743ce32b99fb340cc4a186769e56380998145868781f4ebe

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Jun 2020 21:20:37 GMT
x-ac: 2.fra _atomic_dca
cf-cache-status: HIT
age: 7660066
status: 200
content-encoding: br
cf-request-id: 0332413937000096aa6bb44200000001
last-modified: Fri, 28 Feb 2020 09:19:08 GMT
server: cloudflare
etag: W/"5e58db0c-1aeba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 59fd6b0858b096aa-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ScrollToPlugin.min.js Show response
yoroi.company/wp-content/plugins/slick-menu/assets/vendors/greensock/ 2 KB
1 KB 19ms
13ms Script
application/javascript 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yoroi.company/wp-content/plugins/slick-menu/assets/vendors/greensock/ScrollToPlugin.min.js?ver=1.2.7
Requested by: Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 806548b84857dbb3a3243a0d7c0aedc2afd647bf96b48de90985df9591ca4a4a

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Jun 2020 21:20:37 GMT
x-ac: 2.fra _atomic_dca
cf-cache-status: HIT
age: 174140
status: 200
content-encoding: br
cf-request-id: 0332413955000096aa6bb45200000001
last-modified: Fri, 28 Feb 2020 09:19:08 GMT
server: cloudflare
etag: W/"5e58db0c-9fd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 59fd6b0888d596aa-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 body-scroll-lock.min.js Show response
yoroi.company/wp-content/plugins/slick-menu/assets/vendors/body-scroll-lock/ 3 KB
1 KB 28ms
22ms Script
application/javascript 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yoroi.company/wp-content/plugins/slick-menu/assets/vendors/body-scroll-lock/body-scroll-lock.min.js?ver=1.2.7
Requested by: Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d947b55573f76b9876038798590599aef4ec471cd0b44a41438b02ae00fcee5b

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Jun 2020 21:20:37 GMT
x-ac: 2.fra _atomic_dca
cf-cache-status: HIT
age: 913811
status: 200
content-encoding: br
cf-request-id: 0332413955000096aa6bb46200000001
last-modified: Fri, 28 Feb 2020 09:19:08 GMT
server: cloudflare
etag: W/"5e58db0c-b15"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 59fd6b0888d796aa-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 utils.min.js Show response
yoroi.company/wp-content/plugins/slick-menu/assets/js/ 18 KB
7 KB 20ms
14ms Script
application/javascript 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yoroi.company/wp-content/plugins/slick-menu/assets/js/utils.min.js?ver=1.2.7
Requested by: Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72056b7312d491a672a34df38cc3b593a84575235819a88239e5b8330bd5dea8

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Jun 2020 21:20:37 GMT
x-ac: 2.fra _atomic_dca
cf-cache-status: HIT
age: 7609288
status: 200
content-encoding: br
cf-request-id: 0332413955000096aa6bb47200000001
last-modified: Fri, 28 Feb 2020 09:19:08 GMT
server: cloudflare
etag: W/"5e58db0c-490c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 59fd6b0888d996aa-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 slickmenu.min.js Show response
yoroi.company/wp-content/plugins/slick-menu/assets/js/ 34 KB
8 KB 21ms
15ms Script
application/javascript 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yoroi.company/wp-content/plugins/slick-menu/assets/js/slickmenu.min.js?ver=1.2.7
Requested by: Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35a207ef97e50fe3d9090292bb653b8f9a676bba3b961fd9242f97af39b8b768

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Jun 2020 21:20:37 GMT
x-ac: 2.fra _atomic_dca
cf-cache-status: HIT
age: 7660066
status: 200
content-encoding: br
cf-request-id: 0332413955000096aa6bb48200000001
last-modified: Fri, 28 Feb 2020 09:19:08 GMT
server: cloudflare
etag: W/"5e58db0c-8618"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 59fd6b0888da96aa-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 frontend.min.js Show response
yoroi.company/wp-content/plugins/slick-menu/assets/js/ 22 KB
7 KB 24ms
18ms Script
application/javascript 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yoroi.company/wp-content/plugins/slick-menu/assets/js/frontend.min.js?ver=1.2.7
Requested by: Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b66da3f27a3aa48171829b9e331147187ceb6a4f38b444808525de6bb0bf604

