securityintelligence.com Open in urlscan Pro
2606:4700:3033::ac43:86d6  Public Scan

Submitted URL: http://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Effective URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Submission: On November 06 via api from DE — Scanned from DE

Summary

This website contacted 12 IPs in 2 countries across 12 domains to perform 346 HTTP transactions. The main IP is 2606:4700:3033::ac43:86d6, located in United States and belongs to CLOUDFLARENET, US. The main domain is securityintelligence.com. The Cisco Umbrella rank of the primary domain is 539134.
TLS certificate: Issued by E1 on October 5th 2023. Valid for: 3 months.
This is the only time securityintelligence.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
266 s81c.com
1.www.s81c.com — Cisco Umbrella Rank: 37114
2 MB
33 securityintelligence.com
securityintelligence.com — Cisco Umbrella Rank: 539134
780 KB
14 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 406
222 KB
9 gstatic.com
fonts.gstatic.com
177 KB
6 trustarc.com
consent.trustarc.com — Cisco Umbrella Rank: 3316
43 KB
5 welcomesoftware.com
images-cdn.welcomesoftware.com — Cisco Umbrella Rank: 307353
2 MB
4 unpkg.com
unpkg.com — Cisco Umbrella Rank: 903
46 KB
3 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 1253
94 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
3 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
1 ibm.com
www-api.ibm.com — Cisco Umbrella Rank: 57748
2 KB
1 newscred.com
analytics.newscred.com — Cisco Umbrella Rank: 72223
8 KB
346 12
Domain Requested by
266 1.www.s81c.com securityintelligence.com
33 securityintelligence.com 1 redirects securityintelligence.com
14 cdn.ampproject.org securityintelligence.com
cdn.ampproject.org
9 fonts.gstatic.com fonts.googleapis.com
6 consent.trustarc.com tags.tiqcdn.com
consent.trustarc.com
5 images-cdn.welcomesoftware.com securityintelligence.com
4 unpkg.com 2 redirects securityintelligence.com
3 tags.tiqcdn.com 1.www.s81c.com
tags.tiqcdn.com
3 fonts.googleapis.com securityintelligence.com
2 www.google-analytics.com analytics.newscred.com
www.google-analytics.com
1 www-api.ibm.com 1.www.s81c.com
1 analytics.newscred.com securityintelligence.com
346 12
Subject Issuer Validity Valid
securityintelligence.com
E1
2023-10-05 -
2024-01-03
3 months crt.sh
misc-sni.google.com
GTS CA 1C3
2023-10-16 -
2024-01-08
3 months crt.sh
www.ibm.com
GeoTrust RSA CA 2018
2023-07-20 -
2024-07-19
a year crt.sh
*.welcomesoftware.com
Amazon RSA 2048 M02
2023-01-24 -
2024-02-22
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-10-16 -
2024-01-08
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-10-16 -
2024-01-08
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-10-16 -
2024-01-08
3 months crt.sh
tags.tiqcdn.com
Amazon RSA 2048 M01
2023-04-18 -
2024-05-17
a year crt.sh
*.trustarc.com
Amazon RSA 2048 M02
2023-04-17 -
2024-05-14
a year crt.sh

This page contains 2 frames:

Primary Page: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Frame ID: 253C3486B878BD6B7321209186A851BF
Requests: 365 HTTP requests in this frame

Frame: https://consent.trustarc.com/get?name=crossdomain.html&domain=ibm.com
Frame ID: 2C7EA76BEC6D142ED9107CD0A9551A8A
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Hive0051’s large scale malicious operations enabled by synchronized multi-channel DNS fluxingsi-icon-eightbarfeature

Page URL History Show full URLs

  1. http://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/ HTTP 301
    https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js

Overall confidence: 100%
Detected patterns
  • consent\.trustarc\.com

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

346
Requests

99 %
HTTPS

82 %
IPv6

12
Domains

12
Subdomains

12
IPs

2
Countries

5003 kB
Transfer

17335 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/ HTTP 301
    https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://unpkg.com/swiper/swiper-bundle.min.js HTTP 302
  • https://unpkg.com/swiper@11.0.3/swiper-bundle.min.js
Request Chain 27
  • https://unpkg.com/swiper/swiper-bundle.min.css HTTP 302
  • https://unpkg.com/swiper@11.0.3/swiper-bundle.min.css

346 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Redirect Chain
  • http://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
  • https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
205 KB
42 KB
Document
General
Full URL
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.5.0
Resource Hash
618ebe62abd4e143384d9e917238cfad242be40e90290a4aa9f8e7f8b0c1e93d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
42
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=1800, must-revalidate, proxy-revalidate
cf-cache-status
HIT
cf-ray
821ce4cbb8ca5d7b-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 06 Nov 2023 11:11:05 GMT
expires
Mon, 06 Nov 2023 11:11:23 GMT
last-modified
Mon, 06 Nov 2023 11:10:23 GMT
link
<https://securityintelligence.com/wp-json/>; rel="https://api.w.org/", <https://securityintelligence.com/wp-json/wp/v2/xforce/446595>; rel="alternate"; type="application/json", <https://securityintelligence.com/?p=446595>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
public
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zmVyEjH4mrzIyaRLNDBKFoEaJoJYmzalUGWxh3d3E7%2BPfutaMsCjsIhg67rI7HZWXs%2FSdBa9jSMoih03WyVgCXEeHuySKDuvPE3ZRUiygODKnMlpZMJvx7xkdAvNWmX%2F1aKwY91HCXkeOMxiOIbxrnHA3KORtgs%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
W3 Total Cache/2.5.0

Redirect headers

CF-RAY
821ce4ca7b8e9034-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Mon, 06 Nov 2023 11:11:05 GMT
Expires
Mon, 06 Nov 2023 12:11:05 GMT
Location
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GE2tJN3W9sr7%2Fg4cHalpleRfx9EmoSgf%2Fv83MbJv%2Fh5cfbBMC22XgrsR6%2FiaUtHX2vDfgzHTCTKcuIYMDdk4M8ppTh7I8UKYzmi63xmescka6PqcSikBzfikHz1svMVCrlGCkP%2FYuQCNUPmM%2FecD9IjObeKcVfs%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
v0.js
cdn.ampproject.org/
278 KB
72 KB
Script
General
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d814714dfdb518b0e13c82074c7ba39581f53169afcc1424f88e25927f020adb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 06 Nov 2023 11:11:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73131
x-xss-protection
0
server
sffe
etag
"8cd1ce497f4c5169"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 06 Nov 2023 11:11:05 GMT
amp-list-0.1.js
cdn.ampproject.org/v0/
42 KB
14 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-list-0.1.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0407e70a9ae582e473287d2780ae8d1ff8709943112bffa888ea8b540ce1835
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 06 Nov 2023 11:11:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13000
x-xss-protection
0
server
sffe
etag
"469ab2307b5f69e1"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 06 Nov 2023 11:11:05 GMT
amp-mustache-0.2.js
cdn.ampproject.org/v0/
45 KB
15 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-mustache-0.2.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
39dd759ff5c50fb31d083cdeae81b5285589827cb3c879ed9fe8feed7dd08f45
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 06 Nov 2023 11:11:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15372
x-xss-protection
0
server
sffe
etag
"3ed1b2df45f63101"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 06 Nov 2023 11:11:06 GMT
amp-accordion-0.1.js
cdn.ampproject.org/v0/
17 KB
6 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-accordion-0.1.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
df1dbd788a45cdd037755b5119123c0faff5c55c3330c32f4788f8aa9eb05c11
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 06 Nov 2023 11:11:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5821
x-xss-protection
0
server
sffe
etag
"d0683a0c4772aec5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 06 Nov 2023 11:11:06 GMT
amp-animation-0.1.js
cdn.ampproject.org/v0/
82 KB
19 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-animation-0.1.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2d9f5ca4557a48b7b5d671eef2f2880658245985c1b7ea549a0096a2bf5db4ba
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 06 Nov 2023 11:11:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18975
x-xss-protection
0
server
sffe
etag
"20d3dcda130db11e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 06 Nov 2023 11:11:06 GMT
amp-position-observer-0.1.js
cdn.ampproject.org/v0/
10 KB
4 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-position-observer-0.1.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b4a901bc3eb881768a22a736aa344715c8385a2d1315e5d0ab58e65384fccbf5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 06 Nov 2023 11:11:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3686
x-xss-protection
0
server
sffe
etag
"82893c2d55f63d1e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 06 Nov 2023 11:11:06 GMT
amp-bind-0.1.js
cdn.ampproject.org/v0/
50 KB
16 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-bind-0.1.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2976316c10150185f779ba14e4a6851b2724ac1cf43458fb8e92a1fd7b79ad06
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 06 Nov 2023 11:11:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16357
x-xss-protection
0
server
sffe
etag
"42b73c8c1acfd180"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 06 Nov 2023 11:11:06 GMT
amp-autocomplete-0.1.js
cdn.ampproject.org/v0/
29 KB
9 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-autocomplete-0.1.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5362b061983a3dec0baedadae28c6d9e9f66e20ef90ba320d685a8b235f265e7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 06 Nov 2023 11:11:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9422
x-xss-protection
0
server
sffe
etag
"3b61813235d76964"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 06 Nov 2023 11:11:06 GMT
amp-social-share-0.1.js
cdn.ampproject.org/v0/
14 KB
5 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-social-share-0.1.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2f5c46e1d404df5a4c0813d11cbb826a9c17727aacff600308c27f2fd3c892a4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 06 Nov 2023 11:11:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4733
x-xss-protection
0
server
sffe
etag
"ed220d8c0d8aaf6b"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 06 Nov 2023 11:11:06 GMT
card-section-simple.min.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/
315 KB
32 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
2c5a8d602972048c36a43bc7204ccf206c50eb380fc209bf00b98833c26e7c68
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:05 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
8eabbc4b-9a0f-4943-8bba-c4b89fbfa531
content-length
32842
last-modified
Tue, 22 Aug 2023 18:00:57 GMT
server
Cleversafe
etag
"9aed32cd145e102091b7f6e63988d362"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
8eabbc4b-9a0f-4943-8bba-c4b89fbfa531
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:08 GMT
card-section-simple.min.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
315 KB
32 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
fd46dedc29e158f84b8c2359267ca246daede6cfb39d3ece3ffb85da4c809bbf
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:05 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
39f71a57-88ba-43d7-b031-2643453f6874
content-length
32844
last-modified
Tue, 17 Oct 2023 20:37:57 GMT
server
Cleversafe
etag
"708fa38b2ce264d62c2b75f5a33b395f"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
39f71a57-88ba-43d7-b031-2643453f6874
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:08 GMT
card-section-simple.min.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
315 KB
32 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
e8e8684b2782578f2eecf9fe26270f06d27ac30d81f06d30357b16349cfc1472
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:05 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
d45d7c4f-833f-4c15-9671-9a0013b67117
content-length
32844
last-modified
Sat, 04 Nov 2023 23:59:29 GMT
server
Cleversafe
etag
"b22001197ac06d65faa4eab6995da5ed"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
d45d7c4f-833f-4c15-9671-9a0013b67117
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:08 GMT
amp-lightbox-gallery-0.1.js
cdn.ampproject.org/v0/
65 KB
19 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-lightbox-gallery-0.1.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
888b819dd4b26c639512b91ba565307ce311acb713071945293e3fafcab65ae5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 06 Nov 2023 11:11:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19053
x-xss-protection
0
server
sffe
etag
"55a4f01d6f027dd5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 06 Nov 2023 11:11:06 GMT
swiper-bundle.min.js
unpkg.com/swiper@11.0.3/
Redirect Chain
  • https://unpkg.com/swiper/swiper-bundle.min.js
  • https://unpkg.com/swiper@11.0.3/swiper-bundle.min.js
145 KB
41 KB
Script
General
Full URL
https://unpkg.com/swiper@11.0.3/swiper-bundle.min.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdbb17d7117737eacfc3f1ae776596878488229b2e7fc16268e2437b22205935
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:05 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
951075
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HDNT7XC7V55Z6X8J4V7EDB3H-fra
server
cloudflare
etag
W/"242bf-2N0GLOBvTJ/c5Uxc+t+Dm13nlPw"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
821ce4cdcbd41915-FRA

Redirect headers

date
Mon, 06 Nov 2023 11:11:05 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01HEJ574C8JEASZ5VWJGFXSRCN-fra
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
43
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/swiper@11.0.3/swiper-bundle.min.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
821ce4cd3af61915-FRA
amp-video-0.1.js
cdn.ampproject.org/v0/
52 KB
16 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-video-0.1.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5556018e3cc4cbd607b38c07e31e76f591c43f74e4dba26b7be123d55177c6ed
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 06 Nov 2023 11:11:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15916
x-xss-protection
0
server
sffe
etag
"5a188ce2b2097248"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 06 Nov 2023 11:11:06 GMT
amp-youtube-0.1.js
cdn.ampproject.org/v0/
36 KB
11 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-youtube-0.1.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5ca8e25ea762a4009afda41ce81eeb22728dc99d653b204a48a879559a9b2935
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 06 Nov 2023 11:11:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11223
x-xss-protection
0
server
sffe
etag
"441f6efa4498ae21"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 06 Nov 2023 11:11:06 GMT
Cyber-Security-Ransomware-Email-Phishing-Encrypted-Technology-Digital-Information-Protected-Secured.jpeg.webp
securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2023/10/
67 KB
67 KB
Image
General
Full URL
https://securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2023/10/Cyber-Security-Ransomware-Email-Phishing-Encrypted-Technology-Digital-Information-Protected-Secured.jpeg.webp
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.5.0
Resource Hash
22f3f3fe2f2c78ebbb4eb6d0c475235cd022edea6103c2074bdf43c1dd724b79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
319
x-powered-by
W3 Total Cache/2.5.0
alt-svc
h3=":443"; ma=86400
content-length
68104
pragma
public
referrer-policy
same-origin
last-modified
Tue, 24 Oct 2023 11:00:05 GMT
server
cloudflare
etag
"10a08-608743dc09253"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JvNa3KYbjMCxi0m44EpEiqmVGb66vifArIGQ8lDtDjl8UK%2BpBOq%2BTHb5Q3j3ipAz4uiZviSrS7R2Ng9XWsGsfuo0P7mTYNO%2BjFgVAH0Hr0PyO9rWG0sAgBoFFuswyhZXJ2uXK1dFAo6DRqZcCjuZqCBSD07%2Byio%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=1800, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
821ce4d33ae5371c-FRA
ida_stats.js
1.www.s81c.com/common/stats/
262 KB
75 KB
Script
General
Full URL
https://1.www.s81c.com/common/stats/ida_stats.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
047c7672706fb8ff659368066109ec3bc0e5d6d61c8dcb747e0f617a1dc3d5da
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
last-modified
Fri, 27 Oct 2023 12:54:59 GMT
server
AkamaiNetStorage
content-md5
iuC31TN3RAotNfz40O6fMg==
etag
"8ae0b7d53377440a2d35fcf8d0ee9f32:1698411305.287806"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=86063
accept-ranges
bytes
content-length
76087
expires
Tue, 07 Nov 2023 11:05:30 GMT
modules.css
securityintelligence.com/wp-content/themes/sapphire/minifications/
70 KB
10 KB
Stylesheet
General
Full URL
https://securityintelligence.com/wp-content/themes/sapphire/minifications/modules.css?v=1697209864
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.5.0
Resource Hash
f503579f524d5507bc7527819d785431844202756f2aba17ae35ac2306cfdbfc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.5.0
alt-svc
h3=":443"; ma=86400
content-length
9534
pragma
public
referrer-policy
same-origin
last-modified
Fri, 13 Oct 2023 15:11:04 GMT
server
cloudflare
etag
"11708-6079a770e3bc9-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oy4vUsbpzoZkEBXVqpEadS%2FuJzvXPY015bulptlriKrMP4OmOW57%2BB%2FYn9lNaVvJHip2y8708jOizZnrlZR0qr9oS7m80W0A47JciO4oTFbKjHcu5xzjrOOicE7luY%2BDl29vKziaV7azRqQ10ed8Vu2RR5D%2FQmw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
821ce4cc99d75d7b-FRA
style.min.css
securityintelligence.com/wp-includes/css/dist/block-library/
102 KB
14 KB
Stylesheet
General
Full URL
https://securityintelligence.com/wp-includes/css/dist/block-library/style.min.css?ver=6.3.1
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.5.0
Resource Hash
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.5.0
alt-svc
h3=":443"; ma=86400
content-length
13841
pragma
public
referrer-policy
same-origin
last-modified
Mon, 16 Oct 2023 17:29:25 GMT
server
cloudflare
etag
"19824-607d8bf5e5d60-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TgE5FZTzmuGfn7voUI02n7nfckMFyFU99QG5qIZftLkINR7FSmOWXGzKOJXJOCnURNhQQYpOqB5ioaKp98fMB%2BM%2BIg2qTL5AEe6AGzSxMIk0qOBwd9hgJM7f5wgX%2FjThdNp3dC7mJXwzGk2jQgvesifE%2FVGwo3o%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
821ce4cc99da5d7b-FRA
style.css
securityintelligence.com/wp-content/plugins/taxonomy-images/css/
447 B
563 B
Stylesheet
General
Full URL
https://securityintelligence.com/wp-content/plugins/taxonomy-images/css/style.css?ver=0.9.6
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.5.0
Resource Hash
4dd1908c6a8fd56a009de150a0d1b0c6c18a21543ff2f246a7108f385a22500e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.5.0
alt-svc
h3=":443"; ma=86400
content-length
217
pragma
public
referrer-policy
same-origin
last-modified
Wed, 26 Apr 2023 13:09:25 GMT
server
cloudflare
etag
"1bf-5fa3cf30426b4-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KMlFCwaaZ%2BTY%2BSnYAMFPVx5MyRTbRx%2BaMASms3JeuvapfNQ3w%2Fu3riIxvpzxNVh8kCqGR3SsVGyr%2BrQ9Sku8EnrQW1oj9XKqybUzW71IfTABQKuIRCegzSG3iVZdQpjRkDgNZpWdwjttA78JNwgKp8ulbl1XKds%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
821ce4cc99dc5d7b-FRA
jquery.min.js
securityintelligence.com/wp-includes/js/jquery/
85 KB
30 KB
Script
General
Full URL
https://securityintelligence.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.5.0
Resource Hash
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.5.0
alt-svc
h3=":443"; ma=86400
content-length
30343
pragma
public
referrer-policy
same-origin
last-modified
Mon, 16 Oct 2023 17:29:25 GMT
server
cloudflare
etag
"155ba-607d8bf608fe2-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6TF0D5D%2B61VQUUvM%2FqqhpnkaXlyayXstPVMIX%2BXyl8ivA%2BrB%2BZk8MGEuQVRZdAl%2FrP0SmvbXafzV9ZLB7yoYU5DwgIh6tE36nZevwMEhCveSeBw173hDGx40Ul79eFK6GbtptWaCePFwf%2B9NlrIUcm584jhaSoo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
821ce4cc99eb5d7b-FRA
jquery-migrate.min.js
securityintelligence.com/wp-includes/js/jquery/
13 KB
5 KB
Script
General
Full URL
https://securityintelligence.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.5.0
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.5.0
alt-svc
h3=":443"; ma=86400
content-length
4872
pragma
public
referrer-policy
same-origin
last-modified
Mon, 16 Oct 2023 17:29:25 GMT
server
cloudflare
etag
"3509-607d8bf608042-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aomZLTg2DI%2Fw6IDbzoC8svgerCZtpkmOTbV0XYGJeyFaRWiB0tGNTn8v1XlPXTJODBKFfEIyjsgvA9yPHAD0ko2vlA1VblzW5DT%2BSPhu1yNZFz7%2FWEyDOBk92jGuFRYYIyjgIKrLm%2FtGq%2FzwLoPvWsh1moutLXE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
821ce4cc99ec5d7b-FRA
analytics_c7caef17012f48e99285467c1b6d8423.js
analytics.newscred.com/
22 KB
8 KB
Script
General
Full URL
https://analytics.newscred.com/analytics_c7caef17012f48e99285467c1b6d8423.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-73.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
14fe65bf833c23c6f76cc94e7ce59bc0a903b32fafa76a82e54e952a2cfea1d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 15:20:15 GMT
content-encoding
gzip
via
1.1 91220e34cbdd95f669dbfd83e711fee6.cloudfront.net (CloudFront)
last-modified
Thu, 02 Nov 2023 15:16:55 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
71453
x-amz-server-side-encryption
AES256
etag
W/"19cff81b6c26cb66e09f7f8a57053d3a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
YPUNYsAC3wD3s1rRwPTMqx7HZX3zVB37EqxF5ZCQNTVn5UEt7EONEA==
css
fonts.googleapis.com/
10 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=IBM+Plex+Sans:200,300,400,500,600
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8eb93961e3d809ab83af2a4ab681e14891ce63b6bb6a9766108ca6c3b5337db9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 06 Nov 2023 11:11:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 11:06:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 Nov 2023 11:11:05 GMT
css
fonts.googleapis.com/
8 KB
763 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=IBM+Plex+Sans+Condensed:300,400,500,600,700
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b9ea34f1917142e1e4593102fd61b0ee9625c67a9202b971d6c3d1eca19f8c5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 06 Nov 2023 11:11:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 11:11:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 Nov 2023 11:11:05 GMT
css2
fonts.googleapis.com/
2 KB
646 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=IBM+Plex+Serif&display=swap
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f638c06469327f93e5bc86ced0856b2cb42f583334ebcf3ea346fb802a5446c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 06 Nov 2023 11:11:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 11:06:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 Nov 2023 11:11:05 GMT
swiper-bundle.min.css
unpkg.com/swiper@11.0.3/
Redirect Chain
  • https://unpkg.com/swiper/swiper-bundle.min.css
  • https://unpkg.com/swiper@11.0.3/swiper-bundle.min.css
18 KB
5 KB
Stylesheet
General
Full URL
https://unpkg.com/swiper@11.0.3/swiper-bundle.min.css
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72205c164566dd51031ec220319d306bd4606c71182d485e3c5f16a58b09b53d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:05 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
446853
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HE4V3JJRHTK2GS94WAB7AGMS-fra
server
cloudflare
etag
W/"4803-qkLCNAoJALnVbfpJ5+9Lfm8WpAM"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
821ce4cdcbd31915-FRA

