www.attackiq.com Open in urlscan Pro
2606:4700:10::6816:3d59 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://go2.attackiq.com/MDQxLUZTUS0yODEAAAGSSRXQ3r5fzRYgXpHRCtEENNAySQZiaTK7YDEAiu1TPezZ57FsTzcLn0L2_b_FuZqZG5UC3zg=
Effective URL:
https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7t...
Submission: On April 04 via api (April 4th 2024, 5:35:25 pm UTC) from US — Scanned from DE

Summary HTTP 87 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 33 IPs in 5 countries across 26 domains to perform 87 HTTP transactions. The main IP is 2606:4700:10::6816:3d59, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.attackiq.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 1st 2023. Valid for: a year.

This is the only time www.attackiq.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.17.70.206 104.17.70.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
27	2606:4700:10:... 2606:4700:10::6816:3d59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700::68... 2606:4700::6813:b234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:81d::2008	15169 (GOOGLE) (GOOGLE)
3	2606:4700:e6:... 2606:4700:e6::ac40:ce26	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.16.96.80 104.16.96.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:2089	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.9.95.86 65.9.95.86	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:1496	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
3	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2600:9000:264... 2600:9000:2644:9200:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
2	34.117.77.79 34.117.77.79	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
9	2.17.100.193 2.17.100.193	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6812:1105	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	88.221.60.75 88.221.60.75	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1	142.250.185.195 142.250.185.195	15169 (GOOGLE) (GOOGLE)
1	54.204.151.223 54.204.151.223	14618 (AMAZON-AES) (AMAZON-AES)
4 5	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
1	2a02:26f0:ab0... 2a02:26f0:ab00::214:8e70	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	18.65.39.5 18.65.39.5	16509 (AMAZON-02) (AMAZON-02)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
1	2a05:d018:cc3... 2a05:d018:cc3:fe05:fb0f:ae03:e39:849d	16509 (AMAZON-02) (AMAZON-02)
1	18.66.112.110 18.66.112.110	16509 (AMAZON-02) (AMAZON-02)
1	54.197.89.129 54.197.89.129	14618 (AMAZON-AES) (AMAZON-AES)
3	172.64.150.44 172.64.150.44	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.16.136.15 104.16.136.15	13335 (CLOUDFLAR...) (CLOUDFLARENET)
87	33

1 104.17.70.206 (None, )

ASN13335 (CLOUDFLARENET, US)

go2.attackiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2606:4700:10::6816:3d59 (United States)

ASN13335 (CLOUDFLARENET, US)

www.attackiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6813:b234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:e6::ac40:ce26 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.96.80 (None, )

ASN13335 (CLOUDFLARENET, US)

app-ab33.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.95.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-86.prg50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:1496 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2644:9200:6:9280:1080:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.117.77.79 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 79.77.117.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2.17.100.193 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-17-100-193.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1105 (United States)

ASN13335 (CLOUDFLARENET, US)

js.qualified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.221.60.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-60-75.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.204.151.223 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-204-151-223.compute-1.amazonaws.com

in.ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:ab00::214:8e70 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.65.39.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-39-5.ams1.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

041-fsq-281.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:cc3:fe05:fb0f:ae03:e39:849d (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-110.fra56.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.197.89.129 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-197-89-129.compute-1.amazonaws.com

app.qualified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.64.150.44 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

js.zi-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.136.15 (None, )

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	attackiq.com go2.attackiq.com www.attackiq.com	630 KB
10	6sc.co j.6sc.co — Cisco Umbrella Rank: 5872 c.6sc.co — Cisco Umbrella Rank: 9222 ipv6.6sc.co — Cisco Umbrella Rank: 5999 b.6sc.co — Cisco Umbrella Rank: 3952	21 KB
6	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 320 www.linkedin.com — Cisco Umbrella Rank: 581 px4.ads.linkedin.com — Cisco Umbrella Rank: 6476	4 KB
6	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 314	116 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 43	476 KB
4	adroll.com s.adroll.com — Cisco Umbrella Rank: 3405 d.adroll.com — Cisco Umbrella Rank: 1614	118 KB
3	zi-scripts.com js.zi-scripts.com — Cisco Umbrella Rank: 7030	3 KB
3	ml314.com ml314.com — Cisco Umbrella Rank: 1846 in.ml314.com — Cisco Umbrella Rank: 11071	12 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 329	14 KB
3	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1203	159 KB
2	zoominfo.com ws.zoominfo.com — Cisco Umbrella Rank: 4737	2 KB
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 3780	6 KB
2	qualified.com js.qualified.com — Cisco Umbrella Rank: 19522 app.qualified.com — Cisco Umbrella Rank: 20626	160 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 780 script.hotjar.com — Cisco Umbrella Rank: 1035	59 KB
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2890	232 B
1	mktoresp.com 041-fsq-281.mktoresp.com	318 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 816	394 B
1	t.co t.co — Cisco Umbrella Rank: 663	377 B
1	google.de www.google.de — Cisco Umbrella Rank: 7528	63 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 96	255 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3274	54 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2709	255 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 787	15 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 811	17 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 552	295 B
1	marketo.com app-ab33.marketo.com — Cisco Umbrella Rank: 566781	67 KB
87	26

	Domain	Requested by
27	www.attackiq.com	go2.attackiq.com www.attackiq.com
7	b.6sc.co	www.attackiq.com
6	cdn.cookielaw.org	www.attackiq.com cdn.cookielaw.org
5	www.googletagmanager.com	www.attackiq.com www.googletagmanager.com
4	px.ads.linkedin.com	3 redirects snap.licdn.com
3	js.zi-scripts.com	go2.attackiq.com js.zi-scripts.com
3	s.adroll.com	go2.attackiq.com s.adroll.com www.attackiq.com
3	bat.bing.com	go2.attackiq.com bat.bing.com www.attackiq.com
3	use.fontawesome.com	www.attackiq.com use.fontawesome.com
2	ws.zoominfo.com	js.zi-scripts.com
2	munchkin.marketo.net	go2.attackiq.com munchkin.marketo.net
2	ml314.com	go2.attackiq.com ml314.com
1	app.qualified.com	js.qualified.com
1	vc.hotjar.io	script.hotjar.com
1	d.adroll.com	s.adroll.com
1	041-fsq-281.mktoresp.com	munchkin.marketo.net
1	script.hotjar.com	static.hotjar.com
1	ipv6.6sc.co	j.6sc.co
1	c.6sc.co	j.6sc.co
1	analytics.twitter.com	www.attackiq.com
1	t.co	www.attackiq.com
1	px4.ads.linkedin.com	www.attackiq.com
1	www.linkedin.com	1 redirects
1	in.ml314.com	ml314.com
1	www.google.de	www.attackiq.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	region1.google-analytics.com	www.googletagmanager.com
1	js.qualified.com	www.googletagmanager.com
1	j.6sc.co	go2.attackiq.com
1	static.ads-twitter.com	go2.attackiq.com
1	snap.licdn.com	go2.attackiq.com
1	static.hotjar.com	www.googletagmanager.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	app-ab33.marketo.com	www.attackiq.com
1	go2.attackiq.com
87	36

This site contains links to these domains. Also see Links.

Domain
portal.attackiqready.com
manage.attackiqready.com
academy.attackiq.com
www.facebook.com
twitter.com
www.linkedin.com
attackiq.com
cookiepedia.co.uk
onetrust.com

Subject Issuer	Validity	Valid
go2.attackiq.com Cloudflare Inc ECC CA-3	`2023-08-18` - `2024-08-17`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-08-01` - `2024-07-31`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2024-03-01` - `2024-12-31`	10 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
app-ab33.marketo.com Cloudflare Inc ECC CA-3	`2024-03-09` - `2024-12-31`	10 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
*.hotjar.com Amazon ECDSA 256 M03	`2024-02-07` - `2025-03-08`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2024-04-04` - `2024-06-27`	3 months	crt.sh
s.adroll.com Amazon RSA 2048 M01	`2023-06-03` - `2024-07-01`	a year	crt.sh
event-horizon.gcp.bomm.in GTS CA 1D4	`2024-02-28` - `2024-05-28`	3 months	crt.sh
6sc.co R3	`2024-01-29` - `2024-04-28`	3 months	crt.sh
qualified.com E1	`2024-03-11` - `2024-06-09`	3 months	crt.sh
*.marketo.net DigiCert TLS RSA SHA256 2020 CA1	`2023-12-08` - `2024-12-11`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.google.de GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.ml314.com Amazon RSA 2048 M02	`2023-10-16` - `2024-11-12`	a year	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-07` - `2025-01-06`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-31` - `2024-10-29`	a year	crt.sh
*.mktoresp.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-07` - `2024-10-07`	a year	crt.sh
d.adroll.com Amazon RSA 2048 M01	`2023-10-09` - `2024-11-07`	a year	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2024-02-07` - `2025-03-08`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-01-30` - `2024-07-30`	6 months	crt.sh
app.qualified.com R3	`2024-03-21` - `2024-06-19`	3 months	crt.sh
zi-scripts.com GTS CA 1P5	`2024-03-29` - `2024-06-27`	3 months	crt.sh
zoominfo.com E1	`2024-03-22` - `2024-06-20`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK
Frame ID: E20326E3B245E8484D6E5A817EF9C3CF
Requests: 87 HTTP requests in this frame

Frame: https://app.qualified.com/w/1/j1bgMw3UdfB6bHr6/messenger?uuid=4a776b70-572b-4f36-bd18-9ab19c302102
Frame ID: 2ACF255195C976931632FA8B2DBDD25B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Confronting Lazarus Group - MagicRAT and TigerRAT Campaign - AttackIQ

Page URL History Show full URLs

https://go2.attackiq.com/MDQxLUZTUS0yODEAAAGSSRXQ3r5fzRYgXpHRCtEENNAySQZiaTK7YDEAiu1TPezZ57FsTzcLn0L2... Page URL
https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWD... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

Marketo Forms (Widgets) Expand

Overall confidence: 100%
Detected patterns

marketo\.\w+/js/forms(?:[\d.]+)/js/forms([\d.]+)\.min\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Select2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

select2(?:\.min|\.full)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

87
Requests

99 %
HTTPS

44 %
IPv6

26
Domains

36
Subdomains

33
IPs

5
Countries

1877 kB
Transfer

5671 kB
Size

29
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://portal.attackiqready.com/flex-signup
Title: Sign-Up for Flex

Search URL Search Domain Scan URL

URL: https://manage.attackiqready.com/
Title: Login to Flex

Search URL Search Domain Scan URL

URL: https://academy.attackiq.com/
Title: Academy

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.attackiq.com%2F2024%2F04%2F04%2Fcyber-sorcery%2F

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Cyber%20Sorcery%3A%20Confronting%20Lazarus%20Group%20%26%238211%3B%20MagicRAT%20and%20TigerRAT%20Campaign&url=https%3A%2F%2Fwww.attackiq.com%2F2024%2F04%2F04%2Fcyber-sorcery%2F&via=AttackIQ

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.attackiq.com%2F2024%2F04%2F04%2Fcyber-sorcery%2F&title=Cyber%20Sorcery%3A%20Confronting%20Lazarus%20Group%20%26%238211%3B%20MagicRAT%20and%20TigerRAT%20Campaign&source=attackiq.com