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Jun 2020 21:20:37 GMT
x-ac: 2.fra _atomic_dca
cf-cache-status: HIT
age: 174140
status: 200
content-encoding: br
cf-request-id: 0332413955000096aa6bb49200000001
last-modified: Fri, 28 Feb 2020 09:19:08 GMT
server: cloudflare
etag: W/"5e58db0c-567d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 59fd6b0888db96aa-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Apr 2020 21:54:13 GMT
server: Golfe2
age: 1458
date: Sun, 07 Jun 2020 20:56:19 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18433
expires: Sun, 07 Jun 2020 22:56:19 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/ADnAC3ZykfbIOflWgrKNsVVT/ 309 KB
122 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/ADnAC3ZykfbIOflWgrKNsVVT/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LfTr-AUAAAAANb_RvhTeWu00N_K6josD9XFY1OD&ver=3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

929b173fe5de52e86be43b47db00cf8fce66664a2f3c69b5710664de66ab0ba0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Jun 2020 16:44:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 01 Jun 2020 04:05:55 GMT
server: sffe
age: 534940
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124636
x-xss-protection: 0
expires: Tue, 01 Jun 2021 16:44:57 GMT

GET
H2 200 QGYsz_wNahGAdqQ43Rh_fKDptfpA4Q.woff2
fonts.gstatic.com/s/worksans/v7/ 44 KB
44 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/worksans/v7/QGYsz_wNahGAdqQ43Rh_fKDptfpA4Q.woff2

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbfcf009369ed480448ca6b89f9586d80ecc4d150fbe317db5a27ad43617a8c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Work+Sans:100,200,300,400,500,600,700,800,900|Work+Sans:100,200,300,400,500,600,700,800,900
Origin: https://yoroi.company

Response headers

date: Mon, 18 May 2020 00:54:59 GMT
x-content-type-options: nosniff
last-modified: Thu, 19 Mar 2020 18:24:34 GMT
server: sffe
age: 1801538
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45196
x-xss-protection: 0
expires: Tue, 18 May 2021 00:54:59 GMT

GET
H2 200 refill Show response
yoroi.company/wp-json/contact-form-7/v1/contact-forms/223/ 2 B
456 B 531ms
530ms XHR
application/json 2606:4700:3035::681f:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://yoroi.company/wp-json/contact-form-7/v1/contact-forms/223/refill

Requested by

Host: yoroi.company
URL: https://yoroi.company/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::681f:45d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Jun 2020 21:20:38 GMT
x-ac: 2.fra _atomic_dca
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
status: 200
host-header: WordPress.com
content-encoding: br
cf-request-id: 0332413a91000096aa6bb64200000001
access-control-allow-headers: Authorization, Content-Type
allow: GET
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Cookie, Origin
content-type: application/json; charset=UTF-8
access-control-expose-headers: X-WP-Total, X-WP-TotalPages
x-robots-tag: noindex
cf-ray: 59fd6b0a8a1396aa-FRA
link: <https://yoroi.company/wp-json/>; rel="https://api.w.org/"

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j82&aip=1&a=1377731450&t=pageview&_s=1&dl=https%3A%2F%2Fyoroi.company%2Fresearch%2Fcyber-criminal-espionage-operation-insists-on-italian-manufactur...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-54504571-1&cid=554160342.1591564838&jid=300627975&_gid=1314980163.1591564838&gjid=482939582&_v=j82&z=1544582201

35 B
99 B

16ms
16ms

Image
image/gif

2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-54504571-1&cid=554160342.1591564838&jid=300627975&_gid=1314980163.1591564838&gjid=482939582&_v=j82&z=1544582201

Requested by

Host: yoroi.company
URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 07 Jun 2020 21:20:37 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 07 Jun 2020 21:20:37 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 302
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-54504571-1&cid=554160342.1591564838&jid=300627975&_gid=1314980163.1591564838&gjid=482939582&_v=j82&z=1544582201
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 417
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 anchor
www.google.com/recaptcha/api2/ Frame C46E 0
0 32ms
32ms Document
text/html 2a00:1450:4001:816::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfTr-AUAAAAANb_RvhTeWu00N_K6josD9XFY1OD&co=aHR0cHM6Ly95b3JvaS5jb21wYW55OjQ0Mw..&hl=en&v=ADnAC3ZykfbIOflWgrKNsVVT&size=invisible&cb=g0zpe98sgacw