Redirect headers

date
Mon, 06 Nov 2023 11:11:05 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01HEJ55KXAA65A7E6D5P3S844Y-fra
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
93
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/swiper@11.0.3/swiper-bundle.min.css
cache-control
public, s-maxage=600, max-age=60
cf-ray
821ce4cd3af21915-FRA
single.css
securityintelligence.com/wp-content/themes/sapphire/minifications/
67 KB
10 KB
Stylesheet
General
Full URL
https://securityintelligence.com/wp-content/themes/sapphire/minifications/single.css?v=1697812249
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.5.0
Resource Hash
7538612bdb078a717b768980a36c62088aa4b97ef4a12db12981c5d9fe67ea95

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.5.0
alt-svc
h3=":443"; ma=86400
content-length
10338
pragma
public
referrer-policy
same-origin
last-modified
Fri, 20 Oct 2023 14:30:49 GMT
server
cloudflare
etag
"10c7e-60826b807cf90-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zuGWjTz9asxhSBxeJPM9gugVU7SOaWMws6vQF0BelfVFEDXziggB0nvsNKkp70M1Gec5784i15perIuqMwZFh80HM9P7tRjpcwGU3TTlgQzO9ZgQ41AyBWYnZJKm69WzXwq7L444hn4PkapQkK2Vc6DGa4dgtL0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
821ce4cc99dd5d7b-FRA
cta-section.min.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/
92 KB
12 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
534a72d8cbdb7e793828deb405bead2f4c57e6e6c8e4bcb70c6c1d5508e09d02
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:05 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
eceb4dcf-6575-4b50-bfd5-bd829dde0ce4
content-length
12454
last-modified
Tue, 18 Apr 2023 01:06:25 GMT
server
Cleversafe
etag
"d08e76a0e2534a2d405ec768aa552d89"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
eceb4dcf-6575-4b50-bfd5-bd829dde0ce4
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:08 GMT
cta-section.min.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
92 KB
13 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
76fcb4bd326a5ebe219ba59bb435e3d8e9ca5111bff9c6575467ed988fae8c1a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:05 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
9215cca9-a480-4431-a5b6-ac2c41ef53bd
content-length
12487
last-modified
Tue, 17 Oct 2023 20:38:01 GMT
server
Cleversafe
etag
"2478d24a6db9c13d3b224688032f7b6c"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
9215cca9-a480-4431-a5b6-ac2c41ef53bd
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:08 GMT
cta-section.min.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
92 KB
13 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
f8609823c25cc4e11a990283485276d5d71dc9077929644fbb6ab41842329432
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:05 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
b88f8a46-6326-4190-87d2-d07f44a7bbe0
content-length
12487
last-modified
Mon, 06 Nov 2023 00:58:09 GMT
server
Cleversafe
etag
"ad63ed5ac8f76c63c6f06970148d8224"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
b88f8a46-6326-4190-87d2-d07f44a7bbe0
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:08 GMT
qppr_frontend_script.min.js
securityintelligence.com/wp-content/plugins/quick-pagepost-redirect-plugin/js/
2 KB
878 B
Script
General
Full URL
https://securityintelligence.com/wp-content/plugins/quick-pagepost-redirect-plugin/js/qppr_frontend_script.min.js?ver=5.2.4
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.5.0
Resource Hash
3fc2845d22c09928ba9dae73f657a21ede05bed89a42efafe1028bcbe4ee499b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.5.0
alt-svc
h3=":443"; ma=86400
content-length
541
pragma
public
referrer-policy
same-origin
last-modified
Wed, 26 Apr 2023 13:09:25 GMT
server
cloudflare
etag
"636-5fa3cf302b783-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SIgwFckae2j4zD6gEF8GwrsmWSjgD6Ftr8sTBM5u9mQA1rXbMQo7bIeHPbql3UKIqA7IaVPNmtEF1aNVT6hwSti%2B3F54cSRA4u20RiVQ8DWAk2M0Yb%2B7%2FSLHV00KGCZ4mWIJgiSbmlkaMpmqWLeSO7cG6rK8HJI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
821ce4cc99ef5d7b-FRA
settings.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/
4 KB
1 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/settings.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
7f2c690cc6175be879d93be0ebfc16fa2e31e09ba7a536fb73b1aa5d0e05f9ba
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
0cb9cb49-79b1-4e9e-94d9-c9b844bd6d81
content-length
1177
last-modified
Tue, 22 Aug 2023 18:01:10 GMT
server
Cleversafe
etag
"d3fbccd277dc823a986d3ed1e386b9c3"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
0cb9cb49-79b1-4e9e-94d9-c9b844bd6d81
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
stable-selector.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/
5 KB
2 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/stable-selector.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
fc9840876318b8c21fa8718b599a2942e6e23c9e302a37274a8b19be6a439864
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
5ba32936-7547-4d6f-839f-a40c332ad943
content-length
1733
last-modified
Tue, 22 Aug 2023 18:01:10 GMT
server
Cleversafe
etag
"652a317ff70442e59bbdefdfa7540f59"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
5ba32936-7547-4d6f-839f-a40c332ad943
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
carbon-element.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/
32 KB
8 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/carbon-element.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
580410bce2b2067d7f22d95475dad5abf008a95ddb3561a2eef756c431e1f35f
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
977d826c-5aa4-4947-ba39-7f1ec6b81f01
content-length
8364
last-modified
Tue, 22 Aug 2023 18:00:56 GMT
server
Cleversafe
etag
"3bf6e8923d8bc96696e178561bda892a"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
977d826c-5aa4-4947-ba39-7f1ec6b81f01
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
content-section.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/
12 KB
4 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/content-section.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
44a14fefb8c37af73e740e0cd2c36051bf2136f4bf9e834e7237c6be19d66c68
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
d41b7267-1411-4910-93a9-9cdb198956f3
content-length
3937
last-modified
Tue, 22 Aug 2023 18:00:59 GMT
server
Cleversafe
etag
"42086f88f346fe90e7038f9e96fc140b"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
d41b7267-1411-4910-93a9-9cdb198956f3
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
card.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/
17 KB
6 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
bbc2a908d267ae71b9d9d50ea105b17c52835c0155ba62a40b4be067f4e71e85
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
d8b51c73-ba80-4d2c-af6a-bec678c5a69e
content-length
5417
last-modified
Tue, 22 Aug 2023 18:00:57 GMT
server
Cleversafe
etag
"ed902068ff980b9cb38551ce5bfad4ef"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
d8b51c73-ba80-4d2c-af6a-bec678c5a69e
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
card-eyebrow.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/
11 KB
4 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-eyebrow.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
cb107bfd360d379e6de729ca91b805f47a6e0affe7f814743f998d70264a671e
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
f8a15cc7-1eed-4a2a-8f48-13f9087d5246
content-length
3613
last-modified
Tue, 22 Aug 2023 18:00:56 GMT
server
Cleversafe
etag
"bf47b7a419b399e3b3a5b2f160fb73c0"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
f8a15cc7-1eed-4a2a-8f48-13f9087d5246
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
card-footer.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/
14 KB
5 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-footer.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
c813bcb8b6f45b885a02fa0d03cc9b499ccda7623a3b7392c84c14f18e75c3af
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
a0ba145f-a634-4438-9f0a-26da5e69e859
content-length
4450
last-modified
Tue, 22 Aug 2023 18:00:56 GMT
server
Cleversafe
etag
"e6263c767f10af5d283d6325cb4b89be"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
a0ba145f-a634-4438-9f0a-26da5e69e859
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
card-heading.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/
12 KB
4 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-heading.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
77f5d507b3bd2c7ed625d8291b3f9a91e4ee29839781d09c67cfbe1f0f4dec49
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
8fb4f8ce-3db3-4706-a6d8-bef47316faf8
content-length
3863
last-modified
Tue, 22 Aug 2023 18:00:56 GMT
server
Cleversafe
etag
"4521abc06cfda5b505570e93dc4a63e9"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
8fb4f8ce-3db3-4706-a6d8-bef47316faf8
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
image-logo.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/
11 KB
4 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/image-logo.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
9bb19f369be6814be10d4cf49d4755e5925e49b872341aa8fb4ea1f4ac4b90fd
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
85c4f5fb-57b9-4eeb-9c1c-f9ddbe52321f
content-length
3710
last-modified
Tue, 22 Aug 2023 18:01:01 GMT
server
Cleversafe
etag
"381ffc596c8b23b0760db451f77efa4d"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
85c4f5fb-57b9-4eeb-9c1c-f9ddbe52321f
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
tag-group.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/
45 KB
8 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/tag-group.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
44593cf623a1ee35822978355705c9af11033841970d543c19ee548fef0f750f
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
08128d19-d147-494e-a486-1cee33488708
content-length
8068
last-modified
Tue, 22 Aug 2023 18:01:11 GMT
server
Cleversafe
etag
"b37eff0803eae8cf4741444cdf0de8f0"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
08128d19-d147-494e-a486-1cee33488708
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
tag-link.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/
44 KB
8 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/tag-link.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
bffde2dc0f1de1372fcc64e33a129386adc36be643ed00ffeb188c06521ca2ea
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
439e7da9-ebdc-4aeb-ab6b-9a2aff4882b3
content-length
7936
last-modified
Tue, 22 Aug 2023 18:01:11 GMT
server
Cleversafe
etag
"e80ea1709e8ea511a2dd006136041981"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
439e7da9-ebdc-4aeb-ab6b-9a2aff4882b3
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
card-cta-footer.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/
13 KB
4 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-cta-footer.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
d8c05592597de267189f0f5b92e1cff66ff3131e9d51f56adb2d33663ed76e25
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
d205a62d-3b34-401d-a2b0-6e152e7d9951
content-length
4148
last-modified
Tue, 22 Aug 2023 18:00:56 GMT
server
Cleversafe
etag
"45276c517200d818fec39674419710f7"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
d205a62d-3b34-401d-a2b0-6e152e7d9951
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
card-group-item.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/
329 KB
33 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-group-item.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
bfad53aa5488b166229cc8470e7755b2ca60e6e4fa9e00de64bdbac5b564bb34
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
274fa1ac-0fc2-49d2-b757-31dc68cfa45f
content-length
33313
last-modified
Tue, 22 Aug 2023 18:00:56 GMT
server
Cleversafe
etag
"ed9a5fbf275ab860d6f3ac7a523af877"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
274fa1ac-0fc2-49d2-b757-31dc68cfa45f
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
content-section-heading.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/
12 KB
4 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/content-section-heading.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
c6c4aa2602e3356046f5d00ce1d6b56190e8e985618b8dc2d01e72d58ccb6492
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
f77d0964-eced-4575-bbb8-f937eb90119b
content-length
3853
last-modified
Tue, 22 Aug 2023 18:00:59 GMT
server
Cleversafe
etag
"e8a132a3e89b0396328110c73fb3a35c"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
f77d0964-eced-4575-bbb8-f937eb90119b
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
content-section2.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/
81 KB
9 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/content-section2.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
ecdbd8d21ada7e09e601733e47c6451cc913b439cbea82ad83b93a96d9fa8cf8
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
387af52b-0f70-4e27-a88b-f7294f0bd639
content-length
8977
last-modified
Tue, 22 Aug 2023 18:00:59 GMT
server
Cleversafe
etag
"fe429aa51eb3afde8a3743168509d595"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
387af52b-0f70-4e27-a88b-f7294f0bd639
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
link.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/
12 KB
4 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/link.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
7badf3f8d9de634e94a26ad4e6480afb424ace7b21992ecc724960c026347fe0
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
54838196-6325-4893-ad84-14d8f238e917
content-length
3681
last-modified
Tue, 22 Aug 2023 18:01:03 GMT
server
Cleversafe
etag
"f2cee4bc4a706f2358c14c47aa229807"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
54838196-6325-4893-ad84-14d8f238e917
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
decorate.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/
10 KB
4 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/decorate.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
555a116644043f85e66b58349cc49079be7192f717b8238c0ead571451c492d5
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
002d701a-6dbb-495c-8207-f31d248265b6
content-length
3294
last-modified
Tue, 22 Aug 2023 18:00:59 GMT
server
Cleversafe
etag
"a74fea8aca62aa0330d1a115937af081"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
002d701a-6dbb-495c-8207-f31d248265b6
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
toPropertyKey.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/
4 KB
2 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/toPropertyKey.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
8f5846dedbc1a167297f4ea6714f75ba35da3d4049c707e3105568329b170a3a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
a08d0b1f-4d0d-4430-a2ec-957e19603d25
content-length
1243
last-modified
Tue, 22 Aug 2023 18:01:11 GMT
server
Cleversafe
etag
"083cf563bae617538d77819eee07b00b"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
a08d0b1f-4d0d-4430-a2ec-957e19603d25
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
class-map.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/
5 KB
2 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/class-map.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
879c800760e3d4c1180ae0a041efbeecc1420edfb13513d373e2d6c8327f5f69
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
16a5665d-53f0-410f-abdb-0866c396a078
content-length
1477
last-modified
Tue, 22 Aug 2023 18:00:57 GMT
server
Cleversafe
etag
"2ca0cbd9ea8f310d7e96e2cfb9846b05"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
16a5665d-53f0-410f-abdb-0866c396a078
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
if-non-null.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/
3 KB
1 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/if-non-null.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
4cdd2c5e80b344731d46a78ab0effb8b8802340c5222131514d4d4bc1787bb9b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
7336a893-2a95-48b7-b747-83bd30e4d85d
content-length
1041
last-modified
Tue, 22 Aug 2023 18:01:01 GMT
server
Cleversafe
etag
"489e6ac014746a8e5b4b571131e5a3e3"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
7336a893-2a95-48b7-b747-83bd30e4d85d
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
if-defined.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/
4 KB
1 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/if-defined.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
d7082511522c4df5d87ddcabb64e2696b0b316cd7b208d2e8110089a3dc5f705
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
d9b21211-d038-49a8-a8f5-144c4b8aa7c0
content-length
1149
last-modified
Tue, 22 Aug 2023 18:01:01 GMT
server
Cleversafe
etag
"de8aa82bf0c10fc28e6b3aa62f32e6bd"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
d9b21211-d038-49a8-a8f5-144c4b8aa7c0
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
focus.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/
3 KB
1 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/focus.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
9e5c6ffc03c35b00ba073da7047038391eae135cd65088c7667519aa25af72af
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
56925bb9-5cad-4485-b61b-0aea46564369
content-length
1110
last-modified
Tue, 22 Aug 2023 18:01:00 GMT
server
Cleversafe
etag
"8eccc3dd74ee337db5427232657cac66"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
56925bb9-5cad-4485-b61b-0aea46564369
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
settings3.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/
5 KB
2 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/settings3.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
b64a42cb2d4bb0497aa1bd9f04cbe3aaafdf5e40b62bec89004b1726f0f10b56
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
e75be310-4a7e-4d97-acf3-34264700cecf
content-length
1469
last-modified
Tue, 22 Aug 2023 18:01:10 GMT
server
Cleversafe
etag
"31aa753a5e7774e00cdaac6af4f8872c"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
e75be310-4a7e-4d97-acf3-34264700cecf
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
marked.umd.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/
73 KB
25 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/marked.umd.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
7c4bfbdad82735e58dd96f775aa45d11c965d9967e638e048318fc56df7dd5b0
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
0cc16f84-c374-40e3-87fa-6f9c0db1e6b2
content-length
25666
last-modified
Tue, 22 Aug 2023 18:01:03 GMT
server
Cleversafe
etag
"50c1b3769ed0100d916253dd6cb050c9"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
0cc16f84-c374-40e3-87fa-6f9c0db1e6b2
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
_commonjsHelpers.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/
3 KB
1 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/_commonjsHelpers.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
aa8fb84a43802c369be5cc8ffb33bb3f7099cd6c29d8c998bc49bf12f6f25241
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
102a6167-4d45-418b-bd74-6546f419eaee
content-length
1106
last-modified
Tue, 22 Aug 2023 18:00:53 GMT
server
Cleversafe
etag
"a8ca399241b9972d228f869d39aed40e"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
102a6167-4d45-418b-bd74-6546f419eaee
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
striptags.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/
5 KB
2 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/striptags.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
3a530c73051135e4e846ff802b0ac00681e252200643093bcb1f095a0409cba0
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
da4efa94-8bbb-4869-8208-356eb1f6f068
content-length
1749
last-modified
Tue, 22 Aug 2023 18:01:10 GMT
server
Cleversafe
etag
"da18d94f1b083848510d7227b8164a8c"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
da4efa94-8bbb-4869-8208-356eb1f6f068
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
defs.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/
3 KB
1 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/defs.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
22eecbdf47f752eb7cec9586b3fec89b38704ed2eaab7cdb58a490552c61a437
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
f7f0bcb4-50ab-457b-aaa0-7ade91147f1c
content-length
1078
last-modified
Tue, 22 Aug 2023 18:00:59 GMT
server
Cleversafe
etag
"aa407b9180f3b116c8477a438fdc7449"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
f7f0bcb4-50ab-457b-aaa0-7ade91147f1c
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
card2.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/
204 KB
20 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card2.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
842f46a7d8ca0abc47026e28a709cb6cea557e64daad9eb91a8bff507945c92b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
5f4a17ff-e1a3-438e-a5ad-3ddb87d57a91
content-length
20644
last-modified
Tue, 22 Aug 2023 18:00:57 GMT
server
Cleversafe
etag
"77c8838df2cc637bf8e809268621ec63"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
5f4a17ff-e1a3-438e-a5ad-3ddb87d57a91
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
link-with-icon.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/
136 KB
17 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/link-with-icon.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
1168470362c9e25221d6b6657b18253250baf449c2b6c1f1fe9db13beb2f8c7f
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
e9f4d6f0-e2a3-4665-8144-8625cafb0cf3
content-length
16672
last-modified
Tue, 22 Aug 2023 18:01:03 GMT
server
Cleversafe
etag
"5b4b223a59350cf957d9164982a3c4e7"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
e9f4d6f0-e2a3-4665-8144-8625cafb0cf3
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
image.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/
132 KB
17 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/image.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
3d4168763cc7c89e4251a5b813bc96b2a2a1cfc6b78bd01e93eb0562a2bff69b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
17c49a5f-4720-4a9c-8b97-d77a3f7b0516
content-length
17471
last-modified
Tue, 22 Aug 2023 18:01:01 GMT
server
Cleversafe
etag
"4349163a9fff17a2463f61c4fb201813"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
17c49a5f-4720-4a9c-8b97-d77a3f7b0516
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
host-listener.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/
5 KB
2 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/host-listener.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
75526a1f79a580e2b1452091b385354c2ef225f0d230af14f21e194f13d47c6e
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
8eaa99de-cfdd-4f30-bbd6-09a9239ee057
content-length
2025
last-modified
Tue, 22 Aug 2023 18:01:00 GMT
server
Cleversafe
etag
"b14022000500342a8e1f7234af9d6a9c"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
8eaa99de-cfdd-4f30-bbd6-09a9239ee057
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
expressive-modal-close-button.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/
136 KB
18 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/expressive-modal-close-button.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
4c5eb6a7a557ccd9622cff8e53c9b95f543c97b5411a22b726fc56f078055af9
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
52476b41-82c3-4c70-a547-fc813c39dab4
content-length
17618
last-modified
Tue, 22 Aug 2023 18:00:59 GMT
server
Cleversafe
etag
"1b08c746bf646828928aa573917f66c7"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
52476b41-82c3-4c70-a547-fc813c39dab4
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
modal-close-button.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/
80 KB
9 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/modal-close-button.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
fee248102959ee652ab2c28d934bbce89200a51a5cdc9968ce90f977f6dc1dac
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
54dbf702-4b24-42af-b402-318eb1cb9533
content-length
9144
last-modified
Tue, 22 Aug 2023 18:01:04 GMT
server
Cleversafe
etag
"1606e24cbc7edbbe34729f535f704119"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
54dbf702-4b24-42af-b402-318eb1cb9533
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
202.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/
4 KB
2 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/202.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
24f0af9588d389ba730e1125fd766c1ccaf512d29d325d8cac2813d1e02ecebc
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
6a4ba853-eff3-4e38-abd5-4c81ea32ccbe
content-length
1253
last-modified
Tue, 22 Aug 2023 18:00:55 GMT
server
Cleversafe
etag
"b3b17c62619e4601a8e4d8adebd7991a"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
6a4ba853-eff3-4e38-abd5-4c81ea32ccbe
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
spread.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/
4 KB
2 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/spread.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
d913a95a44c9d6edff5f1b0c6ac6c004cd6ed5fa4e9659f6109ad2377df8db03
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
b0daf5b7-f502-44ce-9895-758aa178fd17
content-length
1269
last-modified
Tue, 22 Aug 2023 18:01:10 GMT
server
Cleversafe
etag
"555758947ac6d7b1171aedf648112fd2"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
b0daf5b7-f502-44ce-9895-758aa178fd17
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
lightbox-image-viewer.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/
134 KB
16 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/lightbox-image-viewer.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
108e3ea336fad8c51dca90cfd82f2dde7603282b773a9fa7b10a68fc5b3a3a30
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
ea3833f5-4b4c-4f23-b7d2-2ca4477d4ae2
content-length
16415
last-modified
Tue, 22 Aug 2023 18:01:02 GMT
server
Cleversafe
etag
"57baf537e1bb4f76559c548e47003101"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
ea3833f5-4b4c-4f23-b7d2-2ca4477d4ae2
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
button.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/
81 KB
11 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/button.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
9c8f633e0bb1e0b5e8b24936fb875ff21e28f5db929bef360731ad0adafd1653
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
a5cdc366-e5e8-47c9-b536-e4b1f3101af7
content-length
11105
last-modified
Tue, 22 Aug 2023 18:00:55 GMT
server
Cleversafe
etag
"d400d3d44ff2972ad55ee32683e4fe97"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
a5cdc366-e5e8-47c9-b536-e4b1f3101af7
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
modal-render.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/
5 KB
2 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/modal-render.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
c8d124da4c83eab62cb6300dab7e1c6365430c42338d3c529760a9c15dcd46f4
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
c67c0ae6-7b3e-491b-9a65-c67bf63d622c
content-length
1656
last-modified
Tue, 22 Aug 2023 18:01:04 GMT
server
Cleversafe
etag
"70c685d52b5bd085efc6841126a55e8d"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
c67c0ae6-7b3e-491b-9a65-c67bf63d622c
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
settings2.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/
3 KB
1 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/settings2.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
c9717bdf1a395d9b36792d842da11dc0f736587439691c013c651ce5acafb3c3
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
27ac8efe-da15-49c4-88f1-d14ed495d0fc
content-length
1026
last-modified
Tue, 22 Aug 2023 18:01:10 GMT
server
Cleversafe
etag
"8ba56e6878e6c536a2eb82f449a89827"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
27ac8efe-da15-49c4-88f1-d14ed495d0fc
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
formatVideoCaption.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/
3 KB
1 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/formatVideoCaption.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
4b23563b01f795fd12489dd66e36f70b33556c517c4a47de7714dfeaed3b14cd
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
9f0c0b47-9776-4b28-8237-820c4deca8d4
content-length
1194
last-modified
Tue, 22 Aug 2023 18:01:00 GMT
server
Cleversafe
etag
"b0a1cd122ab76fda7b8ecea93f986f5a"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
9f0c0b47-9776-4b28-8237-820c4deca8d4
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
video.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/
13 KB
4 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/video.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
d17cb7e33b4982aa013bff4d3b9aca59b461d6bcb75c9d91a12288107c30ebe9
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
381961e2-7dc9-46ae-a2c9-852bf071f5b5
content-length
3607
last-modified
Tue, 22 Aug 2023 18:01:11 GMT
server
Cleversafe
etag
"2ec7088eada2e0c2184c4ec2a7d259cb"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
381961e2-7dc9-46ae-a2c9-852bf071f5b5
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
203.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/
4 KB
2 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/203.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
aec2a44eeea6df3fe0ddd88e4f2dd5b227ef678b89ce754251060fc5160f9ac9
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
883da586-e5ec-4c54-8386-4de40916accf
content-length
1241
last-modified
Tue, 22 Aug 2023 18:00:55 GMT
server
Cleversafe
etag
"be0852761d88408f2bdf8d5c98ab94aa"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
883da586-e5ec-4c54-8386-4de40916accf
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
defs2.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/
4 KB
2 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/defs2.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
3dad2475c26b0269ff5725c68d74308f0f07271473f3a8828516b21d218e9d00
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
07c48668-3a06-4fe5-a1ce-3238ec30fdf0
content-length
1237
last-modified
Tue, 22 Aug 2023 18:00:59 GMT
server
Cleversafe
etag
"2ca4d6cb39daf59d6c08f0449cb15464"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
07c48668-3a06-4fe5-a1ce-3238ec30fdf0
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
KalturaPlayer.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/
8 KB
3 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/KalturaPlayer.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
b427f52a719026de868165a02f2bac2e8292e2b7a749e1f11fe14a71c0aed79d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
53aba630-2b5e-4f02-91d4-5cde348aa0f6
content-length
3201
last-modified
Tue, 22 Aug 2023 18:00:53 GMT
server
Cleversafe
etag
"c99b9d40123dc5b5ef1e0f8a05d7928e"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
53aba630-2b5e-4f02-91d4-5cde348aa0f6
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
index2.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/
12 KB
4 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/index2.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
efbaa31a58e8a666e4a16f95608bf41d683be39bb09d7e75c80d8ce0ce59b235
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
f6217ef4-0e4a-4ff5-8f5f-08b309426aef
content-length
4062
last-modified
Tue, 22 Aug 2023 18:01:01 GMT
server
Cleversafe
etag
"f825824054599d3d2ea2dd51b30a1dec"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
f6217ef4-0e4a-4ff5-8f5f-08b309426aef
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
Analytics.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/
6 KB
2 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/Analytics.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
ea19d09e274ea490bbc49dd96de986b6826b466e9a4024c6e6e066652f151093
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
4c45986c-ccba-4cd4-9f57-d3951fd65afb
content-length
1987
last-modified
Tue, 22 Aug 2023 18:00:52 GMT
server
Cleversafe
etag
"22e00a964cb9ed586942458b9659725a"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
4c45986c-ccba-4cd4-9f57-d3951fd65afb
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
index.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/
3 KB
1 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/index.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
b0fabb6cdca970485d787ab3aa2ad69ec7be6a7e1da3d1e702431ad88f513331
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
77429b22-dc0d-4ec6-ae94-941a2540c013
content-length
1057
last-modified
Tue, 22 Aug 2023 18:01:01 GMT
server
Cleversafe
etag
"83705cfc0ed8a484d677ba6384f7240b"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
77429b22-dc0d-4ec6-ae94-941a2540c013
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
cta.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/
232 KB
23 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/cta.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
819f5f74ac359bce633d6b4f3c10981663492d901065198ca0d2df185a4a855b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
fd367437-4db9-46ef-b759-f88520d1284f
content-length
23505
last-modified
Tue, 22 Aug 2023 18:00:59 GMT
server
Cleversafe
etag
"cb62d7e72913879e7242d049c85d885d"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
fd367437-4db9-46ef-b759-f88520d1284f
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
index4.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/
3 KB
1 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/index4.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
520ce26b6197072574754f35e9234cdedc2ec12924558a291d6140fb39e0a8d3
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
5bcdac5c-711e-471e-81b8-a9ed6fce0b05
content-length
1114
last-modified
Tue, 22 Aug 2023 18:01:01 GMT
server
Cleversafe
etag
"5d7f7ec4d0ec74505102c06e5e053a62"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
5bcdac5c-711e-471e-81b8-a9ed6fce0b05
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
sameHeight.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/
3 KB
1 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/sameHeight.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
f09070396827145f8cb2728f9825de55826781572964ba3394a62c8234cdb06c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
1be28829-1d09-464e-be7c-5896ed081895
content-length
1192
last-modified
Tue, 22 Aug 2023 18:01:10 GMT
server
Cleversafe
etag
"4c7a033123b62ba6c9eae049bae2b0f4"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
1be28829-1d09-464e-be7c-5896ed081895
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
card-cta.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/
23 KB
5 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-cta.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
c8d0dcf01dafd2c20f57fa2400fb0e95051ff11be6d9e75dcf154b9bf1e4da50
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
29d58965-2b7d-44e4-b356-f09b6a378f47
content-length
5049
last-modified
Tue, 22 Aug 2023 18:00:56 GMT
server
Cleversafe
etag
"b1d1ebce361fe116d1008d4d415b6136"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
29d58965-2b7d-44e4-b356-f09b6a378f47
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
play-video.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/
12 KB
5 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/play-video.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
801557f34e0712e2d4d8957a174f30cfc1b06f4a963e41ee46aa123c495ffabe
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
c095645e-2f3c-4e7a-a9a1-b1f47875e013
content-length
4530
last-modified
Tue, 22 Aug 2023 18:01:04 GMT
server
Cleversafe
etag
"444c4e58493f0c91411d644afc692e3f"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