Search URL Search Domain Scan URL

URL: https://attackiq.com/resources/
Title: Resources

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://go2.attackiq.com/MDQxLUZTUS0yODEAAAGSSRXQ3r5fzRYgXpHRCtEENNAySQZiaTK7YDEAiu1TPezZ57FsTzcLn0L2_b_FuZqZG5UC3zg= Page URL
https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=555570&time=1712252120544&li_adsId=d930d065-fcb2-49e3-b154-076543eea4d8&url=https%3A%2F%2Fwww.attackiq.com%2F2024%2F04%2F04%2Fcyber-sorcery%2F%3Fmkt_tok%3DMDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=555570&time=1712252120544&li_adsId=d930d065-fcb2-49e3-b154-076543eea4d8&url=https%3A%2F%2Fwww.attackiq.com%2F2024%2F04%2F04%2Fcyber-sorcery%2F%3Fmkt_tok%3DMDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D555570%26time%3D1712252120544%26li_adsId%3Dd930d065-fcb2-49e3-b154-076543eea4d8%26url%3Dhttps%253A%252F%252Fwww.attackiq.com%252F2024%252F04%252F04%252Fcyber-sorcery%252F%253Fmkt_tok%253DMDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=555570&time=1712252120544&li_adsId=d930d065-fcb2-49e3-b154-076543eea4d8&url=https%3A%2F%2Fwww.attackiq.com%2F2024%2F04%2F04%2Fcyber-sorcery%2F%3Fmkt_tok%3DMDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=555570&time=1712252120544&li_adsId=d930d065-fcb2-49e3-b154-076543eea4d8&url=https%3A%2F%2Fwww.attackiq.com%2F2024%2F04%2F04%2Fcyber-sorcery%2F%3Fmkt_tok%3DMDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK&cookiesTest=true&liSync=true&e_ipv6=AQJra2CbHCsn6AAAAY6qLfFRYT8_gI1iQHL4E4fq5399c9CxWZrkynpoNBPrTNn5ehIpF_eK

87 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 302 MDQxLUZTUS0yODEAAAGSSRXQ3r5fzRYgXpHRCtEENNAySQZiaTK7YDEAiu1TPezZ57FsTzcLn0L2_b_FuZqZG5UC3zg=
go2.attackiq.com/ 540 B
1 KB 793ms
289ms Document
text/html 104.17.70.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go2.attackiq.com/MDQxLUZTUS0yODEAAAGSSRXQ3r5fzRYgXpHRCtEENNAySQZiaTK7YDEAiu1TPezZ57FsTzcLn0L2_b_FuZqZG5UC3zg=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.70.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src 'self';script-src 'self' 'sha256-JaSEUr6En+56rKy14O42CaVw1yxw2p39pKK3aGIe1a8=';object-src 'none';form-action 'none';frame-src 'none';style-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: private, no-cache, no-store, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 86f30ddbc98435b2-WAW
content-security-policy: default-src 'self'; img-src 'self';script-src 'self' 'sha256-JaSEUr6En+56rKy14O42CaVw1yxw2p39pKK3aGIe1a8=';object-src 'none';form-action 'none';frame-src 'none';style-src 'self'
content-type: text/html;charset=UTF-8
date: Thu, 04 Apr 2024 17:35:18 GMT
referrer-policy: strict-origin
server: cloudflare
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-request-id: ec4fd298d9cf3098

GET
H2 200 Primary Request / Show response
www.attackiq.com/2024/04/04/cyber-sorcery/ 117 KB
22 KB 693ms
580ms Document
text/html 2606:4700:10::6816:3d59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK

Requested by

Host: go2.attackiq.com
URL: https://go2.attackiq.com/MDQxLUZTUS0yODEAAAGSSRXQ3r5fzRYgXpHRCtEENNAySQZiaTK7YDEAiu1TPezZ57FsTzcLn0L2_b_FuZqZG5UC3zg=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3d59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8c99344c9261f59655a467199807b96ebddfbbb83344c897a4a73468b97e41d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://go2.attackiq.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cf-cache-status: DYNAMIC
cf-edge-cache: cache,platform=wordpress
cf-ray: 86f30dde68d44d52-FRA
content-encoding: gzip
content-security-policy: frame-ancestors 'self'
content-type: text/html; charset=UTF-8
date: Thu, 04 Apr 2024 17:35:19 GMT
link: <https://www.attackiq.com/wp-json/>; rel="https://api.w.org/" <https://www.attackiq.com/wp-json/wp/v2/posts/22147>; rel="alternate"; type="application/json" <https://www.attackiq.com/?p=22147>; rel=shortlink
server: cloudflare
vary: Accept-Encoding
x-cache-status: HIT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 137ms
52ms Script
application/javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.attackiq.com
URL: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92e4588c227a58321a728574129e52ec244df30b90fc9a64a30ee65410104c41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 04 Apr 2024 17:35:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Pg1MHDpg+UGdovxhidM4Kg==
age: 7325
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6839
x-ms-lease-status: unlocked
last-modified: Wed, 03 Apr 2024 02:08:10 GMT
server: cloudflare
etag: 0x8DC5382E914B008
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 232c4126-401e-0001-34e1-85665f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 86f30de28a3a9219-FRA

GET
H2 200 style.min.css
www.attackiq.com/wp-includes/css/dist/block-library/ 108 KB
14 KB 63ms
60ms Stylesheet
text/css 2606:4700:10::6816:3d59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.attackiq.com/wp-includes/css/dist/block-library/style.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3d59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 17:35:19 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 91095
x-xss-protection: 1; mode=block
pragma: public
last-modified: Tue, 30 Jan 2024 23:16:54 GMT
server: cloudflare
etag: W/"65b98366-1ae43"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 86f30de20dcb4d52-FRA
expires: Thu, 03 Apr 2025 16:17:04 GMT

GET
H2 200 marketo.css
www.attackiq.com/wp-content/plugins/basis-marketo/lib/ 747 B
460 B 538ms
535ms Stylesheet
text/css 2606:4700:10::6816:3d59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.attackiq.com/wp-content/plugins/basis-marketo/lib/marketo.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3d59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd25436a214b803b3f67f8f6598bfc58007bcf8b641d102c5af4cfff8e2b961a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 17:35:19 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
x-xss-protection: 1; mode=block
pragma: public
last-modified: Wed, 14 Jun 2023 18:20:21 GMT
server: cloudflare
etag: W/"648a04e5-2eb"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 86f30de20dcd4d52-FRA
expires: Fri, 04 Apr 2025 17:35:19 GMT

GET
H2 200 frontend.min.css
www.attackiq.com/wp-content/plugins/wp-user-avatar/assets/css/ 102 KB
15 KB 62ms
59ms Stylesheet
text/css 2606:4700:10::6816:3d59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.attackiq.com/wp-content/plugins/wp-user-avatar/assets/css/frontend.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3d59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c0d1ddb17510639cc14e2f251206d5c8984d85e23b8e7dc13438c81bf5ce985

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 17:35:19 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 117407
x-xss-protection: 1; mode=block
pragma: public
last-modified: Tue, 05 Mar 2024 11:23:33 GMT
server: cloudflare
etag: W/"65e700b5-19624"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 86f30de20dcf4d52-FRA
expires: Thu, 03 Apr 2025 08:58:31 GMT

GET
H2 200 flatpickr.min.css
www.attackiq.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/ 14 KB
3 KB 58ms
55ms Stylesheet
text/css 2606:4700:10::6816:3d59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.attackiq.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3d59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3668f6d335416599574fb1f336cbd2b9bb2f8fcff63e63a9ca3b68df4d0c6165

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 17:35:19 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 91095
x-xss-protection: 1; mode=block
pragma: public
last-modified: Tue, 05 Mar 2024 11:23:33 GMT
server: cloudflare
etag: W/"65e700b5-3601"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 86f30de20dd34d52-FRA
expires: Thu, 03 Apr 2025 16:17:04 GMT

GET
H2 200 select2.min.css
www.attackiq.com/wp-content/plugins/wp-user-avatar/assets/select2/ 15 KB
2 KB 64ms
61ms Stylesheet
text/css 2606:4700:10::6816:3d59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.attackiq.com/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3d59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

044efea78208376302aad3808aaabdf3c2f7bdd80ba9d55c9e0e4d3baa7a3908

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 17:35:19 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 117407
x-xss-protection: 1; mode=block
pragma: public
last-modified: Tue, 05 Mar 2024 11:23:33 GMT
server: cloudflare
etag: W/"65e700b5-3a75"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 86f30de20dd54d52-FRA
expires: Thu, 03 Apr 2025 08:58:31 GMT

GET
H2 200 search-filter.min.css
www.attackiq.com/wp-content/plugins/search-filter-pro/public/assets/css/ 36 KB
6 KB 101ms
98ms Stylesheet
text/css 2606:4700:10::6816:3d59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.attackiq.com/wp-content/plugins/search-filter-pro/public/assets/css/search-filter.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3d59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c90d3c0b0e49b95857fbd4a60728451deb97ac4079be355467deac9ee7de4a4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 17:35:19 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 91095
x-xss-protection: 1; mode=block
pragma: public
last-modified: Wed, 31 Jan 2024 17:07:30 GMT
server: cloudflare
etag: W/"65ba7e52-91f3"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 86f30de20dd74d52-FRA
expires: Thu, 03 Apr 2025 16:17:04 GMT

GET
H2 200 app.0efb2e5f.css
www.attackiq.com/wp-content/themes/attackiq/dist/ 297 KB
50 KB 103ms
101ms Stylesheet
text/css 2606:4700:10::6816:3d59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.attackiq.com/wp-content/themes/attackiq/dist/app.0efb2e5f.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3d59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c21a498c92235bcdedf2edfd6cd2f609b243d89ee25d9799ab0d0a149e3f6507

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 17:35:19 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 117407
x-xss-protection: 1; mode=block
pragma: public
last-modified: Thu, 21 Sep 2023 15:10:11 GMT
server: cloudflare
etag: W/"650c5cd3-4a3e7"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 86f30de20dd84d52-FRA
expires: Thu, 03 Apr 2025 08:58:31 GMT

GET
H2 200 jquery.min.js Show response
www.attackiq.com/wp-includes/js/jquery/ 86 KB
30 KB 64ms
62ms Script
application/javascript 2606:4700:10::6816:3d59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.attackiq.com/wp-includes/js/jquery/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3d59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 17:35:19 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 91095
x-xss-protection: 1; mode=block
pragma: public
last-modified: Mon, 04 Dec 2023 15:27:19 GMT
server: cloudflare
etag: W/"656defd7-15601"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 86f30de20dda4d52-FRA
expires: Thu, 03 Apr 2025 16:17:04 GMT

GET
H2 200 jquery-migrate.min.js Show response
www.attackiq.com/wp-includes/js/jquery/ 13 KB
5 KB 103ms
102ms Script
application/javascript 2606:4700:10::6816:3d59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.attackiq.com/wp-includes/js/jquery/jquery-migrate.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3d59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 17:35:19 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 117407
x-xss-protection: 1; mode=block
pragma: public
last-modified: Tue, 19 Sep 2023 16:58:31 GMT
server: cloudflare
etag: W/"6509d337-3509"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 86f30de20ddb4d52-FRA
expires: Thu, 03 Apr 2025 08:58:31 GMT

GET
H2 200 flatpickr.min.js Show response
www.attackiq.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/ 49 KB
14 KB 102ms
100ms Script
application/javascript 2606:4700:10::6816:3d59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.attackiq.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3d59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddbda21655c0c2cb09913a9e33d856a8b8f3e1eae610cdbda8524def2dc71f7d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 17:35:19 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 117407
x-xss-protection: 1; mode=block
pragma: public
last-modified: Tue, 05 Mar 2024 11:23:33 GMT
server: cloudflare
etag: W/"65e700b5-c5a4"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 86f30de21ddc4d52-FRA
expires: Thu, 03 Apr 2025 08:58:31 GMT

GET
H2 200 select2.min.js Show response
www.attackiq.com/wp-content/plugins/wp-user-avatar/assets/select2/ 69 KB
20 KB 103ms
102ms Script
application/javascript 2606:4700:10::6816:3d59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.attackiq.com/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3d59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00501810e93307a8882a74d864e7547fd1458deea539361dc1124ac133799a4b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 17:35:19 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 117407
x-xss-protection: 1; mode=block
pragma: public
last-modified: Tue, 05 Mar 2024 11:23:33 GMT
server: cloudflare
etag: W/"65e700b5-114c3"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 86f30de24e234d52-FRA
expires: Thu, 03 Apr 2025 08:58:31 GMT