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/ADnAC3ZykfbIOflWgrKNsVVT/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vCmoJpncmX9mMdcb+chw2g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LfTr-AUAAAAANb_RvhTeWu00N_K6josD9XFY1OD&co=aHR0cHM6Ly95b3JvaS5jb21wYW55OjQ0Mw..&hl=en&v=ADnAC3ZykfbIOflWgrKNsVVT&size=invisible&cb=g0zpe98sgacw
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 07 Jun 2020 21:20:37 GMT
content-security-policy: script-src 'report-sample' 'nonce-vCmoJpncmX9mMdcb+chw2g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 9537
server: GSE
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Verdicts & Comments Add Verdict or Comment

96 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.yoroi.company/	1970-01-19 10:06:04	Name: _gat Value: 1
.yoroi.company/	1970-01-20 03:37:16	Name: _ga Value: GA1.2.554160342.1591564838
.yoroi.company/	1970-01-19 10:07:31	Name: _gid Value: GA1.2.1314980163.1591564838
.yoroi.company/	1970-01-19 10:49:16	Name: __cfduid Value: dba313c917ef0db13cde4e4ef7c2b38821591564835

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/(Line 1162) Message: %c 🛡️ YOROI® 🛡️ font-weight: bold; color: #c40030; font-size: 80px; text-align: center