c095645e-2f3c-4e7a-a9a1-b1f47875e013
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
spread2.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/
4 KB
2 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/spread2.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
d913a95a44c9d6edff5f1b0c6ac6c004cd6ed5fa4e9659f6109ad2377df8db03
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
3b3f90bf-9ddd-4800-b06a-9dcd1d194fcf
content-length
1269
last-modified
Tue, 22 Aug 2023 18:01:10 GMT
server
Cleversafe
etag
"555758947ac6d7b1171aedf648112fd2"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
3b3f90bf-9ddd-4800-b06a-9dcd1d194fcf
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
settings.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
4 KB
1 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/settings.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
075c2e54b7c5a6fac205ff9ffcb19000475f58792e16649b159b99a0f5fc2121
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
a441e190-1f17-44dc-8799-683e6b97d431
content-length
1176
last-modified
Tue, 17 Oct 2023 20:38:18 GMT
server
Cleversafe
etag
"be41c2adf88e59d6ecb6066a35167183"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
a441e190-1f17-44dc-8799-683e6b97d431
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
stable-selector.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
5 KB
2 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/stable-selector.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
3278027216d38249989e1cf39be055d632e774f68118d18a5282b8cfdee08b6e
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
773d9568-c94c-4ce4-9b1c-15aab52d35c6
content-length
1732
last-modified
Tue, 17 Oct 2023 20:38:18 GMT
server
Cleversafe
etag
"5eba06c8541af38ad0cbd016fcd2ea8a"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
773d9568-c94c-4ce4-9b1c-15aab52d35c6
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
carbon-element.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
32 KB
8 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/carbon-element.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
546f45981d2584126d3157e7035c54b05115f3fe5b21b79faf6d00a6d9508b50
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
aabd4741-f103-41cf-a55f-61e8a06be97e
content-length
8364
last-modified
Tue, 17 Oct 2023 20:37:56 GMT
server
Cleversafe
etag
"221e07de8bce0ac6649b2749189fd7c1"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
aabd4741-f103-41cf-a55f-61e8a06be97e
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
content-section.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
12 KB
4 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/content-section.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
4daf37c4400eb748090f8ef717a92b6c2ada74d4a27206996c1c001dc2360d72
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
3966bd23-f90b-4bd4-b226-c32012cf166f
content-length
3937
last-modified
Tue, 17 Oct 2023 20:38:00 GMT
server
Cleversafe
etag
"fed4f08a205c658736e5e182edb55256"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
3966bd23-f90b-4bd4-b226-c32012cf166f
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
card.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
17 KB
6 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
d2737b45406ac420fd0d05e0405a842a92dc64102ae9539385c4f5fd19df09d2
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
3b4c83ae-54cb-4149-8892-7d9c1b28034a
content-length
5416
last-modified
Tue, 17 Oct 2023 20:37:57 GMT
server
Cleversafe
etag
"8ad64637db9932b76cfc9b9a90735815"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
3b4c83ae-54cb-4149-8892-7d9c1b28034a
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
card-eyebrow.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
11 KB
4 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-eyebrow.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
a3d562dd7f27076647d2ee17526d676491ef9fe959edd2179d5538265d8e72cf
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
a02d2d7a-d584-43b5-aa6a-99325c57fa07
content-length
3613
last-modified
Tue, 17 Oct 2023 20:37:56 GMT
server
Cleversafe
etag
"3503f24a0a4726f7b25588d48e95f06a"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
a02d2d7a-d584-43b5-aa6a-99325c57fa07
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
card-footer.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
14 KB
5 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-footer.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
f0703ff34ae27d0b01225a8a3cae58e280ec356786151d77536888bca8afafe4
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
88bb7f46-02ab-48b0-9edd-f5754de1f449
content-length
4450
last-modified
Tue, 17 Oct 2023 20:37:56 GMT
server
Cleversafe
etag
"7f00d57de3491800131b5f6d9711391d"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
88bb7f46-02ab-48b0-9edd-f5754de1f449
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
card-heading.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
12 KB
4 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-heading.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
3bdb4d576d4ad410916849e7c7d6e94f2bf3647e0fba1885b47a3b09fb262f1c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
2e938f92-affb-4146-9eb7-29d406152970
content-length
3863
last-modified
Tue, 17 Oct 2023 20:37:57 GMT
server
Cleversafe
etag
"e14e7dbcedb35cebeb3ee4243d80661d"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
2e938f92-affb-4146-9eb7-29d406152970
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
image-logo.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
11 KB
4 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/image-logo.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
b054619e4845729c52a31708e871e23b327a53c26d7cc52309a30d1b858fe44e
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
a5e50ae4-e2b3-4593-ab18-bcb3d27ed991
content-length
3710
last-modified
Tue, 17 Oct 2023 20:38:03 GMT
server
Cleversafe
etag
"c77075d7cbf915b9b4dfd68decea2c6c"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
a5e50ae4-e2b3-4593-ab18-bcb3d27ed991
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
tag-group.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
45 KB
8 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/tag-group.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
d65b089121a7205b05eb696462e9b58048326f236f4e010c6415673f2ac42db3
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
0b68c29e-2b18-4d76-b0db-6d57548f8f77
content-length
8067
last-modified
Tue, 17 Oct 2023 20:38:18 GMT
server
Cleversafe
etag
"3403f29e6e0ea4a7ef2249c69618007c"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
0b68c29e-2b18-4d76-b0db-6d57548f8f77
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
tag-link.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
44 KB
8 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/tag-link.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
c61cb46c0622deb811081ad6416cd92036f89e68e1dce91e471d92e00b0faf08
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
af9251f8-f783-4c15-aecb-53c26a75e656
content-length
7935
last-modified
Tue, 17 Oct 2023 20:38:19 GMT
server
Cleversafe
etag
"1bbd96ba9ef20cd3af762799fc02ba77"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
af9251f8-f783-4c15-aecb-53c26a75e656
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
card-cta-footer.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
13 KB
4 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-cta-footer.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
e8e8a692a3d205212b325961053e9fab1e3faadc837ff38fe709efc6a62261e4
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
dfdcb370-b644-4fd7-a0db-9fbeb2cc8932
content-length
4147
last-modified
Tue, 17 Oct 2023 20:37:56 GMT
server
Cleversafe
etag
"e35dc2d52ce44279161581d5f553a816"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
dfdcb370-b644-4fd7-a0db-9fbeb2cc8932
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
card-group-item.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
329 KB
33 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-group-item.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
2fff36e6a269af9be134992c620929c6c7788d582b8f4be51e4fc97df3c91db1
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
d2b19539-837e-4141-9d3e-cb32b471db76
content-length
33313
last-modified
Tue, 17 Oct 2023 20:37:56 GMT
server
Cleversafe
etag
"60a3f25ac891afcbbe907987d6dcbcbc"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
d2b19539-837e-4141-9d3e-cb32b471db76
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
content-section-heading.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
12 KB
4 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/content-section-heading.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
b11dee66c99d6b6e3444a2f66694d0f7de9a7c8d728d68690feb7b3a4d9f924d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
2e543f6c-61ff-4d7a-8d59-f54ddd95e524
content-length
3853
last-modified
Tue, 17 Oct 2023 20:38:00 GMT
server
Cleversafe
etag
"7058454e4eae3a6c152acf2b8bdb4f0b"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
2e543f6c-61ff-4d7a-8d59-f54ddd95e524
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
content-section2.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
81 KB
9 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/content-section2.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
be3244f18ec46e3495666e8f7a9163ffac8bc1b41ec08255609fa7ed27adc30c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
599bdccf-7eae-4680-89e9-fa87aa38da37
content-length
8977
last-modified
Tue, 17 Oct 2023 20:38:00 GMT
server
Cleversafe
etag
"f1a3e37754db5ea2b42b3b66ebd9ebfd"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
599bdccf-7eae-4680-89e9-fa87aa38da37
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
link.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
12 KB
4 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/link.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
ed6e91de3135860c57b28a6ecd16522733e91d09551e26ae34ad30c0ed4f9151
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
0f7c64c5-003d-4505-85c7-2d3d20a3dbb0
content-length
3681
last-modified
Tue, 17 Oct 2023 20:38:06 GMT
server
Cleversafe
etag
"6870ccd2428d228d9f38f7cab7b0f71b"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
0f7c64c5-003d-4505-85c7-2d3d20a3dbb0
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
decorate.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
10 KB
4 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/decorate.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
9edc28759e1866c29cc73e8b388ac0b1b044e93cca651a8da39102e263b525a0
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
ec6a0bd1-bda6-4e44-a57d-fc6a2e606b0a
content-length
3294
last-modified
Tue, 17 Oct 2023 20:38:01 GMT
server
Cleversafe
etag
"d1680ca225bf52cd3d4c00020f9f2752"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
ec6a0bd1-bda6-4e44-a57d-fc6a2e606b0a
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
toPropertyKey.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
4 KB
2 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/toPropertyKey.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
bbc367f73bc831632abae23bd931a4b50ebabe6bb1a36a89e48c9e5ec3dfea8e
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
2359ab0d-150f-451e-a9c4-bcdcc084ca04
content-length
1242
last-modified
Tue, 17 Oct 2023 20:38:19 GMT
server
Cleversafe
etag
"7c88b4f8a2f4def1d8a6b9a40faace8b"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
2359ab0d-150f-451e-a9c4-bcdcc084ca04
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
class-map.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
5 KB
2 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/class-map.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
8f19c6d6e152827203ecdde3583ef11e2f28ff0b8903beca54647f255949deaf
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
180996be-b433-4529-aa86-6da627194fa8
content-length
1477
last-modified
Tue, 17 Oct 2023 20:37:58 GMT
server
Cleversafe
etag
"a7c84b7008f080615dd200aacba1e1ee"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
180996be-b433-4529-aa86-6da627194fa8
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
if-non-null.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
3 KB
1 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/if-non-null.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
bd14d0b978a5aaa57bf28684442136fe2afdb7e4768a81a5365d75250b032321
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
d5a6b724-5d69-4fb3-a576-3663560c22f0
content-length
1041
last-modified
Tue, 17 Oct 2023 20:38:03 GMT
server
Cleversafe
etag
"db036fee260ecc20ffe2bdabb84c6979"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
d5a6b724-5d69-4fb3-a576-3663560c22f0
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
if-defined.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
4 KB
1 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/if-defined.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
1590392832c5c7e5fcfa0e76a406b9f40aa3384fa6d1a392c06cfff47633a920
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
e2b8e23a-ff25-457c-a18c-c272a5a1d160
content-length
1148
last-modified
Tue, 17 Oct 2023 20:38:03 GMT
server
Cleversafe
etag
"de9bb21ffec8151769033f0447c75ad6"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
e2b8e23a-ff25-457c-a18c-c272a5a1d160
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
focus.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
3 KB
1 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/focus.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
e7cbc8627c6e593075352516c356c6789b7ae8d73a3f8f67d468529bbc94c4cb
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
46345595-a74d-4838-adc4-0651b3b462b8
content-length
1109
last-modified
Tue, 17 Oct 2023 20:38:02 GMT
server
Cleversafe
etag
"0c42d9baaa811fa1800e78b0a8e6c86f"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
46345595-a74d-4838-adc4-0651b3b462b8
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
settings3.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
5 KB
2 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/settings3.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
70e86f96c689b4d31fd726460660ff73fd3a4643ede63ad358ce9cbebbc3de05
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
cd70892c-b9ea-4806-88ac-e15d0ff9294c
content-length
1468
last-modified
Tue, 17 Oct 2023 20:38:18 GMT
server
Cleversafe
etag
"2cff5a2fff232bd480476463ef4eabe1"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
cd70892c-b9ea-4806-88ac-e15d0ff9294c
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
marked.umd.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
73 KB
25 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/marked.umd.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
5f300ce5623ab42dd2e013b707265acb5fc74b76592b04a22bc21c512c36a564
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
5c86222b-a7bc-431c-af09-0ee849688aac
content-length
25666
last-modified
Tue, 17 Oct 2023 20:38:07 GMT
server
Cleversafe
etag
"6fc2834aafb6c38fb38a0ac57f1200ff"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
5c86222b-a7bc-431c-af09-0ee849688aac
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
_commonjsHelpers.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
3 KB
1 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/_commonjsHelpers.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
e8247375044496d06ad9447a156f1bbc1e2a50e2895041ae5552d5554d3d5d4a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
9294561f-b1f1-42b5-9d3a-8a58ddbee697
content-length
1106
last-modified
Tue, 17 Oct 2023 20:37:55 GMT
server
Cleversafe
etag
"e6a3b5009a4d6938b6d83889e55fedf3"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
9294561f-b1f1-42b5-9d3a-8a58ddbee697
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
striptags.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
5 KB
2 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/striptags.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
6c725974f1982b5ec1aeff0f5546683467d3a6808c686f77448bb56a438d1498
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
b3ef6b62-7621-4cf2-b360-9eac6bfbe1a8
content-length
1748
last-modified
Tue, 17 Oct 2023 20:38:18 GMT
server
Cleversafe
etag
"353ad170bca7e131804bd8a2f9346aee"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
b3ef6b62-7621-4cf2-b360-9eac6bfbe1a8
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
defs.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
3 KB
1 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/defs.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
10c32fc3bd960b57290d4469a55b9c3a970f58f72f3b37455d44b1f4885878ae
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
a0beb4d6-4b3c-4315-a581-b030d3ffd45e
content-length
1078
last-modified
Tue, 17 Oct 2023 20:38:01 GMT
server
Cleversafe
etag
"b525f7ce9c789c23e4990ea12812fe39"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
a0beb4d6-4b3c-4315-a581-b030d3ffd45e
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
card2.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
204 KB
20 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card2.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
05382ca2c2ab1254bdae63c9fd696e83b884f86bb55618949ecb0dea59a5df06
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
45281bff-5338-40b0-946c-c1212518b8f1
content-length
20644
last-modified
Tue, 17 Oct 2023 20:37:57 GMT
server
Cleversafe
etag
"555bb02af27f869bad0168a95fb5cdd0"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
45281bff-5338-40b0-946c-c1212518b8f1
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
link-with-icon.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
136 KB
17 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/link-with-icon.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
d344ff76816bb38cd57cd56e5386601d9a3d2defd0b6a8d5321b4929db65dbec
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
b4556dc4-3547-4a5e-a920-503f6612b428
content-length
16672
last-modified
Tue, 17 Oct 2023 20:38:06 GMT
server
Cleversafe
etag
"2da3cc94d8d495bc6f53bb8e602a1eac"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
b4556dc4-3547-4a5e-a920-503f6612b428
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
image.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
132 KB
17 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/image.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
0fc1ffd7c6b0b952f94e417532ede23e2f88ddea35dce894f03ed7e9ebfc9cf4
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
7f74d7f5-aa06-46b7-97ea-336df81e4c68
content-length
17474
last-modified
Tue, 17 Oct 2023 20:38:03 GMT
server
Cleversafe
etag
"85f1b75de2ec26a288c7767457d4b11d"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
7f74d7f5-aa06-46b7-97ea-336df81e4c68
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
host-listener.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
5 KB
2 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/host-listener.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
d0f02fdf609ea86efc0155d8b7964bfdc08250b3920043644f831e7c28b4a9d1
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
d8617d01-529b-4135-be79-3403898c83f6
content-length
2026
last-modified
Tue, 17 Oct 2023 20:38:03 GMT
server
Cleversafe
etag
"c009c868a2a0a9dd11f72f881df47279"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
d8617d01-529b-4135-be79-3403898c83f6
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
expressive-modal.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
128 KB
17 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/expressive-modal.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
39775316f5604b2e15e817b6bb60be3ced64a3d2dca29b4f49575617ab807d9a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
e6f48043-99c4-4e88-a217-ba666cdc3400
content-length
17366
last-modified
Tue, 17 Oct 2023 20:38:01 GMT
server
Cleversafe
etag
"817b2f8e65c8620da46a61374935040f"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
e6f48043-99c4-4e88-a217-ba666cdc3400
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
expressive-modal-close-button.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
11 KB
4 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/expressive-modal-close-button.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
c870aabc7adf8c354ea4a86cab2e1e6d254c829247988df9f26e6e78778d1d8a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
a29d31d1-78c7-4802-be10-4cdd641e73e6
content-length
3601
last-modified
Tue, 17 Oct 2023 20:38:01 GMT
server
Cleversafe
etag
"5add5ff68d4f62c4784c206b06f6ffb5"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
a29d31d1-78c7-4802-be10-4cdd641e73e6
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
modal-close-button.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
80 KB
9 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/modal-close-button.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
40e39a2a1a1a5149a3303e38b732ac43b1c69edba7b42ab2d8688429a0fcd244
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
fbe20c28-6a53-45d5-972e-d9a89861740d
content-length
9144
last-modified
Tue, 17 Oct 2023 20:38:09 GMT
server
Cleversafe
etag
"d7308d403b9417d7526cfae154932d4c"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
fbe20c28-6a53-45d5-972e-d9a89861740d
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
202.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
4 KB
2 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/202.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
588b5f84ecbbc7124ca8a9e90d2a80a3c8157db7898467e7b23a5d735c9e78fb
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
5dea0c19-b9f5-498d-a7c5-d8bfe19a68df
content-length
1252
last-modified
Tue, 17 Oct 2023 20:37:53 GMT
server
Cleversafe
etag
"9f01516ec7d07c264e22f282a5584408"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
5dea0c19-b9f5-498d-a7c5-d8bfe19a68df
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
spread.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
4 KB
2 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/spread.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
64541d6d00c236d45a4b46b189a5adbd2336349ed8fbebee9e03a9e0b6e823fd
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
2f994bc9-cbe6-4cb8-9dcd-b2017b136877
content-length
1268
last-modified
Tue, 17 Oct 2023 20:38:18 GMT
server
Cleversafe
etag
"92191be29d1a12e0168221ffe8116f90"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
2f994bc9-cbe6-4cb8-9dcd-b2017b136877
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
lightbox-image-viewer.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
134 KB
16 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/lightbox-image-viewer.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
acc61f08e979d54268daa7615e1121c83687a2eece1a1de04ca00a6aad397e69
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
7995e4d8-abee-4b6d-bd82-ada4aee0cd68
content-length
16417
last-modified
Tue, 17 Oct 2023 20:38:06 GMT
server
Cleversafe
etag
"70f7892951d80b2fb318b6b4ed2ba148"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
7995e4d8-abee-4b6d-bd82-ada4aee0cd68
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
button.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
81 KB
11 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/button.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
d86a381a8750a3e22956160bca45b26a41ae9068078382f7db7b59bca0962739
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
2bdaa1b8-529f-41dc-b334-aefb490e0e16
content-length
11105
last-modified
Tue, 17 Oct 2023 20:37:56 GMT
server
Cleversafe
etag
"1d4b014808262e448f4a508d01c3f4c2"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
2bdaa1b8-529f-41dc-b334-aefb490e0e16
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
modal-render.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
5 KB
2 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/modal-render.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
cffb5b48affdb7d28dce91917fcff0c53b351c3a4e37fb974d011a6865dbcd64
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
4f630f3e-bd3e-431f-83db-a4dc782f70ef
content-length
1654
last-modified
Tue, 17 Oct 2023 20:38:09 GMT
server
Cleversafe
etag
"4990ffaa0c9c4346160801d3e1afb964"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
4f630f3e-bd3e-431f-83db-a4dc782f70ef
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
settings2.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
3 KB
1 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/settings2.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
494ad745441a0e2121bb9da59b9fe7b5281abf4454698c9633a1b4bb99f50789
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
cb72a31e-d281-47e3-9840-8f0ebfc12f25
content-length
1025
last-modified
Tue, 17 Oct 2023 20:38:18 GMT
server
Cleversafe
etag
"5963774aea01a2863d2e89d01b677a4d"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
cb72a31e-d281-47e3-9840-8f0ebfc12f25
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
formatVideoCaption.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
3 KB
1 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/formatVideoCaption.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
16302338afc2c7ecff024cad37c76d5ead033b25fcf4ba6354c6a31cffe8ae34
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
7a0c4854-9f35-4042-b44f-9d1319408e76
content-length
1194
last-modified
Tue, 17 Oct 2023 20:38:02 GMT
server
Cleversafe
etag
"0cacbe5eb1d62af587312aa706ad92f7"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
7a0c4854-9f35-4042-b44f-9d1319408e76
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
video.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
13 KB
4 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/video.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
ab94e9181ccfa0fbd37d9523154d1b8e27825737b0228d14e2ef14396d1d9f2d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
faba9082-706b-4f61-964c-c40f904120fd
content-length
3606
last-modified
Tue, 17 Oct 2023 20:38:19 GMT
server
Cleversafe
etag
"52eb19c9761145ed213e92d81970febf"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
faba9082-706b-4f61-964c-c40f904120fd
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
203.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
4 KB
2 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/203.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
04b235fb0434ba2996a7adad1f77b7044133f11d7a0fd1fbdde3c027d761a7e5
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
cc8cfcda-7349-4c94-9d9f-f62d8caf6c89
content-length
1241
last-modified
Tue, 17 Oct 2023 20:37:54 GMT
server
Cleversafe
etag
"77256b516144911d2a1db4d9bbbec384"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
cc8cfcda-7349-4c94-9d9f-f62d8caf6c89
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
defs2.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
4 KB
2 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/defs2.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
c0c68ee99978a72f6b30031323c8b4793e97e24ff03adb6edb22ffa7d5d6a24a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
14a624f1-b2ca-484f-b991-e19b01c8ae4a
content-length
1236
last-modified
Tue, 17 Oct 2023 20:38:01 GMT
server
Cleversafe
etag
"1f064723fd185b9ab855b837ea1d572a"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
14a624f1-b2ca-484f-b991-e19b01c8ae4a
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
KalturaPlayer.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
8 KB
3 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/KalturaPlayer.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
7d3fc3b7ea2776d037257e1e175a66e3bb1ac7f103ce474549d6a3e0a6645c8b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
93f994d3-f5a8-4894-b728-359f4724f97d
content-length
3200
last-modified
Tue, 17 Oct 2023 20:37:55 GMT
server
Cleversafe
etag
"209be7129b0979c6259cd6a1a71108ac"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
93f994d3-f5a8-4894-b728-359f4724f97d
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
index2.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
12 KB
4 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/index2.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
9ac3e156c0e504af177fa04ebb5c234c264b794c0dd636025c8c814e60a1c592
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
3314edb1-e48d-47d5-8f07-2b547ccd7e92
content-length
4076
last-modified
Tue, 17 Oct 2023 20:38:03 GMT
server
Cleversafe
etag
"e2be6fe9de2ca0c4ac63da7471e721c5"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
3314edb1-e48d-47d5-8f07-2b547ccd7e92
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
Analytics.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
6 KB
2 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/Analytics.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
08817ef016d047c4d049551225dbedb8f1e96ac53af38f8bc70c65e0ed90ac8d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
8c287a36-1ad0-4a3d-9cb1-89b6f3c07ec4
content-length
1986
last-modified
Tue, 17 Oct 2023 20:37:55 GMT
server
Cleversafe
etag
"15cb6769a2b17fd4c928a09762ec1687"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
8c287a36-1ad0-4a3d-9cb1-89b6f3c07ec4
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
index.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
3 KB
1 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/index.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
e94dea6a076445d2063bbe7101fa33c8fb6cdd723863eb5c25eeaa81e3736b16
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
8143e8e8-9501-4318-b6ed-26e636a45c21
content-length
1057
last-modified
Tue, 17 Oct 2023 20:38:03 GMT
server
Cleversafe
etag
"7452bc45639068c36eb711cd01030901"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
8143e8e8-9501-4318-b6ed-26e636a45c21
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
cta.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
232 KB
23 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
06f22cc39b965efddd2d8217790e7208ab61420129339a1dc960829719dd5137
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
2158e52f-8797-407b-aa2b-2e231b551733
content-length
23505
last-modified
Tue, 17 Oct 2023 20:38:01 GMT
server
Cleversafe
etag
"3bc779eeb89c8bc8fe07beb66db73cde"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
2158e52f-8797-407b-aa2b-2e231b551733
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
index4.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
3 KB
1 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/index4.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
27f02b94e79640b905bf25c89495d09fb0950faeea56a852e10f855f12c56d85
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
797c1614-c27f-4ba8-ba48-bd50288c4c96
content-length
1113
last-modified
Tue, 17 Oct 2023 20:38:03 GMT
server
Cleversafe
etag
"afcae01440d8fa4cf6ef7fcaac6dbe49"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
797c1614-c27f-4ba8-ba48-bd50288c4c96
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
sameHeight.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
3 KB
1 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/sameHeight.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
e700120f7653aa6fb3ee2a44706e4003a4e33a55821f65b337b7b37314c28dee
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
b9d6c614-cd16-4890-9360-36b79abb2c91
content-length
1191
last-modified
Tue, 17 Oct 2023 20:38:17 GMT
server
Cleversafe
etag
"43811e9341aa61075ddc68775c83db93"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
b9d6c614-cd16-4890-9360-36b79abb2c91
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
card-cta.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
23 KB
5 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-cta.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
a6d5adaf3a68ff52fcdcf50861572525528e6dbb2199724333e23f7367f9fb16
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
f4fb4dc6-0c23-4b81-887c-3071272e2c8c
content-length
5049
last-modified
Tue, 17 Oct 2023 20:37:56 GMT
server
Cleversafe
etag
"42a703cd63d04acc52291a79b711f540"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
f4fb4dc6-0c23-4b81-887c-3071272e2c8c
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
play-video.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
12 KB
5 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/play-video.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
8de86f9f9306473b042dfe2d1bbb7156b2d3561b82706e54f9c4c1f7022d4964
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
52b1829f-0fe7-481e-b301-41f968a3ef1f
content-length
4530
last-modified
Tue, 17 Oct 2023 20:38:10 GMT
server
Cleversafe
etag
"9802775471c80bbb3d804d642b9216ff"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
52b1829f-0fe7-481e-b301-41f968a3ef1f
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
spread2.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
4 KB
2 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/spread2.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
64541d6d00c236d45a4b46b189a5adbd2336349ed8fbebee9e03a9e0b6e823fd
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
69b9ca15-0bd3-4dd1-a847-8b612f2117ab
content-length
1268
last-modified
Tue, 17 Oct 2023 20:38:18 GMT
server
Cleversafe
etag
"92191be29d1a12e0168221ffe8116f90"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
69b9ca15-0bd3-4dd1-a847-8b612f2117ab
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
settings.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
4 KB
1 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/settings.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
cff90ab35aaba7458a6fe8e6fd3889baf8e6dece0310efba27dd906458cd51a5
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
476b9891-7e6a-42ff-bb3c-5823bb8e5bbe
content-length
1177
last-modified
Mon, 06 Nov 2023 00:58:30 GMT
server
Cleversafe
etag
"84819ca6f0733db054aed5a8f9a4cec1"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
476b9891-7e6a-42ff-bb3c-5823bb8e5bbe
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
stable-selector.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
5 KB
2 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/stable-selector.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
2dd8e8669f0fe3be72caed1be0a1a1152998a0703ce47b2222404b2585e99dfc
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
3e38846f-b918-4e3c-9411-26a477e64ee2
content-length
1733
last-modified
Mon, 06 Nov 2023 00:58:30 GMT
server
Cleversafe
etag
"7f8726b968e47332ffa78dc90ca0a064"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
3e38846f-b918-4e3c-9411-26a477e64ee2
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
carbon-element.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
32 KB
8 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/carbon-element.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
78af1cdf1d62b4344795b5858e53e4fda51359566bd86a633ce7768a0e494825
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
3c1a864f-9b19-409e-91f4-3c1c9cde1b7f
content-length
8364
last-modified
Sat, 04 Nov 2023 23:59:28 GMT
server
Cleversafe
etag
"3d4cd269d846ff69d30c8c32771effd6"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
3c1a864f-9b19-409e-91f4-3c1c9cde1b7f
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
content-section.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
12 KB
4 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/content-section.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
350f51428ceea4f17016885aa3fb82d8ee563e948cee80abf3f6c0a907097599