GET
H2 200 search-filter-build.min.js Show response
www.attackiq.com/wp-content/plugins/search-filter-pro/public/assets/js/ 64 KB
18 KB 104ms
102ms Script
application/javascript 2606:4700:10::6816:3d59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.attackiq.com/wp-content/plugins/search-filter-pro/public/assets/js/search-filter-build.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3d59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6d7d5a6953659e28738fb9908ebd2161bb9013afc50e0bb292af091184848a7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 17:35:19 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 117407
x-xss-protection: 1; mode=block
pragma: public
last-modified: Wed, 31 Jan 2024 17:07:30 GMT
server: cloudflare
etag: W/"65ba7e52-10084"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 86f30de24e264d52-FRA
expires: Thu, 03 Apr 2025 08:58:31 GMT

GET
H2 200 chosen.jquery.min.js Show response
www.attackiq.com/wp-content/plugins/search-filter-pro/public/assets/js/ 28 KB
7 KB 103ms
102ms Script
application/javascript 2606:4700:10::6816:3d59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.attackiq.com/wp-content/plugins/search-filter-pro/public/assets/js/chosen.jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3d59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73881513a7e7f8944a311bea8e80e9fad946e256ae74d62b5c8d469dc6df0186

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 17:35:19 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 117407
x-xss-protection: 1; mode=block
pragma: public
last-modified: Wed, 31 Jan 2024 17:07:30 GMT
server: cloudflare
etag: W/"65ba7e52-71c1"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 86f30de24e294d52-FRA
expires: Thu, 03 Apr 2025 08:58:31 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 309 KB
101 KB 283ms
128ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=GT-KFGW4RR

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

adce214f0b737c2ec285a8c2b86dc742e75c6d2823140b6b8f5f2f3377141e6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 17:35:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 103235
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 04 Apr 2024 17:35:20 GMT

GET
H2 200 2afbeace-befe-4a9c-b171-2050fe80651e.json Show response
cdn.cookielaw.org/consent/2afbeace-befe-4a9c-b171-2050fe80651e/ 3 KB
2 KB 140ms
59ms XHR
application/x-javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/2afbeace-befe-4a9c-b171-2050fe80651e/2afbeace-befe-4a9c-b171-2050fe80651e.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4acc3f32c5ef71ec50c2e0b2fb02e87a1a2b250cf3bde73b4bea6113ea5c6e55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 04 Apr 2024 17:35:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 35
content-md5: 0FhYva+zrTxkUx2nvfYWzw==
content-length: 1344
x-ms-lease-status: unlocked
last-modified: Mon, 19 Apr 2021 09:39:40 GMT
server: cloudflare
etag: 0x8D903170DF198BF
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 2cb177e1-701e-0025-340a-7c90ff000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 86f30de36bb292b1-FRA
expires: Fri, 05 Apr 2024 17:35:19 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 250 KB
89 KB 212ms
57ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5VVNX5K

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e10e929719515410cc61bca2e272e73772ee894d0d8b1deb3b0513ff6e05fbce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 17:35:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 90325
x-xss-protection: 0
last-modified: Thu, 04 Apr 2024 16:59:28 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 04 Apr 2024 17:35:20 GMT

GET
H2 200 generic-flex-chicklet.png
www.attackiq.com/wp-content/uploads/2023/11/ 160 KB
160 KB 920ms
920ms Image
image/png 2606:4700:10::6816:3d59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.attackiq.com/wp-content/uploads/2023/11/generic-flex-chicklet.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3d59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62bde4b2f163626889823026325930c7b964fb7cb8de75ede811be615755796f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 17:35:20 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
cf-cache-status: MISS
content-length: 163702
x-xss-protection: 1; mode=block
pragma: public
last-modified: Thu, 02 Nov 2023 15:03:30 GMT
server: cloudflare
etag: "6543ba42-27f76"
x-frame-options: SAMEORIGIN
vary: Accept, Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 86f30de2fefc4d52-FRA
expires: Fri, 04 Apr 2025 17:35:19 GMT

GET
H2 200 col-usr-ms-2-150x150.png
www.attackiq.com/wp-content/uploads/2023/09/ 35 KB
35 KB 766ms
766ms Image
image/png 2606:4700:10::6816:3d59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.attackiq.com/wp-content/uploads/2023/09/col-usr-ms-2-150x150.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3d59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28d189dcfd3463ad3789aeb8d6e773cfc667dc0066e2e84ae8089316753a38ab

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 17:35:20 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
cf-cache-status: MISS
content-length: 35878
x-xss-protection: 1; mode=block
pragma: public
last-modified: Thu, 07 Sep 2023 15:11:41 GMT
server: cloudflare
etag: "64f9e82d-8c26"
x-frame-options: SAMEORIGIN
vary: Accept, Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 86f30de2fefe4d52-FRA
expires: Fri, 04 Apr 2025 17:35:19 GMT

GET
H2 200 flex-white-stack-pad.svg
www.attackiq.com/wp-content/uploads/2023/11/ 7 KB
2 KB 546ms
543ms Image
image/svg+xml 2606:4700:10::6816:3d59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.attackiq.com/wp-content/uploads/2023/11/flex-white-stack-pad.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3d59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e03d7f42f725dc803e375cd5ff750aae2a78ee42055b4eef706bad0ce0c393ac

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 17:35:20 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
x-xss-protection: 1; mode=block
pragma: public
last-modified: Thu, 02 Nov 2023 15:12:26 GMT
server: cloudflare
etag: W/"6543bc5a-1bc6"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 86f30de58a404d52-FRA
expires: Fri, 04 Apr 2025 17:35:20 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.8.1/css/ 54 KB
12 KB 220ms
59ms Stylesheet
text/css 2606:4700:e6::ac40:ce26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.8.1/css/all.css
Requested by: Host: www.attackiq.com
URL: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ce26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/
Origin: https://www.attackiq.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 17:35:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 01:45:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 706717
etag: W/"e4c542a7f6bf6f74fdd8cdf6e8096396"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nkcGDBlK5MsQrWuvAIgJz9TWDX%2FbCzJlU8k7NCwCJB1eQgECJ8a85D4lgCMmThaLE%2BcmCHj3ngkB3MuEYgkB2rlolpDmTZtedCmQ1sxzfHJk2mDhXyYpxGKL0Ob8G78%2Bb95HWhSpDBiQgC7494qk0gKx"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 86f30de67ddb0216-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 forms2.min.js Show response
app-ab33.marketo.com/js/forms2/js/ 199 KB
67 KB 257ms
61ms Script
application/x-javascript 104.16.96.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-ab33.marketo.com/js/forms2/js/forms2.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.96.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9649e0e9e5790f8d6b5e69aa4ff9969e8f7d72a84f8501ff9379078005124d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 17:35:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 05 Mar 2024 19:24:48 GMT
server: cloudflare
age: 1004
etag: "1480933-31af8-612eecb9f6000"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 86f30de6ad808fc8-FRA
expires: Thu, 04 Apr 2024 21:35:20 GMT

GET
H2 200 marketo.js Show response
www.attackiq.com/wp-content/plugins/basis-marketo/lib/ 4 KB
1 KB 59ms
57ms Script
application/javascript 2606:4700:10::6816:3d59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.attackiq.com/wp-content/plugins/basis-marketo/lib/marketo.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3d59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f3a8e65ec78b77eb0ffa8a7cb3a18c4e0ef2f677e5dd1ec7deaaeadeacac473

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 17:35:19 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 117407
x-xss-protection: 1; mode=block
pragma: public
last-modified: Wed, 14 Jun 2023 18:20:21 GMT
server: cloudflare
etag: W/"648a04e5-ee7"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 86f30de58a434d52-FRA
expires: Thu, 03 Apr 2025 08:58:32 GMT

GET
H2 200 frontend.min.js Show response
www.attackiq.com/wp-content/plugins/wp-user-avatar/assets/js/ 19 KB
4 KB 61ms
59ms Script
application/javascript 2606:4700:10::6816:3d59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.attackiq.com/wp-content/plugins/wp-user-avatar/assets/js/frontend.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3d59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3bedfc6a1eccd45281b8c1a4b66af947f9944b7e750566c2268a4eb927ee2cdb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 17:35:19 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 117407
x-xss-protection: 1; mode=block
pragma: public
last-modified: Tue, 05 Mar 2024 11:23:33 GMT
server: cloudflare
etag: W/"65e700b5-4ae9"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 86f30de58a454d52-FRA
expires: Thu, 03 Apr 2025 08:58:32 GMT

GET
H2 200 core.min.js Show response
www.attackiq.com/wp-includes/js/jquery/ui/ 21 KB
7 KB 60ms
58ms Script
application/javascript 2606:4700:10::6816:3d59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.attackiq.com/wp-includes/js/jquery/ui/core.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3d59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 17:35:19 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 102536
x-xss-protection: 1; mode=block
pragma: public
last-modified: Wed, 14 Jun 2023 19:52:27 GMT
server: cloudflare
etag: W/"648a1a7b-53be"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 86f30de58a484d52-FRA
expires: Thu, 03 Apr 2025 13:06:23 GMT

GET
H2 200 datepicker.min.js Show response
www.attackiq.com/wp-includes/js/jquery/ui/ 36 KB
11 KB 600ms
598ms Script
application/javascript 2606:4700:10::6816:3d59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.attackiq.com/wp-includes/js/jquery/ui/datepicker.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3d59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db5ffd916dbeb4938cc236cb3a42e73a56987f28c5deb9f3beccbe2c4af19307

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 17:35:20 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
x-xss-protection: 1; mode=block
pragma: public
last-modified: Wed, 14 Jun 2023 19:52:27 GMT
server: cloudflare
etag: W/"648a1a7b-8f79"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 86f30de58a4a4d52-FRA
expires: Fri, 04 Apr 2025 17:35:20 GMT

GET
H2 200 runtime.d925e6c1.js Show response
www.attackiq.com/wp-content/themes/attackiq/dist/ 2 KB
861 B 65ms
63ms Script
application/javascript 2606:4700:10::6816:3d59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.attackiq.com/wp-content/themes/attackiq/dist/runtime.d925e6c1.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3d59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92352075ba806940563a09017ef43fd055a33d3f7f644b46dcf23a0d30a9190b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 17:35:19 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 117407
x-xss-protection: 1; mode=block
pragma: public
last-modified: Thu, 21 Sep 2023 15:10:11 GMT
server: cloudflare
etag: W/"650c5cd3-613"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 86f30de58a4d4d52-FRA
expires: Thu, 03 Apr 2025 08:58:32 GMT

GET
H2 200 app.a7d8fd16.js Show response
www.attackiq.com/wp-content/themes/attackiq/dist/ 244 KB
74 KB 128ms
127ms Script
application/javascript 2606:4700:10::6816:3d59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.attackiq.com/wp-content/themes/attackiq/dist/app.a7d8fd16.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3d59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d00f5f568802135cf1b7b320d33a89c3ec5496bbf82a47e19034c6d42a17d1e1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 17:35:19 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 117408
x-xss-protection: 1; mode=block
pragma: public
last-modified: Thu, 21 Sep 2023 15:10:11 GMT
server: cloudflare
etag: W/"650c5cd3-3ced3"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 86f30de58a524d52-FRA
expires: Thu, 03 Apr 2025 08:58:31 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
295 B 148ms
65ms XHR
application/json 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept: application/json
Referer: https://www.attackiq.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 17:35:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 86f30de45cdf3731-FRA
access-control-allow-headers: Content-Type

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.16.0/ 374 KB
83 KB 61ms
61ms Script
application/javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.16.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

353bcd41d11cc5a2bcb6763c269e41ac785c06ace29ac10053bb7c0fa3bf1ecf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 04 Apr 2024 17:35:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: dGCXlveaBvO7BI0nfZKP+g==
age: 84895
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 85065
x-ms-lease-status: unlocked
last-modified: Thu, 06 May 2021 19:31:04 GMT
server: cloudflare
etag: 0x8D910C57D52F14C
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 710ae3a0-c01e-001f-75b5-0c8a87000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 86f30de58df19219-FRA

GET
DATA 200
OK truncated
/ 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04240b2b6bc4f1f36112526e875ecc87928099a67d6aa207686acdeaa6c0160a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 180 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 417d9da66e84c787fa30e6c0880fe5b92a9828c75137241bdd24ce7ae80d6fce