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
fonts.googleapis.com
fonts.gstatic.com
lh3.googleusercontent.com
lh4.googleusercontent.com
lh5.googleusercontent.com
lh6.googleusercontent.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.gstatic.com
yoroi.company
2606:4700:3035::681f:45d6
2a00:1450:4001:806::2001
2a00:1450:4001:815::200a
2a00:1450:4001:816::2004
2a00:1450:4001:818::2001
2a00:1450:4001:81b::200e
2a00:1450:4001:820::2003
2a00:1450:400c:c00::9b
2a04:4e42:1b::621
0393ca3e78ea20df43fe2aeb0b0edfaa8207dec4555bbc7afe49acc07a16eafd
048e7b54fbc9022c80b0bf1144f55baaf814f91fe575515dbd4263634317013f
0be502b9446e16b338d36ccadac232f4a68ab74655f98fec415ccdbbccbf5729
0efbb0e114f9f0dd7d5b2205243474376ea75b11a72086412f9dccda5f3868ed
11afa87705977e06be751fce8cebbeecc0c93e5b5d90d0055ab3936a57eac385
18aa66c192cbef43a61b1398c292ae5c6c1d40d679428ee998b1c6bfaf61d75a
1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e
1c594062728319da3ecaa98c4c0b930b07d5e64207eb6e4987d4fcbff9134768
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1dc6d2d43514d1d8956877d1f2ef347cd5abdb8ecf8e47aba59d87b8a6da49bb
23e7c9ba61971cd992dc23560b8ae84b4c6e7292c7ad1a33c490ef4255f5b36a
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2a2cf9a938c52aa4159c61435eae29f96a0abbbe0528afe1f98a63d9431218ea
2deb67a6ea5e9e0e254330515f7aa291a07618b72715a63971274378cd4d06c4
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
35a207ef97e50fe3d9090292bb653b8f9a676bba3b961fd9242f97af39b8b768
3c23e9a47403b2586844292fbc79cc03567ceba2f285cbfdbe0dc57814ce88af
4460f1596174d06cca957fdaca2c71e1a377cf1d6f07ee4c75ffb3bf3fc97a03
49cf0f2de45929d5674df4377cfc2363324674ca4dfdef454bc1dfeebcec9ca5
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
50c5ded8f5b1d438955ba152608e8355210da6b23a4e84fb34b4397087f5c2a3
547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a
57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37
5ea057066074e145942ce7d17112e74a6f88850c8d450ada79c920e78263ee94
5fd50e41f2ce65b53589fb6ca59a03d2fc269d65db66f8c0b29fc5bc8ba84d08
6242f93bba057aaf8ff0b1bc9178ef741ee4ace7cfe61b926c36b69f1477671b
62aecf5afa3266b749d56fd10300316d07ae7b5d995b4b862bf8e629bb950093
65158a29c17b7bd93fcb3409b97eda74a7c090d932a9ce494adb9f82d737894d
6b66da3f27a3aa48171829b9e331147187ceb6a4f38b444808525de6bb0bf604
6cf390024b9fb02ae1756d257499f568393acc60c76ae6b13ce986a46f396e34
72056b7312d491a672a34df38cc3b593a84575235819a88239e5b8330bd5dea8
797aa2ba5e3eb09bebee4a64989f3a5554e475a203c55ba08b82c99a09767914
806548b84857dbb3a3243a0d7c0aedc2afd647bf96b48de90985df9591ca4a4a
811e8960b8f79f14983e30df80a4ccc69d82430ccc0520d2a1a3d1405cfbb2a1
818b6cee88115de0ce32e93ec25d7ff9d675199286ff470d71117a3d97b2991a
81d95e3d8d470a9de65b68baab1200d56b39a812e7717d7d294910a37d635dd3
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
873ec0a245593ff878fd6a363dd4ce3ef3d2292eaea64cd332d163f2cb7543d0
9124a6fd00e218d97037cdcbc7ea4c40c73d95bd19da2a6a477789f1daa0bf7f
929b173fe5de52e86be43b47db00cf8fce66664a2f3c69b5710664de66ab0ba0
97470c6fac60d3431c7309907a10d67d0356b563c7bab67f7a44301d4164ac38
97982680a892d29f743ce32b99fb340cc4a186769e56380998145868781f4ebe
a112c1d99d51d54237d19b32f197efb30583bd80aada0a094bdaa7a9452a15ae
a5e4f9b4fcb23c33ecee407b2b25cd0216c141a6e169d78dcef21437fe9fa699
af73c24ded3f2637540ae5b80bacf564d968a70443f4a405182fb42c8a19c91b
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900
bf4d20b28de8c7f77428b24325ec3afb39b6f7e277f6b61666f3a0a17cc3b42b
c63a636fec47c33c1f90b009d2f95830d3492083c04e429cda86914834714967
cbfcf009369ed480448ca6b89f9586d80ecc4d150fbe317db5a27ad43617a8c8
cd26fabb30132bf676ebbea7cab03130fb76d6b6b3458ca43633f43ac66629c7
d02934f0a5b722dbd076dda86e34373e037158a672a8a10409bcbdb5a9040b42
d51089ba164e46643145dc475cce83e53896a1e6541c68b20d841c1ab24e65b9
d5a40d3fa5887da17647fad5c70a1b4145ba5b9692b9f10aadd1ac725d4a4f10
d947b55573f76b9876038798590599aef4ec471cd0b44a41438b02ae00fcee5b
dc51ed5137587b9033d06b65d9456d6d69dc52a4005cc51b2d23f85e69d4f8c8
eb5fe511b68861796157104f45c01546db651f8d831390c388af04fb0b0d3039
f349f68dd834591897a2b648193d96446427a388772b17163e166c17bf4bb5f4
f498badc611203564d7b2dbe60aa71a8cfd99f33dd2f1dd339659ee637cfda98
fe998e109942d4538c7f32e1167e58beb0078d27d213e950217f17753de52e34
ffada9a789139fda6ea91b3db07de8109264ba27a849900c80b80430cb3b9186

yoroi.company Open in urlscan Pro 2606:4700:3035::681f:45d6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

61 Requests

100 %HTTPS

100 %IPv6

8 Domains

12 Subdomains

9 IPs

4 Countries

1850 kBTransfer

3011 kBSize

4 Cookies

6 Outgoing links

Redirected requests

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

yoroi.company Open in urlscan Pro
2606:4700:3035::681f:45d6 Public Scan

Screenshot
Live screenshot

Full Image

61
Requests

100 %
HTTPS

100 %
IPv6

8
Domains

12
Subdomains

9
IPs

4
Countries

1850 kB
Transfer

3011 kB
Size

4
Cookies

61 HTTP transactions
0 data transactions