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
96801bf7-27d7-4bb0-adf4-eafadf013149
content-length
3937
last-modified
Sat, 04 Nov 2023 23:59:33 GMT
server
Cleversafe
etag
"64f8b519ff525c9f1781504757093c16"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
96801bf7-27d7-4bb0-adf4-eafadf013149
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
card.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
17 KB
6 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
45510ed788cdc0a18d79412e1fda8fa82d4393b063f11f10cb2f145b925d2139
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
98b4103e-3681-4fb2-8fad-d69d2e4128ba
content-length
5416
last-modified
Sat, 04 Nov 2023 23:59:29 GMT
server
Cleversafe
etag
"f0dbfc40f8801dab103bef33fc44711e"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
98b4103e-3681-4fb2-8fad-d69d2e4128ba
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
card-eyebrow.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
11 KB
4 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-eyebrow.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
a1a8fd1a12b0131a0e48aa5639c4c84592f4d214ff9b3dcc19fae66cce7e1aba
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
2b9f2a2a-7120-411c-8cfe-b4ab129ff7a3
content-length
3613
last-modified
Sat, 04 Nov 2023 23:59:28 GMT
server
Cleversafe
etag
"a959ea8601517c5ccb45a5028e0f9861"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
2b9f2a2a-7120-411c-8cfe-b4ab129ff7a3
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
card-footer.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
13 KB
5 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-footer.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
dc65ba5a418ecb5dbbada6d80e8a5f1fecb3cd618a4958d8f0bbe9f10c3b1fd6
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
6d5b3393-46bc-41ba-a736-08e6f93cdd20
content-length
4446
last-modified
Sat, 04 Nov 2023 23:59:28 GMT
server
Cleversafe
etag
"bacc8da1965e59775baec2477d7c0171"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
6d5b3393-46bc-41ba-a736-08e6f93cdd20
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
card-heading.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
12 KB
4 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-heading.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
4fb9fc84ae9e963f8128445e4d7b63277d09475e4395a61fae6c2176ef28d267
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
ddea04c0-b020-47dc-83ca-c5d0f4369f97
content-length
3863
last-modified
Mon, 06 Nov 2023 00:58:04 GMT
server
Cleversafe
etag
"c8e87d22e92a4693df501d9d916eecdd"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
ddea04c0-b020-47dc-83ca-c5d0f4369f97
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
image-logo.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
11 KB
4 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/image-logo.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
aac50e2336e7a537f3ad867240e349639cd33282b3cc40c9d5668a1e0b0db4cb
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
fba93eee-91aa-4c8f-923c-8851d6cdd5e1
content-length
3710
last-modified
Sat, 04 Nov 2023 23:59:36 GMT
server
Cleversafe
etag
"8182e8fad6fadac990e7ef64cf9d9196"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
fba93eee-91aa-4c8f-923c-8851d6cdd5e1
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
tag-group.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
45 KB
8 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/tag-group.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
7bcb04c9697cc11618e7d7fb4e6b357530b7e779fdb16b23cea3c9d52ab53c2e
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
39869ca6-08af-49cd-baee-8d0dd046c12b
content-length
8068
last-modified
Sat, 04 Nov 2023 23:59:58 GMT
server
Cleversafe
etag
"749d9eaf9cdf07705f828770377783bd"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
39869ca6-08af-49cd-baee-8d0dd046c12b
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
tag-link.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
44 KB
8 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/tag-link.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
1d5169c036684aea1474c6b1fd92bb02bb34e13de0293188cea9c718e7950fad
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
0fce9d56-3d7b-4d06-9dac-bf55cabbb099
content-length
7936
last-modified
Sat, 04 Nov 2023 23:59:58 GMT
server
Cleversafe
etag
"c666144e168e23a450226d6c709e85d0"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
0fce9d56-3d7b-4d06-9dac-bf55cabbb099
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
card-cta-footer.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
13 KB
4 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-cta-footer.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
ada49e5c38aa38ae857b0b8806b41788dc2a4f3845c4717da30baf3e14313265
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
2b22b113-bee4-403c-8381-d25084c3484b
content-length
4148
last-modified
Sat, 04 Nov 2023 23:59:28 GMT
server
Cleversafe
etag
"72a03607a2f2bb3b9f451e61f2959aa5"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
2b22b113-bee4-403c-8381-d25084c3484b
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
card-group-item.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
329 KB
33 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-group-item.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
192227729ba30517442c20e43ee699f59cdb3b801c86a0b2fe9b59639881e371
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
bdfc1fe6-5b9b-42b8-b766-c570cfaec97d
content-length
33313
last-modified
Mon, 06 Nov 2023 00:58:04 GMT
server
Cleversafe
etag
"f49ceceab4430f12ba8d3e37041e1c46"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
bdfc1fe6-5b9b-42b8-b766-c570cfaec97d
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
content-section-heading.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
12 KB
4 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/content-section-heading.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
332057640e22e0ddfc0a657c5b844d833b6e48ead6dbe24cd1b2f9e6ada20373
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
827bce58-a59c-408b-b37b-d54d687be358
content-length
3853
last-modified
Mon, 06 Nov 2023 00:58:08 GMT
server
Cleversafe
etag
"352a61dbde42c54458294d427776de33"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
827bce58-a59c-408b-b37b-d54d687be358
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
content-section2.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
81 KB
9 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/content-section2.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
e1fff56002d3946dd7c79b2cb93a55291d4a97818be06047dd187419dc4a06ff
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
b86e61ae-69b3-4591-9044-a85c4992dc09
content-length
8977
last-modified
Mon, 06 Nov 2023 00:58:09 GMT
server
Cleversafe
etag
"009b15d941d4deaf21a7972f55b536b1"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
b86e61ae-69b3-4591-9044-a85c4992dc09
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
link.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
12 KB
4 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/link.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
351a42c63450da7b3b9b91766dfed6351ac06ad927b839eeb83a52496cd795f4
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
d0c7a431-d75f-43e9-982e-28503d3f05c5
content-length
3666
last-modified
Mon, 06 Nov 2023 00:58:15 GMT
server
Cleversafe
etag
"457de4c0b3e0a192d98665ffc188c957"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
d0c7a431-d75f-43e9-982e-28503d3f05c5
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
decorate.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
10 KB
4 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/decorate.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
0a7758377edd86ae9e438a98076928b5e634f2230f86b1b26ec2d2c8c21e0bea
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
2838ac35-6071-4ce5-b0f9-1475361f0901
content-length
3294
last-modified
Sat, 04 Nov 2023 23:59:33 GMT
server
Cleversafe
etag
"ad275fbdcf9364f13f18061fb4e6f668"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
2838ac35-6071-4ce5-b0f9-1475361f0901
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
toPropertyKey.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
4 KB
2 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/toPropertyKey.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
4c8f0bc66fefbbcd1b790e43518e3f1b4db6fc3ded4ff13e2875d6d76d3b0551
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
a32ff68a-e7c1-43d0-a618-a7a1504e44d0
content-length
1242
last-modified
Mon, 06 Nov 2023 00:58:31 GMT
server
Cleversafe
etag
"044f4bda25a7f645d6899048ba221264"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
a32ff68a-e7c1-43d0-a618-a7a1504e44d0
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
class-map.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
5 KB
2 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/class-map.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
e11445732cf434d9b573c7e891f414abea3a97c49f6c8b7f927094ec5ee48c69
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
8c685375-29ec-457b-b9b3-148094e7f7a2
content-length
1477
last-modified
Mon, 06 Nov 2023 00:58:05 GMT
server
Cleversafe
etag
"9c9e70a6934852d369258094ad87b3f5"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
8c685375-29ec-457b-b9b3-148094e7f7a2
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
if-non-null.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
3 KB
1 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/if-non-null.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
cdff66106ed5d07d4531bfa2f883e0ce47a719a579f79521a412b75ec25e3bb7
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
95c3b0d5-fe29-4cbd-a632-1c53281be5fd
content-length
1041
last-modified
Sat, 04 Nov 2023 23:59:36 GMT
server
Cleversafe
etag
"960368698775f5b1e59f1180e0a6ca63"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
95c3b0d5-fe29-4cbd-a632-1c53281be5fd
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
if-defined.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
4 KB
1 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/if-defined.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
e3a1dd05339611c84ee60c9d03845819a8c4de3f04ee9ac4161949acf88d6249
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
7d5db19d-6e89-4057-be8c-56cdf86a2a34
content-length
1149
last-modified
Sat, 04 Nov 2023 23:59:36 GMT
server
Cleversafe
etag
"990dbded3c96960b71da1edfa7423dff"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
7d5db19d-6e89-4057-be8c-56cdf86a2a34
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
focus.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
3 KB
1 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/focus.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
27d29c45e52622f5f8e062649d4415e6a22f35b1e173e635a9b5affbd4b69cac
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
352b500c-aaf1-4d4d-9873-a4623d96a0ef
content-length
1110
last-modified
Sat, 04 Nov 2023 23:59:35 GMT
server
Cleversafe
etag
"a609d85a6cf6b7d73178a7dfb96c72c6"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
352b500c-aaf1-4d4d-9873-a4623d96a0ef
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
settings3.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
5 KB
2 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/settings3.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
fbd656e9c30ba6b8cdf83393b4d8e23ad8b919e5b7df32bd29f8069bf193c721
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
199e6891-b84a-4fd1-b5e2-a76a505ee089
content-length
1469
last-modified
Mon, 06 Nov 2023 00:58:30 GMT
server
Cleversafe
etag
"23900af6e3796061adf17b76437a310f"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
199e6891-b84a-4fd1-b5e2-a76a505ee089
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
marked.umd.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
73 KB
25 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/marked.umd.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
5535c6eefeb1b9b801618860f012d78fd66e3142e12271dffceb858181067473
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
c875ace3-81ae-422f-b7b0-7137ddc9e432
content-length
25666
last-modified
Mon, 06 Nov 2023 00:58:15 GMT
server
Cleversafe
etag
"191601362465bad6b2474dfd3c94741c"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
c875ace3-81ae-422f-b7b0-7137ddc9e432
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
_commonjsHelpers.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
3 KB
1 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/_commonjsHelpers.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
515b7597687252e042a8cafb23f4e5676a63c654f0dca9897d30c1717c283d47
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
9f08a593-ea74-42dd-80c8-550e875fc154
content-length
1106
last-modified
Mon, 06 Nov 2023 00:58:02 GMT
server
Cleversafe
etag
"764b0584c8f16d3178067fead82e9106"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
9f08a593-ea74-42dd-80c8-550e875fc154
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
striptags.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
5 KB
2 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/striptags.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
89c408d56226d22fdb22eabbb7e0d6b91c3801fa61b87d5a0bba0b3636a811b1
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
cd6bcb43-d97c-4b48-9d9d-427438af2a80
content-length
1749
last-modified
Sat, 04 Nov 2023 23:59:57 GMT
server
Cleversafe
etag
"dc2d61059b32f3a22e4a84ca66aaf97c"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
cd6bcb43-d97c-4b48-9d9d-427438af2a80
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
defs.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
3 KB
1 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/defs.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
2245baa305bbb28e3b75fef91666d4ad89cef15a96ed5662ec2f97e78ac79c15
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
33db5874-eeb6-44f0-8585-bebb223352bc
content-length
1078
last-modified
Mon, 06 Nov 2023 00:58:09 GMT
server
Cleversafe
etag
"477ab9c82df6b7bdaea7c843e723b19a"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
33db5874-eeb6-44f0-8585-bebb223352bc
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
card2.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
204 KB
20 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card2.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
9f5ba914c0bb3d4d49bca654188d9977889f175b9db0736b6880f912a548a55e
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
a2dbb881-4ee5-407d-9175-d06f7d8d86a7
content-length
20644
last-modified
Sat, 04 Nov 2023 23:59:29 GMT
server
Cleversafe
etag
"eeb4c806b967efd4ffa31cbfbaf5420f"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
a2dbb881-4ee5-407d-9175-d06f7d8d86a7
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
link-with-icon.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
136 KB
17 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/link-with-icon.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
60500125f4a0acf2b006e48b9676d5113eff2db0accc9063e989aa4cb3612009
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
945ac75c-ce59-4c85-ae08-780c78b8b3ff
content-length
16672
last-modified
Mon, 06 Nov 2023 00:58:14 GMT
server
Cleversafe
etag
"754aaede84d5bf42fc69dca400543405"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
945ac75c-ce59-4c85-ae08-780c78b8b3ff
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
image.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
132 KB
17 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/image.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
c8bef46109f54969e5ba696561e3002fa41eded7e6fb3ebe8103ae07714a9170
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
fa6197c1-731c-4220-abd0-fc9a54c1fcb2
content-length
17474
last-modified
Mon, 06 Nov 2023 00:58:12 GMT
server
Cleversafe
etag
"1968b4290ce849d877432576ae706dba"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
fa6197c1-731c-4220-abd0-fc9a54c1fcb2
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
host-listener.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
5 KB
2 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/host-listener.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
4fe194ab21fc3a14a9f1107091b8141fc461e7cbb0b6430deb925fde9a86dc5d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
96965b0d-5b28-465c-92f3-836e9a3f4d08
content-length
2026
last-modified
Sat, 04 Nov 2023 23:59:35 GMT
server
Cleversafe
etag
"b9d121cd9be133a38e03c80affae465a"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
96965b0d-5b28-465c-92f3-836e9a3f4d08
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
expressive-modal.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
128 KB
17 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/expressive-modal.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
6ec5c233f0b18f0e432f5697a291f9c23853c9c3baeebdbe4a614bdc6cb26919
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
193ecb3d-d059-4d45-b06f-4c08782a8e07
content-length
17367
last-modified
Sat, 04 Nov 2023 23:59:34 GMT
server
Cleversafe
etag
"a50dac831fb512e6ea50bb842e1c32f0"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
193ecb3d-d059-4d45-b06f-4c08782a8e07
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
expressive-modal-close-button.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
11 KB
4 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/expressive-modal-close-button.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
f0a0f0a4b2d759a8835534898f86e94c86ec878671320004233fb580ca540c84
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
03d62117-c2de-47f5-bffc-c3d9691e8e06
content-length
3601
last-modified
Sat, 04 Nov 2023 23:59:34 GMT
server
Cleversafe
etag
"b2eba4e26e61a6d31e0f5d93549674bf"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
03d62117-c2de-47f5-bffc-c3d9691e8e06
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
modal-close-button.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
80 KB
9 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/modal-close-button.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
7dd7f11627e1ad73c79a4b8197892b5f3892039b3482fdbcc62495c1a1244b0b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
46df31fa-3cde-4c24-8a46-c5f7594d05cd
content-length
9144
last-modified
Mon, 06 Nov 2023 00:58:18 GMT
server
Cleversafe
etag
"67015eb789ac441050f80c7c3541720e"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
46df31fa-3cde-4c24-8a46-c5f7594d05cd
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
202.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
4 KB
2 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/202.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
5332f7be0c1e727604740ec11ed47a59287fc95d8b05cf97da5f225cdbe8c429
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
358006d1-4fa1-4cc0-99b5-4c8f3ca58f6c
content-length
1253
last-modified
Sat, 04 Nov 2023 23:59:26 GMT
server
Cleversafe
etag
"780079358d5a2339c2a9091efefbee19"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
358006d1-4fa1-4cc0-99b5-4c8f3ca58f6c
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
spread.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
4 KB
2 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/spread.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
99b96fc4b91ac2d223c6efc6fab6097db4d616caa626ee90030d2a9ae63d46d3
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
ed47e4d8-19e4-4b99-9510-10de5d1b18e9
content-length
1268
last-modified
Sat, 04 Nov 2023 23:59:57 GMT
server
Cleversafe
etag
"92e1b2462487bb439e58373b167ad126"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
ed47e4d8-19e4-4b99-9510-10de5d1b18e9
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
lightbox-image-viewer.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
134 KB
16 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/lightbox-image-viewer.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
792b017f865b1a31cbf7a7c802ab9d05d1bd28596bc15a33bfc58edcd84b2aa1
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
e2ad98de-b3d8-4a1c-9c47-91d37da51767
content-length
16417
last-modified
Mon, 06 Nov 2023 00:58:13 GMT
server
Cleversafe
etag
"7cfc2e5e4e61eb5c2847ed6040383476"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
e2ad98de-b3d8-4a1c-9c47-91d37da51767
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
button.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
81 KB
11 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/button.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
1a42916b367342229c06b3cf94f122aa8c58c9f4f23b6e42f016f01f99bd6e0f
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
79061c50-7c5c-439f-9a6c-26e17a79f6ad
content-length
11105
last-modified
Sat, 04 Nov 2023 23:59:27 GMT
server
Cleversafe
etag
"ff36c3a1e4d9f4d620d3896358ab6a92"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
79061c50-7c5c-439f-9a6c-26e17a79f6ad
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
modal-render.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
5 KB
2 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/modal-render.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
7ffaf29b87a34332eff2bfeed40df69611fdb31b2acb6c413f240a553a60ea0a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
81e68a28-e270-48c6-9c8d-8af372980f27
content-length
1735
last-modified
Sat, 04 Nov 2023 23:59:43 GMT
server
Cleversafe
etag
"586ab097cc2ec4249e68e7e8b86df825"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
81e68a28-e270-48c6-9c8d-8af372980f27
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
settings2.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
3 KB
1 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/settings2.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
86c3d32e24dcbc0dfa79692ff1ee28978811da8c2d12a9067cf13a37928da4af
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
53ba43de-62bc-4eb1-bf16-60f237ebaf38
content-length
1026
last-modified
Sat, 04 Nov 2023 23:59:57 GMT
server
Cleversafe
etag
"f283643888eb984b8bfa8f87ba8887d3"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
53ba43de-62bc-4eb1-bf16-60f237ebaf38
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
formatVideoCaption.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
3 KB
1 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/formatVideoCaption.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
d69fad25dcdb27b58042a06c3b8bf85918aae966b3cf970d9b2ec57a6342a93d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
a007ae6b-dc30-4ade-b5f7-b4ededeff24c
content-length
1194
last-modified
Mon, 06 Nov 2023 00:58:11 GMT
server
Cleversafe
etag
"cae93bcce1e4a61a74f9f855824e6674"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
a007ae6b-dc30-4ade-b5f7-b4ededeff24c
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
video.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
13 KB
4 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/video.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
3eae5bd86b425501f957fb101f82557039973c1c5c1f04a3af57ba6a4b9b7716
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
7962d67b-95bf-41ff-afcd-30333bfda1bc
content-length
3606
last-modified
Mon, 06 Nov 2023 00:58:32 GMT
server
Cleversafe
etag
"d8c66b8e80ec22796690c30935ee7bca"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
7962d67b-95bf-41ff-afcd-30333bfda1bc
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
203.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
4 KB
2 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/203.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
6908a14d13b6cd244881f31f0ee16e1c4a4881939ce0d9a8fb991bf0b50ed490
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
f964edac-8b42-4f50-b170-e151029e5fb1
content-length
1241
last-modified
Sat, 04 Nov 2023 23:59:26 GMT
server
Cleversafe
etag
"e29d5ef5d4f5d165c2af7f0685bce752"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
f964edac-8b42-4f50-b170-e151029e5fb1
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
defs2.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
4 KB
2 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/defs2.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
9d93a1336940e518d434495ffac563a82772b0be980c5aac1b41a4af3ff4a360
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
da009fa1-6d29-4a61-844e-91620b637973
content-length
1237
last-modified
Sat, 04 Nov 2023 23:59:33 GMT
server
Cleversafe
etag
"d4bfb770cdeb437d00f0f6a2d355dc3f"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
da009fa1-6d29-4a61-844e-91620b637973
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
KalturaPlayer.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
8 KB
3 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/KalturaPlayer.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
97f698db61191883189e51243d3cbb3b18e7afaf8e09b1a87c9f02d85abdd11a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
28e7f478-dd94-408e-802f-b3c321369da8
content-length
3201
last-modified
Mon, 06 Nov 2023 00:58:00 GMT
server
Cleversafe
etag
"42ea58d9f309c6502bab84b3c10d99bc"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
28e7f478-dd94-408e-802f-b3c321369da8
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
index3.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
12 KB
4 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/index3.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
2c8ba3832f267ff1339157aab74084f92bd1a803bde8b112f822ec63f736d339
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
352eb63c-51b5-451e-9df9-75f3270141a5
content-length
4081
last-modified
Mon, 06 Nov 2023 00:58:12 GMT
server
Cleversafe
etag
"cd10bb9dbffb96342e63194eee23ce87"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
352eb63c-51b5-451e-9df9-75f3270141a5
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
Analytics.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
6 KB
2 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/Analytics.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
66275ecb70fefd392ce2e1f1f16a62b0875e4b8ff98fdcfd5a0fa5fef86a0aad
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
e56b70e2-d105-4c93-ad2e-d9857953e44a
content-length
1987
last-modified
Mon, 06 Nov 2023 00:58:00 GMT
server
Cleversafe
etag
"48689bdc5106898fbd103a09451ae57c"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
e56b70e2-d105-4c93-ad2e-d9857953e44a
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
index.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
3 KB
1 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/index.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
f9f7422b25370825ab0cef89fabb4d02139cb2077319d3e75cecaa014508489b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
05bf5dea-d956-4d3c-8349-f05413647bd2
content-length
1057
last-modified
Sat, 04 Nov 2023 23:59:36 GMT
server
Cleversafe
etag
"47d64e0198f9abe8c605200899233f30"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
05bf5dea-d956-4d3c-8349-f05413647bd2
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
cta.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
232 KB
23 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
1576c2907a73940c1be9b413e1c56ada9dbca5d762068ec1b7feaced8078cab5
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
88f87d0d-d00c-46f7-a71c-eb9a5dea5eaf
content-length
23505
last-modified
Sat, 04 Nov 2023 23:59:33 GMT
server
Cleversafe
etag
"4777076fd52b5d8456f78e27a5c1cc3b"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
88f87d0d-d00c-46f7-a71c-eb9a5dea5eaf
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
index5.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
3 KB
1 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/index5.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
0f4df07a6dceb54650fb871363381c8206a005c7eaa97daab9a004b165c1af59
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
0223bc34-6c52-467b-9332-638c1339404e
content-length
1114
last-modified
Mon, 06 Nov 2023 00:58:12 GMT
server
Cleversafe
etag
"8d2c019e7db07729eb51a57b59f696c5"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
0223bc34-6c52-467b-9332-638c1339404e
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
sameHeight.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
3 KB
1 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/sameHeight.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
51d0384096ea89a36841bb111a9d595e88500727bbaacdfcad190b8838f32c7b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
efd14c28-cbf0-4196-9ca9-a9d7a9f94277
content-length
1191
last-modified
Mon, 06 Nov 2023 00:58:29 GMT
server
Cleversafe
etag
"255e13173f70a7cebbc3281f8509ac16"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
efd14c28-cbf0-4196-9ca9-a9d7a9f94277
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
card-cta.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
23 KB
5 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-cta.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
db4f572bc91cee1dab0fc799b5bc3352e38dab65c7126f68deb5555960161728
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
dc5ebaa6-e9e1-4161-a8ad-25c08a3d5643
content-length
5049
last-modified
Mon, 06 Nov 2023 00:58:04 GMT
server
Cleversafe
etag
"0158d2b508b02074117c8c42fbbadc69"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
dc5ebaa6-e9e1-4161-a8ad-25c08a3d5643
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
play-video.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
12 KB
5 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/play-video.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
0ced51538d4e0744bfb9dd4c93df7935ee72a727fa922eda829ec18fa1b20ee0
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
a98c2ca8-53e4-4ed8-9627-a8cb42fecebc
content-length
4531
last-modified
Sat, 04 Nov 2023 23:59:43 GMT
server
Cleversafe
etag
"7a4e6843aff6f8c26c56bd7efdbbe268"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
a98c2ca8-53e4-4ed8-9627-a8cb42fecebc
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
spread2.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
4 KB
2 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/spread2.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
99b96fc4b91ac2d223c6efc6fab6097db4d616caa626ee90030d2a9ae63d46d3
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
db2c241f-0d11-4873-9df6-318a996fe0f3
content-length
1268
last-modified
Mon, 06 Nov 2023 00:58:30 GMT
server
Cleversafe
etag
"92e1b2462487bb439e58373b167ad126"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
db2c241f-0d11-4873-9df6-318a996fe0f3
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:09 GMT
b3df9c58-1226-4358-bd3e-6ae3ba5c02e4
https://securityintelligence.com/
1 KB
0
Other
General
Full URL
blob:https://securityintelligence.com/b3df9c58-1226-4358-bd3e-6ae3ba5c02e4
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2
fonts.gstatic.com/s/ibmplexsans/v19/
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v19/zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:200,300,400,500,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db71f8a28ad8501544fb4e7668e3c6d0b731760b6f20de3525ebaeba597f1922
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 19:45:30 GMT
x-content-type-options
nosniff
age
228337
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19156
x-xss-protection
0
last-modified
Tue, 02 May 2023 16:04:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Nov 2024 19:45:30 GMT
amp-loader-0.1.js
cdn.ampproject.org/rtv/012310201815000/v0/
12 KB
4 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012310201815000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0daacbec8b84ea75e745a5eb6f3556e1e9e0bd14566bd91e7f3c5a0a53c6c178
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 31 Oct 2023 18:16:09 GMT
age
492897
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3941
x-xss-protection
0
server
sffe
etag
"aef77be21ea5e253"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 30 Oct 2024 18:16:09 GMT
logo-white.svg
securityintelligence.com/wp-content/themes/sapphire/images/
8 KB
4 KB
Image
General
Full URL
https://securityintelligence.com/wp-content/themes/sapphire/images/logo-white.svg
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.5.0
Resource Hash
663a14b3fbb5e44ad939917a2f6f4d93f31a0a1d8ab6702fb0a66036141ddc8b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
public
date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
referrer-policy
same-origin
cf-cache-status
DYNAMIC
last-modified
Wed, 26 Apr 2023 13:09:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"2136-5fa3cf3e8f926"
x-powered-by
W3 Total Cache/2.5.0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gXlXTYKc9Xa46qXoyr5MM7WaqD7SRFX4uVoM2eO0IqrJv6Zhph4r1xEmP0OJUoBidxoDPpSGwYQNK%2Ff4XPrfxMFf%2Ba%2FgKU3Fvwqo4lCYd2stoJVPsy6IfC7QWb4q61gsjyU%2BW5g4nG1XZmHzqqeI4af3ZJgSeZQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, must-revalidate, proxy-revalidate
cf-ray
821ce4d37b2d371c-FRA
alt-svc
h3=":443"; ma=86400
loading.svg
securityintelligence.com/wp-content/themes/sapphire/images/
564 B
939 B
Image
General
Full URL
https://securityintelligence.com/wp-content/themes/sapphire/images/loading.svg
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/wp-content/themes/sapphire/minifications/single.css?v=1697812249
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.5.0
Resource Hash
44a55e68b0089ee691777917ed9bf22f764251c0a7f0253024a8b27c2278a8c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityintelligence.com/wp-content/themes/sapphire/minifications/single.css?v=1697812249
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
public
date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
referrer-policy
same-origin
cf-cache-status
DYNAMIC
last-modified
Wed, 26 Apr 2023 13:09:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"234-5fa3cf3e8706e"
x-powered-by
W3 Total Cache/2.5.0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C4fZkLHsuaKvJGI8cp2e7wXvM3P70s7ml8hpd5jS3TXvxiDu9rqOBFMU9KicYqQC0NeR73SndPjy7KHzLc4v%2FRNMGvfnVBTsa1QVcyQm6R95%2FTXA%2B96men5mJBPC2%2B18jfRioHq7o3AYxNLM3XQUbWm6nA1U4xk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, must-revalidate, proxy-revalidate
cf-ray
821ce4d37b2f371c-FRA
alt-svc
h3=":443"; ma=86400
search.svg
securityintelligence.com/wp-content/themes/sapphire/images/
951 B
1 KB
Image
General
Full URL
https://securityintelligence.com/wp-content/themes/sapphire/images/search.svg
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.5.0
Resource Hash
0e82da81b591f6ffc35aa67bcd9e1c39aa5983f7f8baaf35892956e8b2dc004b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
public
date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
referrer-policy
same-origin
cf-cache-status
DYNAMIC
last-modified
Wed, 26 Apr 2023 13:09:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"3b7-5fa3cf3e92fd6"
x-powered-by
W3 Total Cache/2.5.0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lOKt7RnKMyPOslADJaDx5WCyDqEf3Paijbtx9QNYlqWyyVaMnONxsjtVQsqnjDNh4kWd0HawZxf9oL9SG8kFek%2FqN39nrlDY22eMjpELpQx4ERHCdhmFF05hJUX2ytaXPSAr%2FPSrassbDoa8nIzsi1B3mRSWA1A%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, must-revalidate, proxy-revalidate
cf-ray
821ce4d3ab7d371c-FRA
alt-svc
h3=":443"; ma=86400
close.svg
securityintelligence.com/wp-content/themes/sapphire/images/
455 B
854 B
Image
General
Full URL
https://securityintelligence.com/wp-content/themes/sapphire/images/close.svg
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.5.0
Resource Hash
e89cc85750cabe4a1352be2c824af05958b906fdf9ab9b9e99fdd15a4d798152