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 apercu-light-pro.2a2743b2.woff2
www.attackiq.com/wp-content/themes/attackiq/dist/fonts/ 45 KB
45 KB 776ms
775ms Font
font/woff2 2606:4700:10::6816:3d59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.attackiq.com/wp-content/themes/attackiq/dist/fonts/apercu-light-pro.2a2743b2.woff2

Requested by

Host: www.attackiq.com
URL: https://www.attackiq.com/wp-content/themes/attackiq/dist/app.0efb2e5f.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3d59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52350d4cec6f6079a23d7da90051f81fbc32579529501285e1f1f168fa7a8e11

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/wp-content/themes/attackiq/dist/app.0efb2e5f.css
Origin: https://www.attackiq.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 17:35:20 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
cf-cache-status: EXPIRED
content-length: 45708
x-xss-protection: 1; mode=block
pragma: public
last-modified: Thu, 21 Sep 2023 15:10:11 GMT
server: cloudflare
etag: "650c5cd3-b28c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 86f30de58a554d52-FRA
expires: Fri, 04 Apr 2025 17:35:20 GMT

GET
H2 200 Whyte-Regular.412d6af0.woff2
www.attackiq.com/wp-content/themes/attackiq/dist/fonts/ 44 KB
44 KB 795ms
794ms Font
font/woff2 2606:4700:10::6816:3d59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.attackiq.com/wp-content/themes/attackiq/dist/fonts/Whyte-Regular.412d6af0.woff2

Requested by

Host: www.attackiq.com
URL: https://www.attackiq.com/wp-content/themes/attackiq/dist/app.0efb2e5f.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3d59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

acb1007ab807eca533e1ee9349c8033b396f060a590b5d7e4853153d4dfd8abe

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/wp-content/themes/attackiq/dist/app.0efb2e5f.css
Origin: https://www.attackiq.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 17:35:20 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
cf-cache-status: EXPIRED
content-length: 45192
x-xss-protection: 1; mode=block
pragma: public
last-modified: Thu, 21 Sep 2023 15:10:11 GMT
server: cloudflare
etag: "650c5cd3-b088"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 86f30de58a574d52-FRA
expires: Fri, 04 Apr 2025 17:35:20 GMT

GET
H2 200 apercu-mono-regular-pro.35b3e973.woff2
www.attackiq.com/wp-content/themes/attackiq/dist/fonts/ 35 KB
35 KB 754ms
754ms Font
font/woff2 2606:4700:10::6816:3d59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.attackiq.com/wp-content/themes/attackiq/dist/fonts/apercu-mono-regular-pro.35b3e973.woff2

Requested by

Host: www.attackiq.com
URL: https://www.attackiq.com/wp-content/themes/attackiq/dist/app.0efb2e5f.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3d59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffd5f7087e0c2de523e020e87a885250d36cdc944ba494f1b0f410e2b05bdc73

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/wp-content/themes/attackiq/dist/app.0efb2e5f.css
Origin: https://www.attackiq.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 17:35:20 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
cf-cache-status: MISS
content-length: 36176
x-xss-protection: 1; mode=block
pragma: public
last-modified: Thu, 21 Sep 2023 15:10:11 GMT
server: cloudflare
etag: "650c5cd3-8d50"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 86f30de58a584d52-FRA
expires: Fri, 04 Apr 2025 17:35:20 GMT

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/2afbeace-befe-4a9c-b171-2050fe80651e/430171c7-c998-4db2-af36-bcbbce45c76f/ 45 KB
9 KB 65ms
64ms Fetch
application/x-javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/2afbeace-befe-4a9c-b171-2050fe80651e/430171c7-c998-4db2-af36-bcbbce45c76f/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.16.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3373ad7158f2e4cb43fa622e592f0d11b9d5d0a22295a0137c2541f350e5c1b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 04 Apr 2024 17:35:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 35
content-md5: h1xkZ1JgDsGL5wq3E2a4zw==
content-length: 8722
x-ms-lease-status: unlocked
last-modified: Mon, 19 Apr 2021 09:39:44 GMT
server: cloudflare
etag: 0x8D90317103C470C
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 5abc3cd5-701e-0035-6869-795597000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 86f30de66e8c92b1-FRA
expires: Fri, 05 Apr 2024 17:35:20 GMT

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.16.0/assets/ 12 KB
3 KB 50ms
50ms Fetch
application/json 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.16.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.16.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb1fa7363d6e4772f7c49d67f031d68f209e66de6c3c05aade6fdc57a02505c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 04 Apr 2024 17:35:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: DKM3/i+7h7Fs8cEMor3s2A==
age: 35
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2938
x-ms-lease-status: unlocked
last-modified: Thu, 06 May 2021 19:30:47 GMT
server: cloudflare
etag: 0x8D910C572DA86E8
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 3a41c480-001e-0010-7612-15fceb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 86f30de6ded992b1-FRA

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/6.16.0/assets/v2/ 47 KB
11 KB 51ms
51ms Fetch
application/json 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.16.0/assets/v2/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.16.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a082145419e862c11e82c8d58fdae1f5bb02c3175d93ce884793ac869994515

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 04 Apr 2024 17:35:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: S3H0HVpdA/Z6/RbJtrvCUQ==
age: 35
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 11574
x-ms-lease-status: unlocked
last-modified: Thu, 06 May 2021 19:30:49 GMT
server: cloudflare
etag: 0x8D910C5747F0CDA
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 8540493b-401e-0001-23b6-71665f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 86f30de6deda92b1-FRA

GET
H2 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.8.1/webfonts/ 73 KB
73 KB 69ms
69ms Font
font/woff2 2606:4700:e6::ac40:ce26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.8.1/webfonts/fa-brands-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.8.1/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ce26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc64d7192f84497cacad5c10aef682562c24aa6124270f85fe247e223607f3ed

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://use.fontawesome.com/releases/v5.8.1/css/all.css
Origin: https://www.attackiq.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 17:35:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1073955
alt-svc: h3=":443"; ma=86400
content-length: 74768
last-modified: Fri, 22 Sep 2023 01:45:57 GMT
server: cloudflare
etag: "5e2f92123d241cabecf0b289b9b08d4a"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NW4xDwrV2mQDm5kpHPmRIT8smXk1p5jZ0cCn%2B0a2tJ3HS%2BZjTc4JmuLbwvWGdA1PVzBM3VHdxLbnud1TNqD1pA8tMMBCsxJjKSnqcBGNk2HR%2FYiVnDCw88VZ09xIya3GcJWnufkShr8k%2Byp67UJ0gUFF"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 86f30de6fe750216-CDG

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.8.1/webfonts/ 73 KB
73 KB 123ms
123ms Font
font/woff2 2606:4700:e6::ac40:ce26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.8.1/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.8.1/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ce26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f18c486a80175cf02fee0e05c2b4acd86c04cdbaecec61c1ef91f920509b5efe

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://use.fontawesome.com/releases/v5.8.1/css/all.css
Origin: https://www.attackiq.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 17:35:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1839868
alt-svc: h3=":443"; ma=86400
content-length: 74256
last-modified: Fri, 22 Sep 2023 01:45:57 GMT
server: cloudflare
etag: "418dad87601f9c8abd0e5798c0dc1feb"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pz1vJH1%2FC890E5H4OVTvL%2Bk63SX7Bylf%2BEercyfY4FwzGPDGnYS1wBTeXBowRnrw9jib4DiHqvAQixZxGKMqr2KLG4gbyeCo8MHpcsC5ICSRQ%2FzU2a4rI3tntqcyMnCdQ%2BS2u6hgU%2B9Xn2eEshEr%2B7jt"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 86f30de6fe760216-CDG

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 309 KB
100 KB 67ms
66ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8NYXCHZ3PM&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5VVNX5K

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

852197e69ceafadf743bd95bb82185de3f30776a9489d6384b6064fdbfef8615

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 17:35:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 102734
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 04 Apr 2024 17:35:20 GMT

GET
H2 200 hotjar-3147235.js Show response
static.hotjar.com/c/ 9 KB
4 KB 327ms
96ms Script
application/javascript 65.9.95.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3147235.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5VVNX5K

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-86.prg50.r.cloudfront.net

Software

Resource Hash

4f44d67364ebba36026eb28740a2ca33de8495283999dae389727cc7b278c4a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 04 Apr 2024 17:35:20 GMT
via: 1.1 4bc1976da553dde6dd59c4ea33001b72.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
etag: W/4b3b39f3248c75ddd828e23e201fd3ce
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: 5DsoYY0ttcBU1SuGLrnsRx4Odd8SgCbVCvGSFGadEiVLb8gFfJQ7ww==

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 244 KB
85 KB 60ms
60ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-862175634&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5VVNX5K

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b37a916a276b027318bf140c6f9663815a24b5833cabcb5511ad49b93c0d396a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 17:35:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87003
x-xss-protection: 0
last-modified: Thu, 04 Apr 2024 16:59:28 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 04 Apr 2024 17:35:20 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 48 KB
17 KB 270ms
41ms Script
application/javascript 2a02:26f0:3500:16::215:1496
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: go2.attackiq.com
URL: https://go2.attackiq.com/MDQxLUZTUS0yODEAAAGSSRXQ3r5fzRYgXpHRCtEENNAySQZiaTK7YDEAiu1TPezZ57FsTzcLn0L2_b_FuZqZG5UC3zg=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:1496 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

85a881fba590ac097d83e7d5397c82c99d9538ac482af8f10a3e5886393cfc85

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 17:35:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 11 Mar 2024 16:03:53 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=62701
accept-ranges: bytes
content-length: 17224

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 270ms
41ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: go2.attackiq.com
URL: https://go2.attackiq.com/MDQxLUZTUS0yODEAAAGSSRXQ3r5fzRYgXpHRCtEENNAySQZiaTK7YDEAiu1TPezZ57FsTzcLn0L2_b_FuZqZG5UC3zg=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 17:35:20 GMT
content-encoding: gzip
last-modified: Fri, 22 Mar 2024 21:07:24 GMT
x-amz-server-side-encryption: AES256
etag: "bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15412
x-served-by: cache-iad-kiad7000168-IAD, cache-fra-etou8220024-FRA

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 295ms
66ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: go2.attackiq.com
URL: https://go2.attackiq.com/MDQxLUZTUS0yODEAAAGSSRXQ3r5fzRYgXpHRCtEENNAySQZiaTK7YDEAiu1TPezZ57FsTzcLn0L2_b_FuZqZG5UC3zg=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 04 Apr 2024 17:35:20 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F6CC92AECA274A01BDDA670AC9D291D3 Ref B: FRA31EDGE0215 Ref C: 2024-04-04T17:35:20Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/YSZ4UUXZGBFNJCKYN2A5BV/ 109 KB
32 KB 267ms
42ms Script
text/javascript 2600:9000:2644:9200:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/YSZ4UUXZGBFNJCKYN2A5BV/roundtrip.js
Requested by: Host: go2.attackiq.com
URL: https://go2.attackiq.com/MDQxLUZTUS0yODEAAAGSSRXQ3r5fzRYgXpHRCtEENNAySQZiaTK7YDEAiu1TPezZ57FsTzcLn0L2_b_FuZqZG5UC3zg=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:9200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bf5b38d994a0ed1b52c7d8214199cecfda706157fe1d189935a4f2e8d808f203

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-Amz-Version-Id: RU6umeExUpsoUgMXI0mwh78h0cgq57Vp
Content-Encoding: gzip
Via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
Date: Thu, 04 Apr 2024 17:21:23 GMT
Age: 2371
X-Amz-Cf-Pop: FRA60-P6
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 03 Apr 2024 12:44:27 GMT
Server: AmazonS3
Etag: W/"0b50e38e76922fd7507732771bdbf38e"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: nMGLNSvbLEQtTJzd7zdNXIlKfmBPlxGwIpOlRPmBXKa4H95afbM8zg==

GET
H2 200 tag.aspx Show response
ml314.com/ 33 KB
11 KB 270ms
41ms Script
application/javascript 34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?432024
Requested by: Host: go2.attackiq.com
URL: https://go2.attackiq.com/MDQxLUZTUS0yODEAAAGSSRXQ3r5fzRYgXpHRCtEENNAySQZiaTK7YDEAiu1TPezZ57FsTzcLn0L2_b_FuZqZG5UC3zg=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c613bd0434cd5a0f6d1db345a5b36c8bdc6339e96ffde9695340aa1094399f43

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 17:10:33 GMT
via: 1.1 google
content-encoding: br
age: 1487
x-guploader-uploadid: ABPtcPrgnOv161R2fySA_zCk2YRtIQOH80Ap7a7azWwjMM6hIpq8R5ILddYktguw5A8idpGpjLl_q8XO_A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10617
last-modified: Tue, 19 Mar 2024 18:01:29 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1710871289439515
x-goog-hash: crc32c=HinCJA==, md5=x4MOkeS+jF0j70aOQ9M5fQ==
content-type: application/javascript
cache-id: FRA-fa985ced
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 34224
accept-ranges: bytes

GET
H2 200 6si.min.js Show response
j.6sc.co/ 64 KB
18 KB 279ms
42ms Script
application/javascript 2.17.100.193
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: go2.attackiq.com
URL: https://go2.attackiq.com/MDQxLUZTUS0yODEAAAGSSRXQ3r5fzRYgXpHRCtEENNAySQZiaTK7YDEAiu1TPezZ57FsTzcLn0L2_b_FuZqZG5UC3zg=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.193 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-193.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

8c1781ec4483c6fb3bd9ad005d312800eaf24e232c12976624bff84f8ab908b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 04 Apr 2024 17:35:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Feb 2024 19:00:41 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "65d799d9-101dd"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
accept-ranges: bytes
content-length: 17693
expires: Thu, 04 Apr 2024 17:35:20 GMT

GET
H2 200 qualified.js Show response
js.qualified.com/ 657 KB
160 KB 716ms
488ms Script
text/javascript 2606:4700::6812:1105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.qualified.com/qualified.js?token=j1bgMw3UdfB6bHr6

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5VVNX5K

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1105 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d662cd17c4edabe4a6605e477e1c6c81a0e9eae4a844f02a441c7deb665f3829

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 17:35:20 GMT
content-encoding: gzip
via: 1.1 spaces-router (devel)
strict-transport-security: max-age=63072000; includeSubDomains
cf-cache-status: MISS
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: cb2fd8e1-d321-8be8-8110-98ec9764e0d8
pragma: no-cache
x-runtime: 0.030558
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"d662cd17c4edabe4a6605e477e1c6c81"
x-download-options: noopen
vary: Accept,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 86f30de92b2e9b3f-FRA
expires: Thu, 04 Apr 2024 21:35:20 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 269ms
42ms Script
application/x-javascript 88.221.60.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: go2.attackiq.com
URL: https://go2.attackiq.com/MDQxLUZTUS0yODEAAAGSSRXQ3r5fzRYgXpHRCtEENNAySQZiaTK7YDEAiu1TPezZ57FsTzcLn0L2_b_FuZqZG5UC3zg=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.60.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-60-75.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 04 Apr 2024 17:35:20 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 729

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 309 KB
101 KB 67ms
67ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=GT-KFGW4RR&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5VVNX5K

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1b318512e85f8688d00eda7eea75c6fb5d29572c787158b01477d1191d06a33a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 17:35:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 103186
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 04 Apr 2024 17:35:20 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
255 B 247ms
48ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-F05SB1HBT8&gtm=45Pe4410v9116878293za200&_p=1712252119485&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&gdid=dZTNiMT&cid=986059712.1712252120&ul=en-us&sr=800x600&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=EA&_s=1&sid=1712252120&sct=1&seg=0&dl=https%3A%2F%2Fwww.attackiq.com%2F2024%2F04%2F04%2Fcyber-sorcery%2F%3Fmkt_tok%3DMDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK&dr=https%3A%2F%2Fgo2.attackiq.com%2F&dt=Confronting%20Lazarus%20Group%20-%20MagicRAT%20and%20TigerRAT%20Campaign%20-%20AttackIQ&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1635
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-KFGW4RR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 04 Apr 2024 17:35:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.attackiq.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 46ms
46ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-8NYXCHZ3PM&gtm=45je4410v899012907z879575729za200&_p=1712252119485&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=986059712.1712252120&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1712252120&sct=1&seg=0&dl=https%3A%2F%2Fwww.attackiq.com%2F2024%2F04%2F04%2Fcyber-sorcery%2F%3Fmkt_tok%3DMDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK&dr=https%3A%2F%2Fgo2.attackiq.com%2F&dt=Confronting%20Lazarus%20Group%20-%20MagicRAT%20and%20TigerRAT%20Campaign%20-%20AttackIQ&en=page_view&_fv=1&_ss=1&tfd=1770
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8NYXCHZ3PM&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 04 Apr 2024 17:35:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.attackiq.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
255 B 151ms
50ms Ping
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-8NYXCHZ3PM&cid=986059712.1712252120&gtm=45je4410v899012907z879575729za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8NYXCHZ3PM&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 04 Apr 2024 17:35:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.attackiq.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 146ms
65ms Image
image/gif 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8NYXCHZ3PM&cid=986059712.1712252120&gtm=45je4410v899012907z879575729za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1294299128

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 04 Apr 2024 17:35:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/163/ 11 KB
5 KB 43ms
43ms Script
application/x-javascript 88.221.60.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/163/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.60.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-60-75.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 04 Apr 2024 17:35:20 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Jan 2023 02:26:40 GMT
Server: AkamaiNetStorage
ETag: "ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4741
Expires: Sat, 13 Jul 2024 17:35:20 GMT

GET
H2 200 utsync.ashx Show response
ml314.com/ 62 B
254 B 60ms
60ms Script
application/javascript 34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=84130&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.attackiq.com%2F2024%2F04%2F04%2Fcyber-sorcery%2F%3Fmkt_tok%3DMDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK&pv=1712252120542_aovjgykag&bl=en-us&cb=7331150&return=&ht=&d=&dc=&si=1712252120542_aovjgykag&cid=&s=800x600&rp=https%3A%2F%2Fgo2.attackiq.com%2F&v=2.7.1.157
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?432024
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 04 Apr 2024 17:35:20 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
content-type: application/javascript
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H/1.1 200
OK ud.ashx Show response
in.ml314.com/ 20 B
482 B 570ms
201ms Script
application/javascript 54.204.151.223
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://in.ml314.com/ud.ashx?topiclimit=&cb=432024&v=2.7.1.157
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?432024
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.204.151.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-204-151-223.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 04 Apr 2024 17:35:20 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public
Connection: keep-alive
Content-Length: 138
Expires: Fri, 05 Apr 2024 17:35:21 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=555570&time=1712252120544&li_adsId=d930d065-fcb2-49e3-b154-076543eea4d8&url=https%3A%2F%2Fwww.attackiq.com%2F2024%2F04%2F04%2Fcyber-sorcery%2F%3Fm...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=555570&time=1712252120544&li_adsId=d930d065-fcb2-49e3-b154-076543eea4d8&url=https%3A%2F%2Fwww.attackiq.com%2F2024%2F04%2F04%2Fcyber-sorcery%2F%3Fm...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D555570%26time%3D1712252120544%26li_adsId%3Dd930d065-fcb2-49e3-b154-076543eea4d8%2...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=555570&time=1712252120544&li_adsId=d930d065-fcb2-49e3-b154-076543eea4d8&url=https%3A%2F%2Fwww.attackiq.com%2F2024%2F04%2F04%2Fcyber-sorcery%2F%3Fm...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=555570&time=1712252120544&li_adsId=d930d065-fcb2-49e3-b154-076543eea4d8&url=https%3A%2F%2Fwww.attackiq.com%2F2024%2F04%2F04%2Fcyber-sorcery%2F%3F...

0
265 B

278ms
184ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=555570&time=1712252120544&li_adsId=d930d065-fcb2-49e3-b154-076543eea4d8&url=https%3A%2F%2Fwww.attackiq.com%2F2024%2F04%2F04%2Fcyber-sorcery%2F%3Fmkt_tok%3DMDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK&cookiesTest=true&liSync=true&e_ipv6=AQJra2CbHCsn6AAAAY6qLfFRYT8_gI1iQHL4E4fq5399c9CxWZrkynpoNBPrTNn5ehIpF_eK
Requested by: Host: www.attackiq.com
URL: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.attackiq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Thu, 04 Apr 2024 17:35:21 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 551D270447FE4D129C0A044B8C7229E9 Ref B: FRAEDGE1909 Ref C: 2024-04-04T17:35:21Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYVSMN6xHH4aRBQKL7HCA==

Redirect headers

date: Thu, 04 Apr 2024 17:35:20 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 8FF5E684A95243A69621AF9C4CF1C140 Ref B: DUS30EDGE0916 Ref C: 2024-04-04T17:35:21Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=555570&time=1712252120544&li_adsId=d930d065-fcb2-49e3-b154-076543eea4d8&url=https%3A%2F%2Fwww.attackiq.com%2F2024%2F04%2F04%2Fcyber-sorcery%2F%3Fmkt_tok%3DMDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK&cookiesTest=true&liSync=true&e_ipv6=AQJra2CbHCsn6AAAAY6qLfFRYT8_gI1iQHL4E4fq5399c9CxWZrkynpoNBPrTNn5ehIpF_eK
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYVSMN2fOVFRRCnV0rxyQ==

GET
H2 200 adsct
t.co/i/ 43 B
377 B 227ms
142ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=6da1f63a-29b0-4f81-b739-9f33aca99276&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=8afe56f9-1725-44c6-945c-ed775b65ad5c&tw_document_href=https%3A%2F%2Fwww.attackiq.com%2F2024%2F04%2F04%2Fcyber-sorcery%2F%3Fmkt_tok%3DMDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nzg3c&type=javascript&version=2.3.30

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 102
date: Thu, 04 Apr 2024 17:35:20 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 08b20875a8cfe496
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: 515ea13d05071dd84ef4524b64feb063e7de99eee90ef180651b4b7079cd975f
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
394 B 397ms
226ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=6da1f63a-29b0-4f81-b739-9f33aca99276&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=8afe56f9-1725-44c6-945c-ed775b65ad5c&tw_document_href=https%3A%2F%2Fwww.attackiq.com%2F2024%2F04%2F04%2Fcyber-sorcery%2F%3Fmkt_tok%3DMDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nzg3c&type=javascript&version=2.3.30

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 186
date: Thu, 04 Apr 2024 17:35:20 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 6dad80d4b1afdcc2
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: 1830f3b193e0e41e71abede27a6c2e5e0084612c26e2476e499b134ece20696c
content-length: 43

GET
H2 204 56239791.js Show response
bat.bing.com/p/action/ 0
118 B 144ms
144ms Script
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/56239791.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Thu, 04 Apr 2024 17:35:20 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7F7BD2E54B83429487A2A8D10F10C481 Ref B: FRA31EDGE0215 Ref C: 2024-04-04T17:35:20Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
286 B 62ms
62ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=56239791&Ver=2&mid=62818c39-4293-48b2-b466-38f9eafb9169&sid=b59fab60f2a911eeb2a287946ca43471&vid=b59fbd60f2a911ee91c4d7bb86ab516b&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=800&sh=600&sc=24&tl=Confronting%20Lazarus%20Group%20-%20MagicRAT%20and%20TigerRAT%20Campaign%20-%20AttackIQ&p=https%3A%2F%2Fwww.attackiq.com%2F2024%2F04%2F04%2Fcyber-sorcery%2F%3Fmkt_tok%3DMDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK&r=https%3A%2F%2Fgo2.attackiq.com%2F&lt=1890&evt=pageLoad&sv=1&rn=838231

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 04 Apr 2024 17:35:20 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 58EC02C1D995455AB467703153A31B09 Ref B: FRA31EDGE0215 Ref C: 2024-04-04T17:35:20Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
c.6sc.co/ 7 B
194 B 58ms
40ms XHR
text/html 2.17.100.193
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.100.193 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-100-193.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 17:35:20 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://www.attackiq.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 20 B
311 B 207ms
41ms XHR
text/html 2a02:26f0:ab00::214:8e70
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ab00::214:8e70 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 9ca5a1cdf97cb07f4a1c6d032fc4fb26ed02c8334f2baa6daf81f70b7fd0dc52