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
public
date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
referrer-policy
same-origin
cf-cache-status
DYNAMIC
last-modified
Wed, 26 Apr 2023 13:09:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1c7-5fa3cf3e203e4"
x-powered-by
W3 Total Cache/2.5.0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nI3kPzniEnlrhqInsd09MMUL2LEwyxMOXsh35yaJ5aKxF0e5a5dK%2Bou7dVVLvJ7scblBXHpbZuA74zFJBnDaJP4zgnRWkP39F8oPSlzBvaVLoHmH6ku6ZTvJOKN4ZyNNuViKgOXe7LaWBaNCUX%2BOguXuZ3cJsGw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, must-revalidate, proxy-revalidate
cf-ray
821ce4d46c65371c-FRA
alt-svc
h3=":443"; ma=86400
scroll-to-top.svg
securityintelligence.com/wp-content/themes/sapphire/images/
715 B
996 B
Image
General
Full URL
https://securityintelligence.com/wp-content/themes/sapphire/images/scroll-to-top.svg
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.5.0
Resource Hash
5d5997f11a9482db230a12a91801a5006294d0c68817607fb2d8efdc7ecf006a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
public
date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
referrer-policy
same-origin
cf-cache-status
DYNAMIC
last-modified
Wed, 26 Apr 2023 13:09:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"2cb-5fa3cf3e92fd6"
x-powered-by
W3 Total Cache/2.5.0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nc%2FLlmC7fRn%2FPhpC5ujPDpJZACuo%2BkgFP%2BQUG%2Fhx1bYKF%2F2NiErA%2BG59SoxiqCS628Ebsc3Xw3rPLsUtlYEyPO%2B%2B4n8jz8jwVKyDbeYPEeuThhJ9%2FoxGuRDEjCsZ%2FC7XfSf4WVIPcy8hF8%2BjYzsohsEQmtX1gsQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, must-revalidate, proxy-revalidate
cf-ray
821ce4d4acc2371c-FRA
alt-svc
h3=":443"; ma=86400
truncated
/
98 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
17d13eff6604c141128b7dc1e6a70477dbc612d45444ae93adbf710a5305af74