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 04 Apr 2024 17:35:20 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.attackiq.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2a01:4a0:1338:92::10
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712252120651_34901612_543990993_24_713_39_104_219";dur=1
content-length: 20
expires: Thu, 04 Apr 2024 17:35:20 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
483 B 249ms
232ms Image
image/gif 2.17.100.193
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=fa8937fd4032c8e3c2a2ce1d4dadc7af&svisitor=null&visitor=83bf566d-9a18-4a7b-8e99-2e1e06ce5bb9&session=b23c7a6c-1298-4bfb-85cc-ebdafa4dd0cb&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Thu%2C%2004%20Apr%202024%2017%3A35%3A20%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22Delve%20into%20MagicRAT%27s%20emergence%2C%20Lazarus%20Group%27s%20tactics%20shift%20to%20TigerRAT.%20Safeguard%20strategies%20with%20AttackIQ%20Flex%20for%20robust%20cyber%20defense.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Confronting%20Lazarus%20Group%20-%20MagicRAT%20and%20TigerRAT%20Campaign%20-%20AttackIQ%22%7D&cb=&r=https%3A%2F%2Fgo2.attackiq.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.attackiq.com%2F2024%2F04%2F04%2Fcyber-sorcery%2F%3Fmkt_tok%3DMDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK&pageViewId=f673ea6d-ec01-49e9-8f1c-ed9ef14281ba&v=1.1.15

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.193 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-193.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 17:35:20 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 245ms
231ms Image
image/gif 2.17.100.193
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=fa8937fd4032c8e3c2a2ce1d4dadc7af&svisitor=null&visitor=83bf566d-9a18-4a7b-8e99-2e1e06ce5bb9&session=b23c7a6c-1298-4bfb-85cc-ebdafa4dd0cb&event=ni%3AasyncSettingsAudit&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2004%20Apr%202024%2017%3A35%3A20%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%22fa8937fd4032c8e3c2a2ce1d4dadc7af%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2004%20Apr%202024%2017%3A35%3A20%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEndpoint%5C%22%2C%5C%22value%5C%22%3A%5C%22b.6sc.co%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2004%20Apr%202024%2017%3A35%3A20%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22Delve%20into%20MagicRAT%27s%20emergence%2C%20Lazarus%20Group%27s%20tactics%20shift%20to%20TigerRAT.%20Safeguard%20strategies%20with%20AttackIQ%20Flex%20for%20robust%20cyber%20defense.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Confronting%20Lazarus%20Group%20-%20MagicRAT%20and%20TigerRAT%20Campaign%20-%20AttackIQ%22%7D&cb=&r=https%3A%2F%2Fgo2.attackiq.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.attackiq.com%2F2024%2F04%2F04%2Fcyber-sorcery%2F%3Fmkt_tok%3DMDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK&pageViewId=f673ea6d-ec01-49e9-8f1c-ed9ef14281ba&v=1.1.15

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.193 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-193.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 17:35:20 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 modules.4bbac2bdc7f1b66d3009.js Show response
script.hotjar.com/ 221 KB
55 KB 198ms
45ms Script
application/javascript 18.65.39.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.4bbac2bdc7f1b66d3009.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3147235.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.39.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-39-5.ams1.r.cloudfront.net

Software

Resource Hash

261e44bd5998183c1bde239149a4be112fd5afd76c1efb12da82f24cf20561d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 12:55:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 00f66bc6263192200d1a0cdb83e969f8.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
age: 189614
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55706
last-modified: Tue, 02 Apr 2024 12:54:16 GMT
etag: "d8eecaf9ad4fc4bf64b1230f03df9166"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: U1RkTfSED0NEQ4lXlADZPX4I6eUSfCRoZH7mHR6t6fQt8f1JHcZH9A==

POST
H/1.1 200
OK visitWebPage
041-fsq-281.mktoresp.com/webevents/ 2 B
318 B 636ms
166ms Ping
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://041-fsq-281.mktoresp.com/webevents/visitWebPage?_mchNc=1712252120587&_mchCn=&_mchId=041-FSQ-281&_mchTk=_mch-attackiq.com-1712252120587-54571&mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK&_mchHo=www.attackiq.com&_mchPo=&_mchRu=%2F2024%2F04%2F04%2Fcyber-sorcery%2F&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=https%3A%2F%2Fgo2.attackiq.com%2F&_mchQp=mkt_tok%3DMDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/163/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 04 Apr 2024 17:35:21 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 238b625e-d658-4081-bad4-89ff13ef0745

GET
H2 200 YSZ4UUXZGBFNJCKYN2A5BV Show response
d.adroll.com/consent/check/ 482 B
575 B 172ms
57ms Script
application/javascript 2a05:d018:cc3:fe05:fb0f:ae03:e39:849d
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/YSZ4UUXZGBFNJCKYN2A5BV?pv=57969226563.281586&arrfrr=https%3A%2F%2Fwww.attackiq.com%2F2024%2F04%2F04%2Fcyber-sorcery%2F%3Fmkt_tok%3DMDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK&_s=f42ad6fe8cafd2c681a72faf5798205e&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/YSZ4UUXZGBFNJCKYN2A5BV/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe05:fb0f:ae03:e39:849d Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: f3ad47c17d7a3be46f8e0f8a43887410419069238488ed969e72bccb9db86a6b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 17:35:20 GMT
server: nginx/1.22.1
content-length: 482
content-type: application/javascript

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 231ms
231ms Image
image/gif 2.17.100.193
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=fa8937fd4032c8e3c2a2ce1d4dadc7af&svisitor=null&visitor=83bf566d-9a18-4a7b-8e99-2e1e06ce5bb9&session=b23c7a6c-1298-4bfb-85cc-ebdafa4dd0cb&event=ipv6&q=%7B%22address%22%3A%222a01%3A4a0%3A1338%3A92%3A%3A10%22%7D&isIframe=false&m=%7B%22description%22%3A%22Delve%20into%20MagicRAT%27s%20emergence%2C%20Lazarus%20Group%27s%20tactics%20shift%20to%20TigerRAT.%20Safeguard%20strategies%20with%20AttackIQ%20Flex%20for%20robust%20cyber%20defense.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Confronting%20Lazarus%20Group%20-%20MagicRAT%20and%20TigerRAT%20Campaign%20-%20AttackIQ%22%7D&cb=&r=https%3A%2F%2Fgo2.attackiq.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.attackiq.com%2F2024%2F04%2F04%2Fcyber-sorcery%2F%3Fmkt_tok%3DMDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK&pageViewId=f673ea6d-ec01-49e9-8f1c-ed9ef14281ba&v=1.1.15

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.193 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-193.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 17:35:20 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 204 3147235 Show response
vc.hotjar.io/sessions/ 0
232 B 181ms
67ms XHR
text/plain 18.66.112.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/3147235?s=0.25&r=0.11176435325939482
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.4bbac2bdc7f1b66d3009.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-110.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Thu, 04 Apr 2024 17:35:20 GMT
cache-control: no-store
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: OvcuSsBPdmhZhgE7WRUNVTdTGIr1fTGHPElaZR__pYykf1wFum7FwQ==
x-cache: Miss from cloudfront

GET
H/1.1 200
OK consent_tcfv2.js Show response
s.adroll.com/j/ 413 KB
83 KB 40ms
40ms Script
text/javascript 2600:9000:2644:9200:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/consent_tcfv2.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/YSZ4UUXZGBFNJCKYN2A5BV/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:9200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3ec093226dbb4c5f2767562378e80a955db377003a72f5ff70cd65040983090f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-Amz-Version-Id: E8Xqd_XzP1xGQPgJ2rRArNdUFnSvN3pa
Content-Encoding: gzip
Via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
Date: Thu, 04 Apr 2024 17:34:30 GMT
Age: 51
X-Amz-Cf-Pop: FRA60-P6
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 08 Feb 2024 21:46:10 GMT
Server: AmazonS3
Etag: W/"e1dc09168683fa834f599c01bb66de29"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: UAPuwVYl5qREqP9NS6yS__mBdbrn24F5-E-Dvq2E_9LPlUSQCyJX3w==

GET
H/1.1 200
OK nextroll-32x32.png
s.adroll.com/i/favicon/ 2 KB
2 KB 40ms
40ms Image
image/png 2600:9000:2644:9200:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.adroll.com/i/favicon/nextroll-32x32.png
Requested by: Host: www.attackiq.com
URL: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:9200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-Amz-Version-Id: eTpwxbAIDHDUN.4tfrROIgU_pzKN9Xh0
Date: Wed, 03 Apr 2024 21:53:35 GMT
Via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
Age: 79886
X-Amz-Cf-Pop: FRA60-P6
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 1615
Last-Modified: Mon, 28 Jun 2021 18:19:21 GMT
Server: AmazonS3
Etag: "403a0a7dcf2d617e7ea852bfb9d11945"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: mN0mYelzhF1_XQ5YGNZA3BvIQfhTHwUJrIPmshBkktlHHl8NXbuBbw==

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
483 B 345ms
345ms Image
image/gif 2.17.100.193
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=fa8937fd4032c8e3c2a2ce1d4dadc7af&svisitor=null&visitor=83bf566d-9a18-4a7b-8e99-2e1e06ce5bb9&session=b23c7a6c-1298-4bfb-85cc-ebdafa4dd0cb&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2004%20Apr%202024%2017%3A35%3A21%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2004%20Apr%202024%2017%3A35%3A20%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%221002%22%7D&isIframe=false&m=%7B%22description%22%3A%22Delve%20into%20MagicRAT%27s%20emergence%2C%20Lazarus%20Group%27s%20tactics%20shift%20to%20TigerRAT.%20Safeguard%20strategies%20with%20AttackIQ%20Flex%20for%20robust%20cyber%20defense.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Confronting%20Lazarus%20Group%20-%20MagicRAT%20and%20TigerRAT%20Campaign%20-%20AttackIQ%22%7D&cb=&r=https%3A%2F%2Fgo2.attackiq.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.attackiq.com%2F2024%2F04%2F04%2Fcyber-sorcery%2F%3Fmkt_tok%3DMDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK&pageViewId=f673ea6d-ec01-49e9-8f1c-ed9ef14281ba&v=1.1.15

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.193 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-193.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 17:35:21 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
197 B 191ms
191ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: *
Referer: https://www.attackiq.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 17:35:21 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 66819BE262D4455EB424354158181A4E Ref B: DUS30EDGE0916 Ref C: 2024-04-04T17:35:21Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
access-control-allow-origin: https://www.attackiq.com
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYVSMN9qxkRGyL89EEF0A==

GET
H/1.1 200
OK messenger
app.qualified.com/w/1/j1bgMw3UdfB6bHr6/ Frame 2ACF 0
0 423ms
143ms Document
text/html 54.197.89.129
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.qualified.com/w/1/j1bgMw3UdfB6bHr6/messenger?uuid=4a776b70-572b-4f36-bd18-9ab19c302102

Requested by

Host: js.qualified.com
URL: https://js.qualified.com/qualified.js?token=j1bgMw3UdfB6bHr6

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.197.89.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-197-89-129.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.attackiq.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Cache-Control: max-age=0, private, must-revalidate
Content-Encoding: gzip
Content-Length: 1687
Content-Security-Policy
Content-Type: text/html; charset=utf-8
Date: Thu, 04 Apr 2024 17:35:22 GMT
Etag: W/"54a6122ae9fba9ebb91128223b5e884b"
Link: <https://assets.qualified.com/packs/css/vendors~widget/sandboxed/messenger-94e6eccc.chunk.css>; rel=preload; as=style; nopush,<https://assets.qualified.com/packs/css/widget/sandboxed/messenger-ea37ea0f.chunk.css>; rel=preload; as=style; nopush
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=63072000; includeSubDomains
Vary: Accept-Encoding
Via: 1.1 spaces-router (devel)
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: 85fcbe73-02a6-5e1f-a3ce-1a288238ee62
X-Runtime: 0.023817
X-Xss-Protection: 1; mode=block

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 261ms
260ms Image
image/gif 2.17.100.193
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=fa8937fd4032c8e3c2a2ce1d4dadc7af&svisitor=null&visitor=83bf566d-9a18-4a7b-8e99-2e1e06ce5bb9&session=b23c7a6c-1298-4bfb-85cc-ebdafa4dd0cb&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2004%20Apr%202024%2017%3A35%3A22%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2004%20Apr%202024%2017%3A35%3A21%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%222002%22%7D&isIframe=false&m=%7B%22description%22%3A%22Delve%20into%20MagicRAT%27s%20emergence%2C%20Lazarus%20Group%27s%20tactics%20shift%20to%20TigerRAT.%20Safeguard%20strategies%20with%20AttackIQ%20Flex%20for%20robust%20cyber%20defense.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Confronting%20Lazarus%20Group%20-%20MagicRAT%20and%20TigerRAT%20Campaign%20-%20AttackIQ%22%7D&cb=&r=https%3A%2F%2Fgo2.attackiq.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.attackiq.com%2F2024%2F04%2F04%2Fcyber-sorcery%2F%3Fmkt_tok%3DMDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK&pageViewId=f673ea6d-ec01-49e9-8f1c-ed9ef14281ba&v=1.1.15

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.193 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-193.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 17:35:22 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H3 200 zi-tag.js Show response
js.zi-scripts.com/ 8 KB
3 KB 243ms
170ms Script
application/javascript 172.64.150.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/zi-tag.js
Requested by: Host: go2.attackiq.com
URL: https://go2.attackiq.com/MDQxLUZTUS0yODEAAAGSSRXQ3r5fzRYgXpHRCtEENNAySQZiaTK7YDEAiu1TPezZ57FsTzcLn0L2_b_FuZqZG5UC3zg=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.150.44 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa8204005ed25e30f3ee56dbad3afa3c011e12636e75decf2b1aaf22a1c326dd

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 17:35:23 GMT
x-amz-version-id: jWuK40m0MUEUayB9sycJH0u7f85X3F2r
via: 1.1 53b78bb37a3b7dde02cd3fe6dc4748ec.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
content-encoding: gzip
x-amz-cf-pop: BAH53-C1
age: 37966
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 19 Mar 2024 07:02:18 GMT
server: cloudflare
etag: W/"2cd903354c7c864dbd543d268219ef1d"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 86f30df84a67aca9-TXL
x-amz-cf-id: NiPRyBGKeUpPqnGpATDq0wlYNmvs07ER3gO5Yd4tPg5nF7OpCplodw==

GET
H2 200 favicon.ico
www.attackiq.com/wp-content/uploads/2020/08/ 17 KB
1 KB 525ms
525ms Other
image/x-icon 2606:4700:10::6816:3d59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.attackiq.com/wp-content/uploads/2020/08/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3d59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3ffdcb1041c61f4aa9fddc86c7f03b6686f5bbff73724343517bd4c002a81da

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 17:35:23 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Fri, 25 Feb 2022 17:57:15 GMT
server: cloudflare
content-encoding: gzip
etag: W/"6219187b-443e"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/x-icon
cache-control: max-age=14400
cf-ray: 86f30df7ea054d52-FRA
x-xss-protection: 1; mode=block

GET
H3 200 getSubscriptions Show response
js.zi-scripts.com/unified/v1/master/ 146 B
517 B 228ms
227ms Fetch
application/json 172.64.150.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Requested by: Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.150.44 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: cc1bb3a1f4a09b43ef70c54c4d20cfe2d8b10a96f8a8c3091d130c69ef3f9c9f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
Authorization: Bearer 0c44cd781a1684520066
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.attackiq.com/
visited_url: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK

Response headers

date: Thu, 04 Apr 2024 17:35:23 GMT
via: 1.1 58c4087ee7253768e2670cf3ebe54ce2.cloudfront.net (CloudFront)
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amz-cf-pop: WAW51-P3
x-powered-by: Express
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
apigw-requestid: VtiyZgyPPHcESeQ=
server: cloudflare
etag: W/"92-Hpan4gDH5B9xCuiWB0pw2ZljOTQ"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cf-ray: 86f30dfd69743551-WAW
x-amz-cf-id: _bJRtTmRA7hZMsG9uWL4XmUOQLr_C-LK2Xm-lqBJfRPi5pDi8kF5GA==

OPTIONS
H3 204 getSubscriptions
js.zi-scripts.com/unified/v1/master/ Frame 0
0 644ms
545ms Preflight 172.64.150.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.150.44 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,visited_url
Access-Control-Request-Method: GET
Origin: https://www.attackiq.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 0
alt-svc: h3=":443"; ma=86400
apigw-requestid: VtiyXhU-PHcEPGw=
cf-cache-status: DYNAMIC
cf-ray: 86f30dfa0b2a3551-WAW
date: Thu, 04 Apr 2024 17:35:23 GMT
server: cloudflare
vary: Access-Control-Request-Headers
via: 1.1 795296520f6c881b9bc43c02feb87e9a.cloudfront.net (CloudFront)
x-amz-cf-id: VXLJWX5ZjF0wKWQbiAruH1w-OinFh74ACfo4mWi3HOY2J3KBME7sOA==
x-amz-cf-pop: WAW51-P3
x-cache: Miss from cloudfront
x-powered-by: Express

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
483 B 245ms
244ms Image
image/gif 2.17.100.193
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=fa8937fd4032c8e3c2a2ce1d4dadc7af&svisitor=null&visitor=83bf566d-9a18-4a7b-8e99-2e1e06ce5bb9&session=b23c7a6c-1298-4bfb-85cc-ebdafa4dd0cb&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2004%20Apr%202024%2017%3A35%3A23%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2004%20Apr%202024%2017%3A35%3A22%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%223003%22%7D&isIframe=false&m=%7B%22description%22%3A%22Delve%20into%20MagicRAT%27s%20emergence%2C%20Lazarus%20Group%27s%20tactics%20shift%20to%20TigerRAT.%20Safeguard%20strategies%20with%20AttackIQ%20Flex%20for%20robust%20cyber%20defense.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Confronting%20Lazarus%20Group%20-%20MagicRAT%20and%20TigerRAT%20Campaign%20-%20AttackIQ%22%7D&cb=&r=https%3A%2F%2Fgo2.attackiq.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.attackiq.com%2F2024%2F04%2F04%2Fcyber-sorcery%2F%3Fmkt_tok%3DMDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK&pageViewId=f673ea6d-ec01-49e9-8f1c-ed9ef14281ba&v=1.1.15

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.193 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-193.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 17:35:23 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H3 200 / Show response
ws.zoominfo.com/pixel/65c51ac72a1e88c4e25ffd47/ 3 KB
2 KB 456ms
359ms Fetch
text/javascript 104.16.136.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/65c51ac72a1e88c4e25ffd47/?iszitag=true

Requested by

Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.136.15 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

269df81f8fec8a141abe805ac30a96f27decec54af596345a6b0bced9d348a7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/javascript
visited-url: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK
Referer: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK
_vtok: ODAuMjU1LjcuMTAy
_zitok: 1b52559bf5d10abc28891712252123
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 17:35:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://www.attackiq.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
alt-svc: h3=":443"; ma=86400
cf-ray: 86f30e01bef334ee-WAW

OPTIONS
H3 200 /
ws.zoominfo.com/pixel/65c51ac72a1e88c4e25ffd47/ Frame 0
0 357ms
244ms Preflight
text/html 104.16.136.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/65c51ac72a1e88c4e25ffd47/?iszitag=true

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.136.15 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: _vtok,_zitok,content-type,visited-url
Access-Control-Request-Method: GET
Origin: https://www.attackiq.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
access-control-allow-origin: https://www.attackiq.com
allow: GET,HEAD
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 86f30dff9bd934f8-WAW
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 04 Apr 2024 17:35:24 GMT
server: cloudflare
via: 1.1 google
x-content-type-options: nosniff
x-powered-by: Express
x-robots-tag: noindex, nofollow

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 232ms
232ms Image
image/gif 2.17.100.193
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=fa8937fd4032c8e3c2a2ce1d4dadc7af&svisitor=null&visitor=83bf566d-9a18-4a7b-8e99-2e1e06ce5bb9&session=b23c7a6c-1298-4bfb-85cc-ebdafa4dd0cb&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2004%20Apr%202024%2017%3A35%3A24%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2004%20Apr%202024%2017%3A35%3A23%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%224004%22%7D&isIframe=false&m=%7B%22description%22%3A%22Delve%20into%20MagicRAT%27s%20emergence%2C%20Lazarus%20Group%27s%20tactics%20shift%20to%20TigerRAT.%20Safeguard%20strategies%20with%20AttackIQ%20Flex%20for%20robust%20cyber%20defense.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Confronting%20Lazarus%20Group%20-%20MagicRAT%20and%20TigerRAT%20Campaign%20-%20AttackIQ%22%7D&cb=&r=https%3A%2F%2Fgo2.attackiq.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.attackiq.com%2F2024%2F04%2F04%2Fcyber-sorcery%2F%3Fmkt_tok%3DMDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK&pageViewId=f673ea6d-ec01-49e9-8f1c-ed9ef14281ba&v=1.1.15