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
zYX9KVElMYYaJe8bpLHnCwDKjQ76AIFsdA.woff2
fonts.gstatic.com/s/ibmplexsans/v19/
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v19/zYX9KVElMYYaJe8bpLHnCwDKjQ76AIFsdA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:200,300,400,500,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31535a91ce3f6b8ed3ddedadab1e49957e2220263a640df1a3f14f6fdfe15eb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 13:36:14 GMT
x-content-type-options
nosniff
age
250493
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20356
x-xss-protection
0
last-modified
Tue, 02 May 2023 16:19:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Nov 2024 13:36:14 GMT
Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY5a67vspYY.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v14/
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ibmplexsanscondensed/v14/Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY5a67vspYY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans+Condensed:300,400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb18d4166211ffb4d0b77cd388bfbb4d89718a11ba413ee5fbca320fe0f2cc2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 21:49:07 GMT
x-content-type-options
nosniff
age
134520
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20004
x-xss-protection
0
last-modified
Wed, 26 Apr 2023 23:29:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 03 Nov 2024 21:49:07 GMT
zYX9KVElMYYaJe8bpLHnCwDKjXr8AIFsdA.woff2
fonts.gstatic.com/s/ibmplexsans/v19/
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v19/zYX9KVElMYYaJe8bpLHnCwDKjXr8AIFsdA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:200,300,400,500,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bd8cf80ac0e7f7fa126a0cbe0f16d568325a156ca744e8f1e6aef14a9f23e2b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 07:24:05 GMT
x-content-type-options
nosniff
age
272822
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20352
x-xss-protection
0
last-modified
Tue, 02 May 2023 16:04:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Nov 2024 07:24:05 GMT
Plugging-a-USB-cable-into-a-port-of-a-laptop.jpeg.webp
securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2023/10/
12 KB
13 KB
Image
General
Full URL
https://securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2023/10/Plugging-a-USB-cable-into-a-port-of-a-laptop.jpeg.webp
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.5.0
Resource Hash
0640549e1c4e2c3a07e648ab3c5a4684fdf19fdfb273f9830ddf93efb1db8fe5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6839
x-powered-by
W3 Total Cache/2.5.0
alt-svc
h3=":443"; ma=86400
content-length
12692
pragma
public
referrer-policy
same-origin
last-modified
Mon, 30 Oct 2023 23:55:01 GMT
server
cloudflare
etag
"3194-608f7c4306263"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qn6%2BasjepN%2BReoBGQXOz%2BPvSPAcOJ5dHx13i0Bp8Kvd9%2B7oVdTBESMboLUm97%2BA4Sfh3aDFd9uffW8WEUwkuMWJ0foBcNU2ExXxEdlxCWiKJn1nqwqfE1%2BM1RXrd18g24N6Pg5Q0rcD7fEY8jdHb6o%2BRH5aKZ4k%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=1800, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
821ce4d56dfb371c-FRA
twitter.svg
securityintelligence.com/wp-content/themes/sapphire/images/social-icons/
551 B
947 B
Image
General
Full URL
https://securityintelligence.com/wp-content/themes/sapphire/images/social-icons/twitter.svg
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.5.0
Resource Hash
51b55d095033da97c0b57b7d02035cec0064e83018d9c04378e98fd72336ae0d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
public
date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
referrer-policy
same-origin
cf-cache-status
DYNAMIC
last-modified
Fri, 13 Oct 2023 15:11:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"227-6079a770e18a1"
x-powered-by
W3 Total Cache/2.5.0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3jdxfPiVCV2UXmrDyb3R%2BQzVGAt3ZIKQ7EquH8Br0ozTQmJEOuc4Ce%2FmSY5ihSstkepo0%2B%2B9DkAVHWnWVxOHVPzlYGp5zzGhL23A5UOmBUvzMd0QCK33rrOXRvdiUMRfDxKY%2BomWzhz7%2F%2FSjj9Rx%2BOr0ZcjPXOA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, must-revalidate, proxy-revalidate
cf-ray
821ce4d56dfd371c-FRA
alt-svc
h3=":443"; ma=86400
linkedin.svg
securityintelligence.com/wp-content/themes/sapphire/images/social-icons/
693 B
978 B
Image
General
Full URL
https://securityintelligence.com/wp-content/themes/sapphire/images/social-icons/linkedin.svg
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.5.0
Resource Hash
d2f5cf75a63fc6050035c507c308b27f1298db9c178bf0a98e852041d3bf574d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
public
date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
referrer-policy
same-origin
cf-cache-status
DYNAMIC
last-modified
Fri, 13 Oct 2023 15:11:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"2b5-6079a770e18a1"
x-powered-by
W3 Total Cache/2.5.0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PhN0vnOpZvw522I7GauTwBwRr%2F%2B8%2BM6saAsQrcsjxM1xpR7%2B12EsjrVOY%2FaZHoxURnAkLLCzLy1tXhYIJbCBz8f2%2FvIehFCbNlNtnWjulH%2BejQKsIuC0A2dYWiYzbl5ApC2n0NN4ioLfJ7GCxsnr6SPmZeTVc00%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, must-revalidate, proxy-revalidate
cf-ray
821ce4d56dfe371c-FRA
alt-svc
h3=":443"; ma=86400
facebook.svg
securityintelligence.com/wp-content/themes/sapphire/images/social-icons/
822 B
1012 B
Image
General
Full URL
https://securityintelligence.com/wp-content/themes/sapphire/images/social-icons/facebook.svg
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.5.0
Resource Hash
4d4cb2bdcedfe67851df0a0098e36c6fecb22a3832cb46e59f663e37169cdd14