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.193 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-193.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.attackiq.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 17:35:24 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.go2.attackiq.com/	1970-01-20 19:37:33	Name: __cf_bm Value: IPnJ0IOtnBlrlPaII.V4FEtJCFZz6lyUlGxF7i09vVk-1712252118-1.0.1.1-DMYEQVN5vC7_5geyU9qtsUpR9lusBODx2goyhoLVRz.pgO9Vxy_EkaIiybsVH6mW86fSTZkLu_F7ubl9xuiEUQ
.app-ab33.marketo.com/	1970-01-20 19:37:33	Name: __cf_bm Value: BUd9DlRfPjMa7QjrsDJa6U00JfwWIQgCg1sFw.dH_ck-1712252120-1.0.1.1-IEaMis.m6CMdjQEoIJX.XQwVrvAbY0bCpYTBUTryn5MoAyuHiwvsZMP_eBePSPQ36M2TBBBTI7CfN.aWy32_zg
.attackiq.com/	1970-01-20 21:47:08	Name: _gcl_au Value: 1.1.191658050.1712252120
.attackiq.com/	1970-01-21 05:13:32	Name: _ga_F05SB1HBT8 Value: GS1.1.1712252120.1.0.1712252120.0.0.0
.attackiq.com/	1970-01-21 05:13:32	Name: _ga Value: GA1.1.986059712.1712252120
.attackiq.com/	1970-01-21 05:13:32	Name: _ga_8NYXCHZ3PM Value: GS1.1.1712252120.1.0.1712252120.60.0.0
.attackiq.com/	1970-01-21 04:23:08	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Thu+Apr+04+2024+19%3A35%3A20+GMT%2B0200+(Central+European+Summer+Time)&version=6.16.0&hosts=&landingPath=https%3A%2F%2Fwww.attackiq.com%2F2024%2F04%2F04%2Fcyber-sorcery%2F%3Fmkt_tok%3DMDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0
.attackiq.com/	1970-01-20 19:38:58	Name: _uetsid Value: b59fab60f2a911eeb2a287946ca43471
.attackiq.com/	1970-01-21 04:59:08	Name: _uetvid Value: b59fbd60f2a911ee91c4d7bb86ab516b
www.attackiq.com/	1970-01-21 05:13:32	Name: _gd_visitor Value: 83bf566d-9a18-4a7b-8e99-2e1e06ce5bb9
www.attackiq.com/	1970-01-20 19:37:46	Name: _gd_session Value: b23c7a6c-1298-4bfb-85cc-ebdafa4dd0cb
.attackiq.com/	1970-01-21 05:13:32	Name: _mkto_trk Value: id:041-FSQ-281&token:_mch-attackiq.com-1712252120587-54571
.bing.com/	1970-01-21 04:59:08	Name: MUID Value: 150D0618B085657D1B94124FB10E648B
.t.co/	1970-01-21 05:13:32	Name: muc_ads Value: 55aba0b7-9c92-4a86-92ae-f07c45308ac8
.attackiq.com/	1970-01-21 04:23:08	Name: _hjSessionUser_3147235 Value: eyJpZCI6IjVhOTQ5ZTE1LTg3ZjUtNTczNS1hNWFmLTg5NzI1ZmUwYjNhYiIsImNyZWF0ZWQiOjE3MTIyNTIxMjA4NDUsImV4aXN0aW5nIjpmYWxzZX0=
.attackiq.com/	1970-01-20 19:37:33	Name: _hjSession_3147235 Value: eyJpZCI6IjliMzY1N2I3LTg3OTctNGJiZS04ZTUxLWFhYmNiZjg4Mjg3MiIsImMiOjE3MTIyNTIxMjA4NDUsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=
.linkedin.com/	1970-01-20 21:47:08	Name: li_sugr Value: 77517085-3624-4bf8-802f-0abda0af0225
.linkedin.com/	1970-01-21 04:23:08	Name: bcookie Value: "v=2&94031bc7-1139-40e3-8ed2-a734806592a0"
.linkedin.com/	1970-01-20 19:38:58	Name: lidc Value: "b=TGST00:s=T:r=T:a=T:p=T:g=3360:u=1:x=1:i=1712252120:t=1712338520:v=2:sig=AQFJLcjekK2xS6c_bv5jYg-rPxm9Zo8I"
.twitter.com/	1970-01-21 05:13:32	Name: personalization_id Value: "v1_7BH7/AUiAJuYkZC4Q8QLPw=="
.6sc.co/	1970-01-21 05:13:32	Name: 6suuid Value: bd6411022ea90000d8e40e66e203000017e26c00
.linkedin.com/	1970-01-20 20:20:44	Name: UserMatchHistory Value: AQLo9hxeWLSlYAAAAY6qLe_A13lCjVXthaWHGQdNk8NHYEjqOqCJXAQslDWgUwdMD-qvGn7VStunRQ
.linkedin.com/	1970-01-20 20:20:44	Name: AnalyticsSyncHistory Value: AQKPbMFaG60GhQAAAY6qLe_AxvOJXZ6ZmKGr7_MgotYknfEFVY7baDj57ILoHuISv3lzQgylUiUTyelLsmV6pw
.attackiq.com/	1970-01-21 05:13:32	Name: __q_state_j1bgMw3UdfB6bHr6 Value: eyJ1dWlkIjoiNGE3NzZiNzAtNTcyYi00ZjM2LWJkMTgtOWFiMTljMzAyMTAyIiwiY29va2llRG9tYWluIjoiYXR0YWNraXEuY29tIn0=
.www.linkedin.com/	1970-01-21 04:23:08	Name: bscookie Value: "v=1&20240404173521e42e8891-e5b6-4ed0-8072-6593c60d59dcAQEbZrRguNQ7agnewNWJuq_bvmRy18SB"
.linkedin.com/	1970-01-20 23:56:44	Name: li_gc Value: MTswOzE3MTIyNTIxMjE7MjswMjGpAXEwYyolooL8IAUj/KBJWSDXBiaaTJKliRUcmarAZA==
.www.attackiq.com/	1970-01-21 04:23:08	Name: _zitok Value: 1b52559bf5d10abc28891712252123
.zoominfo.com/	1970-01-20 19:37:33	Name: __cf_bm Value: UFwrl__xKHBJ3tXvMY8DMZX7n2F.UpBjsq43H0WlKnA-1712252124-1.0.1.1-DE7qFNyLDLjhIdJHTw15GRNy1jk1CytFxZE9NTxNkjTCLtGUSOfxTaM_VC81qR7PV2LxWMHGYACt3V1pd91hXg
.zoominfo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: Uzpzcrpr0_yAEKhROq03to4N5DijHqekqZ71k9bHJiA-1712252124745-0.0.1.1-604800000

58 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.attackiq.com/2024/04/04/cyber-sorcery/?mkt_tok=MDQxLUZTUS0yODEAAAGSSRXQ3r5w1eagBc9AkMKbWDLfiOcnsBhzDUd-k8PA7tsiZic6TnKLnb4vK6ltcDqP4k582-kZtdhav_Dv99DXgE3nAKgOWZq24GrHAjufFdrK Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; img-src 'self';script-src 'self' 'sha256-JaSEUr6En+56rKy14O42CaVw1yxw2p39pKK3aGIe1a8=';object-src 'none';form-action 'none';frame-src 'none';style-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

041-fsq-281.mktoresp.com
analytics.twitter.com
app-ab33.marketo.com
app.qualified.com
b.6sc.co
bat.bing.com
c.6sc.co
cdn.cookielaw.org
d.adroll.com
geolocation.onetrust.com
go2.attackiq.com
in.ml314.com
ipv6.6sc.co
j.6sc.co
js.qualified.com
js.zi-scripts.com
ml314.com
munchkin.marketo.net
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
region1.google-analytics.com
s.adroll.com
script.hotjar.com
snap.licdn.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
t.co
use.fontawesome.com
vc.hotjar.io
ws.zoominfo.com
www.attackiq.com
www.google.de
www.googletagmanager.com
www.linkedin.com
104.16.136.15
104.16.96.80
104.17.70.206
104.244.42.197
104.244.42.67
13.107.42.14
142.250.185.195
146.75.120.157
172.64.150.44
18.65.39.5
18.66.112.110
192.28.144.124
2.17.100.193
2001:4860:4802:32::36
2600:9000:2644:9200:6:9280:1080:93a1
2606:4700:10::6816:3d59
2606:4700:4400::6812:2089
2606:4700::6812:1105
2606:4700::6813:b234
2606:4700:e6::ac40:ce26
2620:1ec:21::14
2620:1ec:c11::237
2a00:1450:4001:81d::2008
2a00:1450:400c:c00::9a
2a02:26f0:3500:16::215:1496
2a02:26f0:ab00::214:8e70
2a05:d018:cc3:fe05:fb0f:ae03:e39:849d
34.117.77.79
54.197.89.129
54.204.151.223
65.9.95.86
88.221.60.75
00501810e93307a8882a74d864e7547fd1458deea539361dc1124ac133799a4b
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
04240b2b6bc4f1f36112526e875ecc87928099a67d6aa207686acdeaa6c0160a
044efea78208376302aad3808aaabdf3c2f7bdd80ba9d55c9e0e4d3baa7a3908
1b318512e85f8688d00eda7eea75c6fb5d29572c787158b01477d1191d06a33a
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
261e44bd5998183c1bde239149a4be112fd5afd76c1efb12da82f24cf20561d4
269df81f8fec8a141abe805ac30a96f27decec54af596345a6b0bced9d348a7c
28d189dcfd3463ad3789aeb8d6e773cfc667dc0066e2e84ae8089316753a38ab
3373ad7158f2e4cb43fa622e592f0d11b9d5d0a22295a0137c2541f350e5c1b4
353bcd41d11cc5a2bcb6763c269e41ac785c06ace29ac10053bb7c0fa3bf1ecf
3668f6d335416599574fb1f336cbd2b9bb2f8fcff63e63a9ca3b68df4d0c6165
3bedfc6a1eccd45281b8c1a4b66af947f9944b7e750566c2268a4eb927ee2cdb
3ec093226dbb4c5f2767562378e80a955db377003a72f5ff70cd65040983090f
417d9da66e84c787fa30e6c0880fe5b92a9828c75137241bdd24ce7ae80d6fce
4acc3f32c5ef71ec50c2e0b2fb02e87a1a2b250cf3bde73b4bea6113ea5c6e55
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
4f3a8e65ec78b77eb0ffa8a7cb3a18c4e0ef2f677e5dd1ec7deaaeadeacac473
4f44d67364ebba36026eb28740a2ca33de8495283999dae389727cc7b278c4a9
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4
52350d4cec6f6079a23d7da90051f81fbc32579529501285e1f1f168fa7a8e11
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1
62bde4b2f163626889823026325930c7b964fb7cb8de75ede811be615755796f
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23
73881513a7e7f8944a311bea8e80e9fad946e256ae74d62b5c8d469dc6df0186
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
852197e69ceafadf743bd95bb82185de3f30776a9489d6384b6064fdbfef8615
85a881fba590ac097d83e7d5397c82c99d9538ac482af8f10a3e5886393cfc85
8c0d1ddb17510639cc14e2f251206d5c8984d85e23b8e7dc13438c81bf5ce985
8c1781ec4483c6fb3bd9ad005d312800eaf24e232c12976624bff84f8ab908b3
8c90d3c0b0e49b95857fbd4a60728451deb97ac4079be355467deac9ee7de4a4
92352075ba806940563a09017ef43fd055a33d3f7f644b46dcf23a0d30a9190b
92e4588c227a58321a728574129e52ec244df30b90fc9a64a30ee65410104c41
9a082145419e862c11e82c8d58fdae1f5bb02c3175d93ce884793ac869994515
9ca5a1cdf97cb07f4a1c6d032fc4fb26ed02c8334f2baa6daf81f70b7fd0dc52
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acb1007ab807eca533e1ee9349c8033b396f060a590b5d7e4853153d4dfd8abe
adce214f0b737c2ec285a8c2b86dc742e75c6d2823140b6b8f5f2f3377141e6f
b37a916a276b027318bf140c6f9663815a24b5833cabcb5511ad49b93c0d396a
b9649e0e9e5790f8d6b5e69aa4ff9969e8f7d72a84f8501ff9379078005124d8
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355
bf5b38d994a0ed1b52c7d8214199cecfda706157fe1d189935a4f2e8d808f203
c21a498c92235bcdedf2edfd6cd2f609b243d89ee25d9799ab0d0a149e3f6507
c613bd0434cd5a0f6d1db345a5b36c8bdc6339e96ffde9695340aa1094399f43
c8c99344c9261f59655a467199807b96ebddfbbb83344c897a4a73468b97e41d
ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cc1bb3a1f4a09b43ef70c54c4d20cfe2d8b10a96f8a8c3091d130c69ef3f9c9f
d00f5f568802135cf1b7b320d33a89c3ec5496bbf82a47e19034c6d42a17d1e1
d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7
d662cd17c4edabe4a6605e477e1c6c81a0e9eae4a844f02a441c7deb665f3829
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
db5ffd916dbeb4938cc236cb3a42e73a56987f28c5deb9f3beccbe2c4af19307
dc64d7192f84497cacad5c10aef682562c24aa6124270f85fe247e223607f3ed
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd25436a214b803b3f67f8f6598bfc58007bcf8b641d102c5af4cfff8e2b961a
ddbda21655c0c2cb09913a9e33d856a8b8f3e1eae610cdbda8524def2dc71f7d
e03d7f42f725dc803e375cd5ff750aae2a78ee42055b4eef706bad0ce0c393ac
e10e929719515410cc61bca2e272e73772ee894d0d8b1deb3b0513ff6e05fbce
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ffdcb1041c61f4aa9fddc86c7f03b6686f5bbff73724343517bd4c002a81da
e6d7d5a6953659e28738fb9908ebd2161bb9013afc50e0bb292af091184848a7
eb1fa7363d6e4772f7c49d67f031d68f209e66de6c3c05aade6fdc57a02505c1
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f18c486a80175cf02fee0e05c2b4acd86c04cdbaecec61c1ef91f920509b5efe
f3ad47c17d7a3be46f8e0f8a43887410419069238488ed969e72bccb9db86a6b
fa8204005ed25e30f3ee56dbad3afa3c011e12636e75decf2b1aaf22a1c326dd
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a
ffd5f7087e0c2de523e020e87a885250d36cdc944ba494f1b0f410e2b05bdc73

www.attackiq.com Open in urlscan Pro 2606:4700:10::6816:3d59 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

87 Requests

99 %HTTPS

44 %IPv6

26 Domains

36 Subdomains

33 IPs

5 Countries

1877 kBTransfer

5671 kBSize

29 Cookies

9 Outgoing links

Page URL History

Redirected requests

87 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.attackiq.com Open in urlscan Pro
2606:4700:10::6816:3d59 Public Scan

Screenshot
Live screenshot

Full Image

87
Requests

99 %
HTTPS

44 %
IPv6

26
Domains

36
Subdomains

33
IPs

5
Countries

1877 kB
Transfer

5671 kB
Size

29
Cookies

87 HTTP transactions
3 data transactions