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
public
date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
referrer-policy
same-origin
cf-cache-status
DYNAMIC
last-modified
Fri, 13 Oct 2023 15:11:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"336-6079a770e14b9"
x-powered-by
W3 Total Cache/2.5.0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7nvP9rSs%2BkUDDOhsRngWfRktsm02EoWFqqtQOzh3NW6TKwSKe9dt6vZwijN%2Fohvkp886%2FoNpGWgsxgi8NmRusjEBxr7a%2B5lqE5ddqrUrMgWufuB%2F09%2FHs1sqVDkXz25afKoNSFlmPKaqpv1K%2BDRrxBDTZ%2BojuXg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, must-revalidate, proxy-revalidate
cf-ray
821ce4d56e01371c-FRA
alt-svc
h3=":443"; ma=86400
link.svg
securityintelligence.com/wp-content/themes/sapphire/images/social-icons/
3 KB
2 KB
Image
General
Full URL
https://securityintelligence.com/wp-content/themes/sapphire/images/social-icons/link.svg
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.5.0
Resource Hash
a70b9635dd7cebe8634aa78201f5533e14c7521c46462f036fc82feaa0dfddb6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
public
date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
referrer-policy
same-origin
cf-cache-status
DYNAMIC
last-modified
Fri, 13 Oct 2023 15:11:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"b22-6079a770e14b9"
x-powered-by
W3 Total Cache/2.5.0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mU0Rn1DfNnAxp7sBVF4FcLHzpIn60Am1LwL7ZtIL1%2FBSk0PwzymFcJUkNKipmgFDf5bPPDQ8Y%2BDBX1PFij%2BgyEwZIwIpzc%2FP7Ira6%2FHoFWjHlADRMcGsYneoMp%2FpdwCAQVSs0Yn7ae0BXQS5vTvXM2XuII%2FPp0g%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, must-revalidate, proxy-revalidate
cf-ray
821ce4d56e03371c-FRA
alt-svc
h3=":443"; ma=86400
truncated
/
97 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a829e39c72843a8059c0822301e9be43990a985e09a81ebd27180fe4a5142b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
84 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7b4521ab2b6b25c01f216412599cf2652debb77c047efa4a55cb8d777aaca73e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
98 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e8bd98ddd87d5d989622372cf423dd4f13f20e2d418401b8239b6293e1f190b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
99 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
40e7fb8685e1826b3dbc0c6b449afb8e3c028f9caaec522ef537cb002e3279f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
84 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0f86c226defe3b41071d76e1ab54bdacaeec93a52f2387fe2622300ea9d2b9b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
84 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
823affe05448723d5a5e4cb1d3f35677954a760006a5aefb48068b4ad41b9c04

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
84 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d38e20d218c98ac4cc9b1a478be4b129af0d1a76e00252cdcc5687555f453cd0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
84 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
684e7806452caf5297d6277a50b697d153779b3ee46ec9ffd7592f428e96ebf2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
99 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9ab25ed49d09ce15b8499cd6bb216afab5730ccbc9810f70178e3266e5b21bbb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
98 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0b1484bcad1f0edb07c38c2f967b9cf180b2bed0dcc3a13eabe32b2cfa4e897d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
84 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4b77f8ffe6dea7f6c7b7c27aa5a37afd1cea55c5e5efb7e9af524912d1b3876a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
97 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dd272710c504a3193bc7e6abcf33aa69f0648e1219be6235a3dafe86e46a5bca

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
98 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
12b384ce247c0d08cabb68defdd3aca2830ca50abc152009a02e7e7bab4cc0b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
98 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
62e8fe39e6549f7aa2fbfdd7a4bdf48937364b5427f669d7be4cc94da106096e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
99 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
27be757f5178af3f83c7eda5ae26c3ac4c985c111bcbd0fdd0f6a6bff2819d92

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
99 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7fca82f33b39819397c836a6359e51e92f018740cf47adb8946958c9139f8afa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
98 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
620f743f192276ff10ba3cd06a00e0fabd1805f4ba2a17cd44b8561aab9138d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
84 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3adb402306c2c52d918d6987b18c173c1ea4a3674170d418e838b1f680e946f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
82 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
24d5f2b480d4f967e709f60a4b7b7553767ee42e11b1e60c2876114a5f0ef816

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
arrow-right.svg
securityintelligence.com/wp-content/themes/sapphire/images/
743 B
1 KB
Image
General
Full URL
https://securityintelligence.com/wp-content/themes/sapphire/images/arrow-right.svg
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/wp-content/themes/sapphire/minifications/single.css?v=1697812249
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.5.0
Resource Hash
03d81c05d2b7bcd709563806be145309333dd0f398a91885350953cda5a1a04f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityintelligence.com/wp-content/themes/sapphire/minifications/single.css?v=1697812249
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
public
date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
referrer-policy
same-origin
cf-cache-status
DYNAMIC
last-modified
Wed, 26 Apr 2023 13:09:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"2e7-5fa3cf3e1c564"
x-powered-by
W3 Total Cache/2.5.0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BltoVT5srQeEx94yBNX4%2F4BirFeZXdlgn%2Fam5mets9JaTgekpkvbSVOyhT%2Fgo4ihdVsikS0QSA8xh6C%2F1hfFY1FZ%2BfN6YzF9fbfqcS4zK1m2BWw3SWKRdBuQA3WW4SYUXV09KXS%2FOp3ebX2eEuU40158Ewfw%2BO4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, must-revalidate, proxy-revalidate
cf-ray
821ce4d5ce78371c-FRA
alt-svc
h3=":443"; ma=86400
Golo-Mu%CC%88hr-Headshot.png
securityintelligence.com/wp-content/uploads/2021/06/
9 KB
9 KB
Image
General
Full URL
https://securityintelligence.com/wp-content/uploads/2021/06/Golo-Mu%CC%88hr-Headshot.png
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.5.0
Resource Hash
e29570cc8b7dff7da0cf3846fb7e636b24ba9f0335830b126d61f466a72cf9a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.5.0
alt-svc
h3=":443"; ma=86400
content-length
8710
pragma
public
referrer-policy
same-origin
last-modified
Tue, 29 Jun 2021 14:36:07 GMT
server
cloudflare
etag
"2206-5c5e886c491e3"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=26O1PExR6FHvGLG6kTKT3hERihgd3XjK%2FnsjFRwemJs96N%2BPdbFJU1YG%2BDcJddu4tsjUsjzH6M%2FWPAg%2FQnzoV1mAfErbGkVqxNGkVkWMhq%2BMPxFnxu5W5AU2boECANNnwHoB9gJIRKzetjkypyMvbHmpganvjls%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, must-revalidate, proxy-revalidate
x-webp-express
Redirected directly to existing webp
accept-ranges
bytes
cf-ray
821ce4d5de93371c-FRA
Zaboeva_8-JUN-20.jpeg
securityintelligence.com/wp-content/uploads/2020/06/
12 KB
13 KB
Image
General
Full URL
https://securityintelligence.com/wp-content/uploads/2020/06/Zaboeva_8-JUN-20.jpeg
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.5.0
Resource Hash
d1af2872827294dc5109471ef33290c54f5f8426acc8632cda14db72a5368d85

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.5.0
alt-svc
h3=":443"; ma=86400
content-length
12364
pragma
public
referrer-policy
same-origin
last-modified
Mon, 08 Jun 2020 16:07:30 GMT
server
cloudflare
etag
"304c-5a794ceda1e65"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oMx13MveGDt3fObr8CbbJdB3%2BirChWgzfOxuYmZmWoRREPEQp30%2FMrVO4iwQ6oGNzyipghiokHwqrRQDyQMkPoRDWoaf7xGfHEiFJmcbETi17w3%2FHYR3LaQG%2BjvvfQWrcs%2FkKNHU6hBSBNCBpIyW39Xcin3DuSU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, must-revalidate, proxy-revalidate
x-webp-express
Redirected directly to existing webp
accept-ranges
bytes
cf-ray
821ce4d5de97371c-FRA
IMG_6039-scaled.jpg
securityintelligence.com/wp-content/uploads/2023/10/
367 KB
368 KB
Image
General
Full URL
https://securityintelligence.com/wp-content/uploads/2023/10/IMG_6039-scaled.jpg
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.5.0
Resource Hash
4486175c960172520f189c0dd9036f440fde56a7ef6c93263bbab91e3e6d9172

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.5.0
alt-svc
h3=":443"; ma=86400
content-length
375786
pragma
public
referrer-policy
same-origin
last-modified
Tue, 24 Oct 2023 20:42:35 GMT
server
cloudflare
etag
"5bbea-6087c60f3653a"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kaemv25sIxBj%2B2pRpydyqaYupq8lpTn8LpYAwMvzroI%2FDIvBrk1AKd%2BXLIqyalZEBY%2BYPndJumtUuKQmnULNKV4jNd0s7U3cQ3rTC4E8X6KDYvFYG5rpXVlhiRuLDID%2BQ4tNahInPW2z8t7aK3j%2BbeJABbDepCE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, must-revalidate, proxy-revalidate
x-webp-express
Redirected directly to existing webp
accept-ranges
bytes
cf-ray
821ce4d5de98371c-FRA
zYX9KVElMYYaJe8bpLHnCwDKjR7_AIFsdA.woff2
fonts.gstatic.com/s/ibmplexsans/v19/
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v19/zYX9KVElMYYaJe8bpLHnCwDKjR7_AIFsdA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:200,300,400,500,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea7f53d0f3c0177b20a3604c7263e406013ea8def4fa82f7a09361a8ac6845c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:55:30 GMT
x-content-type-options
nosniff
age
404137
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20716
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:58:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Oct 2024 18:55:30 GMT
Gg8lN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHYapyK4.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v14/
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ibmplexsanscondensed/v14/Gg8lN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHYapyK4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans+Condensed:300,400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
374c61fb8261a766c9a6d5d78a36047aa8f82ac86e5811008d3131de82795413
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 21:52:25 GMT
x-content-type-options
nosniff
age
220722
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19828
x-xss-protection
0
last-modified
Wed, 26 Apr 2023 23:35:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Nov 2024 21:52:25 GMT
Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY4S7bvspYY.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v14/
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ibmplexsanscondensed/v14/Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY4S7bvspYY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans+Condensed:300,400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e50fd20cc0430024ee9914d1b372f4d98d4490712ca7eb0cda9d786e3a2b07d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 22:26:07 GMT
x-content-type-options
nosniff
age
305100
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19428
x-xss-protection
0
last-modified
Wed, 26 Apr 2023 23:28:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Nov 2024 22:26:07 GMT
Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY527LvspYY.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v14/
19 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ibmplexsanscondensed/v14/Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY527LvspYY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans+Condensed:300,400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdf398f0b57b04f7174b818d55ed5b1d0462802e2cd327aac8c11d2602ef39ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 17:46:12 GMT
x-content-type-options
nosniff
age
494695
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19944
x-xss-protection
0
last-modified
Wed, 26 Apr 2023 23:34:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Oct 2024 17:46:12 GMT
zYX9KVElMYYaJe8bpLHnCwDKjSL9AIFsdA.woff2
fonts.gstatic.com/s/ibmplexsans/v19/
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v19/zYX9KVElMYYaJe8bpLHnCwDKjSL9AIFsdA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:200,300,400,500,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5ef914e59b0047a261844d96acabb60c34d3acab6b85ea24198726ce4781fd37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 16:38:56 GMT
x-content-type-options
nosniff
age
412331
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20064
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:58:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Oct 2024 16:38:56 GMT
carbon-element.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/
32 KB
8 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/carbon-element.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
a550027dbe16ae842d3f4e3632f8ade0c352c147330698f518c38f8f87555989
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
39c31fce-2136-459f-8c0e-682f717a019c
content-length
8381
last-modified
Tue, 18 Apr 2023 01:06:20 GMT
server
Cleversafe
etag
"d20c717042ca6e86e8b66167330a4379"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
39c31fce-2136-459f-8c0e-682f717a019c
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
settings.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/
4 KB
1 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/settings.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
1ce57fe09c3a2b9bb5703bfb387c57a91be0baae1d219771455dd3f8e1503dca
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
8d5cde8a-6169-416f-9599-8580a1a73917
content-length
1177
last-modified
Tue, 18 Apr 2023 01:06:40 GMT
server
Cleversafe
etag
"cde7729aaec872785f415e59f9d38a34"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
8d5cde8a-6169-416f-9599-8580a1a73917
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
stable-selector.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/
5 KB
2 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/stable-selector.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
c23269df2b82f8486814488d21a8e6e1ed55afae34877a44fc2573a5914a3cb8
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
9e54bcfa-ab14-4233-bcd5-5efe2c7994db
content-length
1732
last-modified
Tue, 18 Apr 2023 01:06:40 GMT
server
Cleversafe
etag
"7e746dbccd83d336d34387680087702f"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
9e54bcfa-ab14-4233-bcd5-5efe2c7994db
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
content-section.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/
12 KB
4 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/content-section.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
1fad73efd1fa15b2d69d2ec0d65bf11d4d3bf5ed4681462c6ddf05b8259cfb5d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
d717c5f5-23e2-40d8-9254-6426d74b02a6
content-length
3936
last-modified
Tue, 18 Apr 2023 01:06:25 GMT
server
Cleversafe
etag
"db8e2dfc6a48cfdd3dd9d741f81a17cc"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
d717c5f5-23e2-40d8-9254-6426d74b02a6
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
button-group.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/
13 KB
4 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/button-group.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
148f5bd38cf3b8e0aec0003782dfbba92df960a30944bbe2f9f977213c762a5f
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
b7cf201e-f0ed-456d-a6ee-c711bb9898ed
content-length
4096
last-modified
Tue, 18 Apr 2023 01:06:20 GMT
server
Cleversafe
etag
"da3a74018492d21a651bae65dd688d8e"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
b7cf201e-f0ed-456d-a6ee-c711bb9898ed
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
button-group-item.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/
127 KB
16 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/button-group-item.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
70c35a3b3b36b2fc6bfa0561f148268064ecc7ccf10e336bf3b91540326a647a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
89d4ecd6-afe0-4982-ac85-e95251d13aea
content-length
15815
last-modified
Tue, 18 Apr 2023 01:06:20 GMT
server
Cleversafe
etag
"df113add096d9452599f6378cbb29586"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
89d4ecd6-afe0-4982-ac85-e95251d13aea
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
button-cta.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/
12 KB
4 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/button-cta.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
7bb85c6b3eb442173f57214a267449e51548381a82fedb86428812815d0ec64c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
fccdfc39-76d0-4c71-9504-6805ae08340e
content-length
3973
last-modified
Tue, 18 Apr 2023 01:06:20 GMT
server
Cleversafe
etag
"035ecc3241fde544862020321e3e32b2"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
fccdfc39-76d0-4c71-9504-6805ae08340e
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
text-cta.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/
13 KB
4 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/text-cta.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
055242be429679afbdc44ca60d2060eff0d478b817102a347105adc5bbb6f90a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
cbb74bff-bcb4-4772-b60e-667b8a63ac53
content-length
4180
last-modified
Tue, 18 Apr 2023 01:06:41 GMT
server
Cleversafe
etag
"ff75975d2411b24d42ae5d3d6ce886c5"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
cbb74bff-bcb4-4772-b60e-667b8a63ac53
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
cta-block-item.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/
283 KB
29 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-block-item.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
bb91a3d6fa4ce291537aa3a50eccedf2fd8c79c98f89083a9fae9aad5b106f8d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
676999b6-840a-42f9-becc-6610cf6bf6dd
content-length
28922
last-modified
Tue, 18 Apr 2023 01:06:25 GMT
server
Cleversafe
etag
"fbcfcc78d5c6436ed00bff92f613ab38"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
676999b6-840a-42f9-becc-6610cf6bf6dd
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
content-item.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/
13 KB
4 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/content-item.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
cde8866183a768c3e0b93a8ff2efb0c999e65029ca02d853f5798bedb3a41095
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
d4510091-5bd1-47fd-a6a5-bac1161ff196
content-length
4028
last-modified
Tue, 18 Apr 2023 01:06:24 GMT
server
Cleversafe
etag
"00741a023f3588933358211859a90162"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
d4510091-5bd1-47fd-a6a5-bac1161ff196
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
content-item-copy.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/
12 KB
4 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/content-item-copy.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
d6919a40101e75c8accad2e0e756dc04e61a582c3f33ccfd51dd2593418e11fe
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
e722c92b-a703-4efc-ac36-5278f006710d
content-length
3863
last-modified
Tue, 18 Apr 2023 01:06:24 GMT
server
Cleversafe
etag
"8cfee48262c0020a5dbd8fdbe6d7c7be"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
e722c92b-a703-4efc-ac36-5278f006710d
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
content-item-heading.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/
12 KB
4 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/content-item-heading.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
a93ccf89475f83336712a14da8d52d2d4a8f1b93e62465507e5e74fec5857860
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
8e833a52-c0b1-439f-880e-c67259d093e3
content-length
3869
last-modified
Tue, 18 Apr 2023 01:06:24 GMT
server
Cleversafe
etag
"19f5ae5a4d8ede510d5b62c0b90f5435"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
8e833a52-c0b1-439f-880e-c67259d093e3
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
content-item-paragraph.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/
11 KB
4 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/content-item-paragraph.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
45725f6aba012413709dd5927c4af00fe05e56d69da79134e4f8fb747450d897
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
16ea055b-4752-4e9f-9b3a-a3917d72836b
content-length
3592
last-modified
Tue, 18 Apr 2023 01:06:24 GMT
server
Cleversafe
etag
"554236d004b11bf9916c077dd44425c7"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
16ea055b-4752-4e9f-9b3a-a3917d72836b
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
content-block-heading.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/
12 KB
4 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/content-block-heading.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
3cc6d6cbbcb082f1536061bb5cd7387b729b62f147a461b7201156eb1d10c7a2
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
fc5d85c5-bbd7-4e0f-9b3c-d6bb2c707328
content-length
3952
last-modified
Tue, 18 Apr 2023 01:06:23 GMT
server
Cleversafe
etag
"cebc609089e0485a433aa3ee264c29e8"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
fc5d85c5-bbd7-4e0f-9b3c-d6bb2c707328
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
content-block-copy.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/
12 KB
4 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/content-block-copy.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
061d68548d70b449039f082ba0e4d8b5931e37eb74f0c1a1784a0fa83369476f
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
998e352d-6487-4334-8d95-63b6f462ba15
content-length
3926
last-modified
Tue, 18 Apr 2023 01:06:23 GMT
server
Cleversafe
etag
"4899367e48dea17d482254adfbb3a51f"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
998e352d-6487-4334-8d95-63b6f462ba15
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
content-section2.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/
81 KB
9 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/content-section2.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
6be62c2f8d5edfd48f4d8de499432b74c846ad441c4edf63d0d4a68f14a3d368
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
542268b2-3208-4d15-80b1-29ba2a456535
content-length
8977
last-modified
Tue, 18 Apr 2023 01:06:25 GMT
server
Cleversafe
etag
"cfe52852586fa6bff9274171763d3173"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
542268b2-3208-4d15-80b1-29ba2a456535
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
defs3.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/
4 KB
1 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/defs3.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
687a057c92b4f6239167f336f96e053988db59f36e61c906ae61a85d0abe5896
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
210dada7-e8d4-427f-b1d9-7b654ef0e376
content-length
1188
last-modified
Tue, 18 Apr 2023 01:06:25 GMT
server
Cleversafe
etag
"9a6e5108e0e1a3893faa94d34ea7053a"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
210dada7-e8d4-427f-b1d9-7b654ef0e376
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
settings3.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/
3 KB
1 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/settings3.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
1fb80047319fc7f35bf012bb331440197f1c7c9f4928a7d73e77f961985a5412
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
71c332ac-92d5-4101-bc31-6fe5837e03dc
content-length
1026
last-modified
Tue, 18 Apr 2023 01:06:40 GMT
server
Cleversafe
etag
"5333197840d4b7a87e4f21ba3dfdf368"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
71c332ac-92d5-4101-bc31-6fe5837e03dc
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
button.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/
81 KB
11 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/button.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
f42d85a1fbec8757d847b58ea0138e7c8a93e6769af086f4a1cf9dc46b5e6fa4
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
ce8171f9-a794-43e7-86ec-5a4e662db97e
content-length
11106
last-modified
Tue, 18 Apr 2023 01:06:20 GMT
server
Cleversafe
etag
"4141e1de4422846f393b225f03325a6e"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
ce8171f9-a794-43e7-86ec-5a4e662db97e
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
class-map.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/
5 KB
2 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/class-map.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
68969bac2a1db27ac853c8c231e8031bbd53afc29379ab0e4ee68a20fb85bafc
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
bde2ad11-8e6a-42b1-8710-ac7444250b78
content-length
1477
last-modified
Tue, 18 Apr 2023 01:06:22 GMT
server
Cleversafe
etag
"a8174435cbb707f6375d73df5ab7bdcb"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
bde2ad11-8e6a-42b1-8710-ac7444250b78
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
if-non-null.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/
3 KB
1 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/if-non-null.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
835de0b00f5d8ea56795085cefcaf53d6017c132e081129f100188e005d6f2b3
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
f5c072a6-f2a2-4de2-ba17-a0bb4de388d7
content-length
1040
last-modified
Tue, 18 Apr 2023 01:06:27 GMT
server
Cleversafe
etag
"572f7b1bb3ac9dd2a96bb37d30adf228"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
f5c072a6-f2a2-4de2-ba17-a0bb4de388d7
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
if-defined.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/
4 KB
1 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/if-defined.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
438836179e58da34ffa952d54044cd6418887f212dcd9cbdbfb1e184f6d2d03b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
cbba1fcd-8ad5-4dc7-af26-73b535300a34
content-length
1149
last-modified
Tue, 18 Apr 2023 01:06:27 GMT
server
Cleversafe
etag
"88f65872495e7597e4e7b3fa0f38b002"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
cbba1fcd-8ad5-4dc7-af26-73b535300a34
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
focus.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/
3 KB
1 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/focus.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
65abc7b0e6de94afe1a08ad5ca902eae3e8ddca70f632cf80c304d39c5a4434e
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
ecabbc0a-6ef3-498a-9191-a62562adc148
content-length
1109
last-modified
Tue, 18 Apr 2023 01:06:26 GMT
server
Cleversafe
etag
"b72c1d6e4f4dbb16710847371cc20a35"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
ecabbc0a-6ef3-498a-9191-a62562adc148
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
settings2.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/
5 KB
2 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/settings2.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
d9df6451975419c0b0f7b076b048cf03e83262c6643940a0d6ab5f976028a353
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
21716820-1ec2-4aae-a388-53092df243d4
content-length
1469
last-modified
Tue, 18 Apr 2023 01:06:40 GMT
server
Cleversafe
etag
"acc037b12dbec89bd6f704cebe41430a"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
21716820-1ec2-4aae-a388-53092df243d4
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
formatVideoCaption.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/
3 KB
1 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/formatVideoCaption.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
87aa7e8eecbcc64fcd6878351518a72c7e495269e206cb10472959d50d6c8f95
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
58f15851-5fde-4d82-8e1d-ac65220edf6d
content-length
1194
last-modified
Tue, 18 Apr 2023 01:06:26 GMT
server
Cleversafe
etag
"e92dfc66fbdcc126f98c0b3ad63ca8d1"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
58f15851-5fde-4d82-8e1d-ac65220edf6d
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
video.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/
13 KB
4 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/video.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
7a3a1a24324b661e918681982552dba1b617b5f0313344dcce1bc39fd36f773f
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
a174f8d5-469e-4d70-8c79-8bdec60b4b56
content-length
3515
last-modified
Tue, 18 Apr 2023 01:06:41 GMT
server
Cleversafe
etag
"fff6c80a0f6118336d8c50b3bbcfefd1"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
a174f8d5-469e-4d70-8c79-8bdec60b4b56
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
203.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/
4 KB
2 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/203.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
636c039cd55a93fd5f45174a3ad250ea24413e065b509bfed3b06d9644d0896c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
68ef33db-8c7c-4159-949a-9fc4647bc13b
content-length
1242
last-modified
Tue, 18 Apr 2023 01:06:20 GMT
server
Cleversafe
etag
"82591de9ad2c4449741055ef5df433e8"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
68ef33db-8c7c-4159-949a-9fc4647bc13b
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
spread.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/
4 KB
2 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/spread.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
a5468ad5750d7374997aefbfe093ae29c3ee7dfc8ec5f51702c40eb6b90f91ae
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
4de55ca9-ac09-4e85-84ed-ab251fb5c496
content-length
1268
last-modified
Tue, 18 Apr 2023 01:06:40 GMT
server
Cleversafe
etag
"04e35c4d36a747a803aea55b77299545"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
4de55ca9-ac09-4e85-84ed-ab251fb5c496
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
defs2.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/
4 KB
2 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/defs2.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
f059a5aa0a112fddeea0086027cdfb5c4c612a2e6d86e7e430213093b7425424
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
f7d0e330-ccc3-46e1-92a5-36b56b33ba55
content-length
1236
last-modified
Tue, 18 Apr 2023 01:06:25 GMT
server
Cleversafe
etag
"fdd56e1ed8819aea706b71fa428ff807"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
f7d0e330-ccc3-46e1-92a5-36b56b33ba55
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
cta.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/
232 KB
23 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
f976589b67405bbc6b9c773eaf742662f600465db7843d1e70100bb8f3c173cf
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
85f87608-e9fc-42d0-836f-b86976fdaf50
content-length
23480
last-modified
Tue, 18 Apr 2023 01:06:25 GMT
server
Cleversafe
etag
"48fbd3dc2b37e763662be3628c26706d"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
85f87608-e9fc-42d0-836f-b86976fdaf50
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
link-with-icon.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/
136 KB
17 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/link-with-icon.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
480ee17ae9bd1943c860d3ca42f244b02462071cbf31bbf06e314f37bad84b99
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
49211dec-a5b5-449f-8bf6-95590fc25d52
content-length
16637
last-modified
Tue, 18 Apr 2023 01:06:30 GMT
server
Cleversafe
etag
"c8f396f454f8c754b8aef2fe35fb23d4"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
49211dec-a5b5-449f-8bf6-95590fc25d52
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
link.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/
12 KB
4 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/link.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
b6b223048d53962ba8887fa17fd057385058f87474cd247e974ec87c2df4d693
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
3fe0a303-5b7f-4d0c-8949-b5018d26e59e
content-length
3680
last-modified
Tue, 18 Apr 2023 01:06:30 GMT
server
Cleversafe
etag
"39f60bca545a4339b05602b1d50fc3ea"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
3fe0a303-5b7f-4d0c-8949-b5018d26e59e
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
decorate.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/
10 KB
4 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/decorate.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
591a6a94143a5b8cbdd7fe5551d441d899ddfb6448737be08941f7f4373222c1
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
4b30883d-10f9-4fd4-9d00-1947bfc2f3b9
content-length
3294
last-modified
Tue, 18 Apr 2023 01:06:25 GMT
server
Cleversafe
etag
"2bb4ff5160fed9d028c8a8e7eebb3162"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
4b30883d-10f9-4fd4-9d00-1947bfc2f3b9
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
toPropertyKey.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/
4 KB
2 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/toPropertyKey.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
73f701d7eed1b391a0387b4337cb71fd5ac4cae4cdd90baa4a8e30eab0ba413d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
5cba640a-6ea1-48be-92dd-02e0c822376f
content-length
1242
last-modified
Tue, 18 Apr 2023 01:06:41 GMT
server
Cleversafe
etag
"1d42be3474c21a2f0f4ac6998a2f7528"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
5cba640a-6ea1-48be-92dd-02e0c822376f
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
defs.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/
3 KB
1 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/defs.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
1c227006efb1fba0e36bb30543339fb562dca62f378baa11ec8b8ddfc8b97cd4
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
031146f5-550c-4493-b0f8-7c0bfe0e517a
content-length
1077
last-modified
Tue, 18 Apr 2023 01:06:25 GMT
server
Cleversafe
etag
"3a22828140e3312aacb0df7057f0dbd4"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
031146f5-550c-4493-b0f8-7c0bfe0e517a
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
content-block.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/
14 KB
5 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/content-block.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
ebd04a96b54329b8a1254bc7bd0e1479415c2f4b5e475216c7658a5874c1b071
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
1565acaf-c277-4aac-b30f-e2ddb150235b
content-length
4356
last-modified
Tue, 18 Apr 2023 01:06:23 GMT
server
Cleversafe
etag
"ccc15c868cf5de9923b5df2de6b5bccd"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
1565acaf-c277-4aac-b30f-e2ddb150235b
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
content-block2.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/
145 KB
16 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/content-block2.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
391dc528a428a16f90b7ba966a0ed85d1ada1fbcf828c24ad3eb9b02d91f33fd
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
47f0654b-339b-46e9-87eb-becd34a474b4
content-length
16244
last-modified
Tue, 18 Apr 2023 01:06:23 GMT
server
Cleversafe
etag
"e87e4241d1d98146ad13d7347705c74a"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
47f0654b-339b-46e9-87eb-becd34a474b4
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
sameHeight.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/
3 KB
1 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/sameHeight.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
84d1bf4cd5b5fefe99357eac6db2f21c1e0e579112ffce60b2c69cd098f3ebeb
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
6faff587-c875-4bcc-af5f-b2d554fde17e
content-length
1191
last-modified
Tue, 18 Apr 2023 01:06:39 GMT
server
Cleversafe
etag
"3a2459c72ffe9fa4600a02bef9bc7d04"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
6faff587-c875-4bcc-af5f-b2d554fde17e
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
index4.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/
3 KB
1 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/index4.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
808e3f3b08cb517cabda3690db1ba2ba69c39f0a8b201aa7ad57114485d9181f
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
4444c7b3-290e-4041-ac6f-f31ac7bb7f30
content-length
1113
last-modified
Tue, 18 Apr 2023 01:06:27 GMT
server
Cleversafe
etag
"90293045e674b60df4d205343c8a9d4b"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
4444c7b3-290e-4041-ac6f-f31ac7bb7f30
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
parent-visibility.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/
4 KB
2 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/parent-visibility.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
60ed749d6f5cfc6cbaef111aeee9a3d3fc37807555bc3152210b1a7824fa8872
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
c647ff00-2f03-415c-a69e-cbd5576d53d5
content-length
1280
last-modified
Tue, 18 Apr 2023 01:06:32 GMT
server
Cleversafe
etag
"04405a69245bbac18c5cbb9f0109f18d"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
c647ff00-2f03-415c-a69e-cbd5576d53d5
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
tab.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/
448 KB
38 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/tab.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
4e57cf766447c0f0f0473dd492b395ea0e401261811c8f8218faac081a107a8b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
3bc13cc7-4f9d-43d2-85bd-cb75ff976d59
content-length
38107
last-modified
Tue, 18 Apr 2023 01:06:40 GMT
server
Cleversafe
etag
"76b8d9ca7e5442d036bea6c77b4d5a36"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
3bc13cc7-4f9d-43d2-85bd-cb75ff976d59
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
content-item2.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/
133 KB
15 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/content-item2.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
2474929d0b22a0b5083acba9ee9f6e50e0e68d0f8fe0001468af372ceb237a21
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
f834c58d-0e28-4272-801d-050039a98992
content-length
14572
last-modified
Tue, 18 Apr 2023 01:06:24 GMT
server
Cleversafe
etag
"29f26189a194b440599996533d019fc9"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
f834c58d-0e28-4272-801d-050039a98992
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
markdown.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/
24 KB
7 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/markdown.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
b2892b1c7e5dba9aa27ca9559244807f20538bd11574076962478a06cf08e0d0
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
82fb919d-1791-418c-96f5-ae6a9c094a3a
content-length
6818
last-modified
Tue, 18 Apr 2023 01:06:30 GMT
server
Cleversafe
etag
"6a5d889e73f8b5b5f7a696afc6bdc3e4"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
82fb919d-1791-418c-96f5-ae6a9c094a3a
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
unsafe-html.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/
4 KB
2 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/unsafe-html.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
4676df23d89cb1eb3ccc4355ad76e8b03f913b27333d24fa9137d7902492f6d7
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
93c1e3bf-e8ab-4442-916f-4dae68b59bd9
content-length
1230
last-modified
Tue, 18 Apr 2023 01:06:41 GMT
server
Cleversafe
etag
"cba06ca2f3cb0175773f14502ea9a0bb"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
93c1e3bf-e8ab-4442-916f-4dae68b59bd9
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
get.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/
4 KB
1 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/get.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
5790f65182367ee37e03f746cb278c50d07f2224d9658c34b98c2d8f8f60dc61
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
c5ad83bc-8304-4d2b-9681-e34fdbc0905e
content-length
1214
last-modified
Tue, 18 Apr 2023 01:06:26 GMT
server
Cleversafe
etag
"1aff1c6dae84498454e38a819070dc22"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
c5ad83bc-8304-4d2b-9681-e34fdbc0905e
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
marked.umd.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/
72 KB
25 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/marked.umd.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
df5e72491de42d519d782711ffe4b0914a57585f13235927db42324c5c8b8154
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
157f90d9-9761-4bb1-9e02-31d25a3c7bc8
content-length
25350
last-modified
Tue, 18 Apr 2023 01:06:30 GMT
server
Cleversafe
etag
"1976addcda8f882f66fd3eb6cc68184b"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
157f90d9-9761-4bb1-9e02-31d25a3c7bc8
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
_commonjsHelpers.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/
3 KB
1 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/_commonjsHelpers.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
d566b0df5ed3c4e90da21a0ee58cce6cbd0d3259bb0f98bb31d524b00c0e9afc
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
e2aa8bad-dcd5-4b4f-aa1a-f19decda04bc
content-length
1106
last-modified
Tue, 18 Apr 2023 01:06:18 GMT
server
Cleversafe
etag
"1a3b850c975b04227ccbdde9bacde7dc"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
e2aa8bad-dcd5-4b4f-aa1a-f19decda04bc
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
striptags.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/
5 KB
2 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/striptags.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
d8bc2fabd324a865fb6f11276bc6b7517f8c66e637f1b585b1a2a568a7065112
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
28ac32a4-d050-45ae-988d-685a579e637f
content-length
1749
last-modified
Tue, 18 Apr 2023 01:06:40 GMT
server
Cleversafe
etag
"03431af3cc4749dd205df026756a22c9"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
28ac32a4-d050-45ae-988d-685a579e637f
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
stripHTML.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/
3 KB
1 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/stripHTML.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
131637e802df8efe821db2e04e2d5fbf8156e8dfd21c86f7568e0ed55c5ffa6a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
ce7dd165-092d-4c8f-8eff-1a1635c40375
content-length
1087
last-modified
Tue, 18 Apr 2023 01:06:40 GMT
server
Cleversafe
etag
"5cc450f0b54da43ffe3db40586321992"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
ce7dd165-092d-4c8f-8eff-1a1635c40375
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
content-block-paragraph.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/
11 KB
4 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/content-block-paragraph.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
60a69b71ca37f27f48a3ddf5ed1fd31e0ce2669ef9638654c9f5aaea2d60de5e
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
68cb74d7-f1ea-4d47-8e42-8dffe5d8c28e
content-length
3606
last-modified
Tue, 18 Apr 2023 01:06:23 GMT
server
Cleversafe
etag
"b8feb95690402e4bb84d8a8623a6a0dd"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
68cb74d7-f1ea-4d47-8e42-8dffe5d8c28e
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
button-group.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
13 KB
4 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/button-group.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
17f7dec0e77938aac0a94d62a97ad70ed43d4365da5b8edd49376583d25b28bc
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
919f2bf8-6b6e-49ca-af32-15e150bdb82e
content-length
4095
last-modified
Tue, 17 Oct 2023 20:37:56 GMT
server
Cleversafe
etag
"8589b5a93d61e76181432c495a316cb0"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
919f2bf8-6b6e-49ca-af32-15e150bdb82e
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
button-group-item.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
127 KB
16 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/button-group-item.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
e1a2ed0c708a2a9f8f96128e0f0ff4518dbf1af4e2f56276681273bb1659642f
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
65bd7a80-3e81-40a9-8a32-a198919323ca
content-length
15852
last-modified
Tue, 17 Oct 2023 20:37:56 GMT
server
Cleversafe
etag
"16b723cbc4d5e58a07e794079c47d537"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
65bd7a80-3e81-40a9-8a32-a198919323ca
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
button-cta.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
12 KB
4 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/button-cta.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
fd553f6229e34abb458572766f7c5693c7fbe509dfb24558f5d9e99532d3d9d0
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
d8adb700-e3d9-464b-89b3-1994ce8c5753
content-length
3973
last-modified
Tue, 17 Oct 2023 20:37:55 GMT
server
Cleversafe
etag
"db3941c3712f56b7c3a843eeefb85afd"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
d8adb700-e3d9-464b-89b3-1994ce8c5753
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
text-cta.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
13 KB
4 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/text-cta.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
9b6a8a47b2ee723329aaceb68a28e591c7da541832af19b6efda3310a46a8dbb
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
7cce671c-0859-4275-8cbb-819e16015249
content-length
4178
last-modified
Tue, 17 Oct 2023 20:38:19 GMT
server
Cleversafe
etag
"a00b6482bdea326ccbbab8c048412454"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
7cce671c-0859-4275-8cbb-819e16015249
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
cta-block-item.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
283 KB
29 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-block-item.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
2f22eeac4501bb24cd47630791adafd966bd0940d398def0c94b3f22767c7485
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
ad37f8cb-e448-4945-ab42-bc3e2f476d25
content-length
28938
last-modified
Tue, 17 Oct 2023 20:38:01 GMT
server
Cleversafe
etag
"26cf2e870e40a79c2ce6befa817c5683"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
ad37f8cb-e448-4945-ab42-bc3e2f476d25
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
content-item.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
13 KB
4 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/content-item.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
fb4529cc42ed4fdee59dfb30fec6d069634cb6b3211c2274505e556c8be0cf3b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
415033f9-ae27-4e67-b61f-7bba8dc7eeaa
content-length
4028
last-modified
Tue, 17 Oct 2023 20:38:00 GMT
server
Cleversafe
etag
"3a2d5f4facf7a383384ed4e687575a02"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
415033f9-ae27-4e67-b61f-7bba8dc7eeaa
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
content-item-copy.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
12 KB
4 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/content-item-copy.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
8bfbc721b242454c04cd907419888ac023dc4c4f4986bd7b8cfa71194cde0821
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
d0fa86ba-c436-4208-b4b7-14c0f3f1ad45
content-length
3865
last-modified
Tue, 17 Oct 2023 20:38:00 GMT
server
Cleversafe
etag
"c1e12d04c638288a9134cb5f6d251ee5"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
d0fa86ba-c436-4208-b4b7-14c0f3f1ad45
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
content-item-heading.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
12 KB
4 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/content-item-heading.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
7f71745c11db1688fbefd3d72b7f748568b29fd2ca3ead276cdd08c95310b98c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
6cb35479-0377-4498-abd2-e8124c381f14
content-length
3869
last-modified
Tue, 17 Oct 2023 20:38:00 GMT
server
Cleversafe
etag
"30c30dbc416790cd7eb21a582e8da147"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
6cb35479-0377-4498-abd2-e8124c381f14
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
content-item-paragraph.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
11 KB
4 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/content-item-paragraph.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
426088c52a92325403e37c7799edcd262e67191849c6d4b564d82467c77097cd
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
99ddb07c-3fa5-422c-a8d5-ba86cb5c8f01
content-length
3592
last-modified
Tue, 17 Oct 2023 20:38:00 GMT
server
Cleversafe
etag
"c614994e77ad8dc3d58ce9e8c29b9b9a"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
99ddb07c-3fa5-422c-a8d5-ba86cb5c8f01
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
content-block-heading.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
12 KB
4 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/content-block-heading.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
6eb1725148073b0d97917b373c481dd25c2d4c07fdf00f1377a2591cddde3b50
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
680c649e-62a3-4be6-8c13-ac3ea18b2f98
content-length
3948
last-modified
Tue, 17 Oct 2023 20:37:58 GMT
server
Cleversafe
etag
"13cb349fec6b31dd9e11c8eb8158581d"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
680c649e-62a3-4be6-8c13-ac3ea18b2f98
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
content-block-copy.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
12 KB
4 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/content-block-copy.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
a5bb5196d568ccc436e40919b0daaefdbbec711bfcfdbf3a82930bbb58a7bd20
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
7c4cd83f-2836-4d71-8715-a10592043b06
content-length
3926
last-modified
Tue, 17 Oct 2023 20:37:58 GMT
server
Cleversafe
etag
"59c86a8e58415a41a98df633f75e6f24"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
7c4cd83f-2836-4d71-8715-a10592043b06
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
defs3.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
4 KB
1 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/defs3.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
f8f2ea1401819fe906dc24d499bec9d073c2f3757be8f5e3944432001b9556f9
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
f6f9414d-a23f-43c4-951a-cf6812b89f52
content-length
1188
last-modified
Tue, 17 Oct 2023 20:38:01 GMT
server
Cleversafe
etag
"d22f03d2654f63d18357561749b54036"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
f6f9414d-a23f-43c4-951a-cf6812b89f52
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
content-block.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
14 KB
5 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/content-block.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
212c50e5e49761927400c63fd6afa36d34cccfa0ed307d8d01a54bc1b1cf1af2
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
369bb1bf-9edb-409c-bf60-148f243495d5
content-length
4448
last-modified
Tue, 17 Oct 2023 20:37:59 GMT
server
Cleversafe
etag
"11b02631fee090ac99d6e9b11089e198"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
369bb1bf-9edb-409c-bf60-148f243495d5
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
content-block2.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
324 KB
32 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/content-block2.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
5c18e13e16f8f31e2072cb42c3b9b351ae354b14348385be05e59dc767be32a8
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
1c158188-0118-4d6c-8677-a5a897a06ce2
content-length
32615
last-modified
Tue, 17 Oct 2023 20:37:59 GMT
server
Cleversafe
etag
"0d3c2e854ea93c25f4ecb3af8ca5b538"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
1c158188-0118-4d6c-8677-a5a897a06ce2
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
parent-visibility.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
4 KB
2 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/parent-visibility.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
a3e9d686656f80308d448c7a438842e54adee5d370d304a458ec68168572e676
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
11b7db7d-7fee-49f8-b228-aa56a18594ac
content-length
1281
last-modified
Tue, 17 Oct 2023 20:38:09 GMT
server
Cleversafe
etag
"a6eb6a87f1bf71dc021b69be7e4b78c4"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
11b7db7d-7fee-49f8-b228-aa56a18594ac
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
tab.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
450 KB
38 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/tab.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
dd5588c8432d8f1630319a4d3a12d7f77adcf1e01e315a649275dca5e5921198
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
6d8cecdc-ad4b-4a0e-984a-47be600cbe00
content-length
38831
last-modified
Tue, 17 Oct 2023 20:38:18 GMT
server
Cleversafe
etag
"fc95b1b41aeb9ac08b2bd6c559aadd5a"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
6d8cecdc-ad4b-4a0e-984a-47be600cbe00
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
media-query.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
5 KB
2 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/media-query.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
52f565134d07b4351ba6593dc0b134653be0d9834fb21f4ccbe188e0750bdb06
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
62333196-10d9-4863-bc0b-11d8b5b6f651
content-length
1776
last-modified
Tue, 17 Oct 2023 20:38:07 GMT
server
Cleversafe
etag
"ea8613ebc3c0e3c7d062d6c4574b215f"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
62333196-10d9-4863-bc0b-11d8b5b6f651
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
content-item2.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
133 KB
15 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/content-item2.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
15f0de6f72f96c642c24a05c883f7e6bec2c8ab4f9c165ebe7fb2e447cca3f1b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
4e4d3185-73aa-4146-b8fb-7771f1eaacbb
content-length
14609
last-modified
Tue, 17 Oct 2023 20:38:00 GMT
server
Cleversafe
etag
"496be66775ff27f745804c23bec48fc8"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
4e4d3185-73aa-4146-b8fb-7771f1eaacbb
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
markdown.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
24 KB
7 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/markdown.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
1e02759d55df0cf6bfc3fae3f962a47c635693835441d8a83254d3a7600ddcbc
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
b6cbf5c0-f2e3-4f7d-87f0-0d7e41550665
content-length
6827
last-modified
Tue, 17 Oct 2023 20:38:07 GMT
server
Cleversafe
etag
"5caca5681a764b111493506891378f99"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
b6cbf5c0-f2e3-4f7d-87f0-0d7e41550665
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
unsafe-html.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
4 KB
2 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/unsafe-html.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
48d3bcb4f8e3b1e50266dfe8bbf41815b4043c450d0042bbf5c057a0ba34512e
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
5958719f-5302-4770-bfd8-6a146a7042dc
content-length
1230
last-modified
Tue, 17 Oct 2023 20:38:19 GMT
server
Cleversafe
etag
"3f9221a64dba8c0d199c9cb69d09b884"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
5958719f-5302-4770-bfd8-6a146a7042dc
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
get.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
4 KB
1 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/get.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
7ecbc1d3b6c0d537ea94cf1485a9a9ef2734fbc48fa977d911bc5ac499cda2fd
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
cb5d5759-22a3-4588-9ce1-69bd60280a3d
content-length
1214
last-modified
Tue, 17 Oct 2023 20:38:02 GMT
server
Cleversafe
etag
"c180ec8ad2db08c46cc6adee44ba8c4d"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
cb5d5759-22a3-4588-9ce1-69bd60280a3d
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
stripHTML.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
3 KB
1 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/stripHTML.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
7f09f7ed9350c681587c37e087601818e96a09bfccda3cf5f86daae2d9bab1a6
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
8a1182b3-ad49-488c-b77d-30c14b2e99f5
content-length
1087
last-modified
Tue, 17 Oct 2023 20:38:18 GMT
server
Cleversafe
etag
"764109a1a292a94add0bf80e8ef8593d"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
8a1182b3-ad49-488c-b77d-30c14b2e99f5
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
content-block-paragraph.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/
11 KB
4 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/content-block-paragraph.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
bd3c06907c8bae0fbe82d227181eb6aeb1f1e8c38b693e6bf403de980c2f2a42
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
37246aba-813d-4514-b4f7-467b9f69cf37
content-length
3606
last-modified
Tue, 17 Oct 2023 20:37:59 GMT
server
Cleversafe
etag
"1ae717c4c8f4a5fbc229ef707ce4e0f8"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
37246aba-813d-4514-b4f7-467b9f69cf37
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
button-group.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
13 KB
4 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/button-group.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
d75c0f8978966c8154b1898447d2c3bff7f7880dee71f5e22394dd278709e30e
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
81fbd55f-d05c-4fcd-8bf5-9932517d9647
content-length
4095
last-modified
Sat, 04 Nov 2023 23:59:27 GMT
server
Cleversafe
etag
"623724585a649d278db139d851176f32"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
81fbd55f-d05c-4fcd-8bf5-9932517d9647
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
button-group-item.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
127 KB
16 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/button-group-item.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
564350298257685a411a43eee8fa2b604d88fdce7861a2044cef95265c68b76d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
09bb9557-7e9a-4338-afdb-710d1e49b708
content-length
15852
last-modified
Sat, 04 Nov 2023 23:59:27 GMT
server
Cleversafe
etag
"3a561a95a4c272b73feca62b1bd0faa4"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
09bb9557-7e9a-4338-afdb-710d1e49b708
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
button-cta.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
12 KB
4 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/button-cta.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
1b1fa2a35d5a9f824bd85d608b88e43d317c199183194eb43996ee637b839f4b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
176f7c86-6b55-4317-ac3b-85bfac32f8ad
content-length
3973
last-modified
Mon, 06 Nov 2023 00:58:03 GMT
server
Cleversafe
etag
"3d58d725c34a5d64c1cebf7e455fc144"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
176f7c86-6b55-4317-ac3b-85bfac32f8ad
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
text-cta.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
13 KB
4 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/text-cta.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
e815dc84458bd7c80ac84e100f9f43bdb5dbe30eb05602d0a43ee4543954dd25
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
3658cf83-0d1f-49d6-87eb-1046f810b662
content-length
4178
last-modified
Sat, 04 Nov 2023 23:59:58 GMT
server
Cleversafe
etag
"1461cf4efd6a2c395f9cac05cece9798"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
3658cf83-0d1f-49d6-87eb-1046f810b662
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
cta-block-item.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
283 KB
29 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-block-item.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
980fa871d6613703024ce03aa34947ccf2528898ebfe6ae4abf737fea1c70576
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
733fd927-abfa-4a87-bcfd-20623148d4ef
content-length
28938
last-modified
Sat, 04 Nov 2023 23:59:33 GMT
server
Cleversafe
etag
"a5d0c6d1d6f588bc40acb8d93440252a"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
733fd927-abfa-4a87-bcfd-20623148d4ef
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
content-item.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
13 KB
4 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/content-item.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
d9eb3620b0e35fc8349466d2d382faa3b13fbd137ab9bcdf1c9bb4db9260f068
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
d678b128-4016-4538-84aa-866564b51f3c
content-length
4028
last-modified
Mon, 06 Nov 2023 00:58:08 GMT
server
Cleversafe
etag
"20c36162447bab8d8941871e8c342eb5"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
d678b128-4016-4538-84aa-866564b51f3c
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
content-item-copy.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
12 KB
4 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/content-item-copy.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
1f0efadddd89ddc54651d7ecfb4792d73462f2af62e809d5612adfffa33e4377
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
f3592ce4-6dc1-465f-98d8-dc84e0dee91c
content-length
3863
last-modified
Sat, 04 Nov 2023 23:59:32 GMT
server
Cleversafe
etag
"c321835e22939029890cd886e338fcff"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
f3592ce4-6dc1-465f-98d8-dc84e0dee91c
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
content-item-heading.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
12 KB
4 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/content-item-heading.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
a1f055f566ed4e872a988ead5038d7c08238381f7110bbebb5fd99ae0f0ccb34
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
a4085b98-c624-4ddf-8cd6-ef31eff27ce4
content-length
3869
last-modified
Mon, 06 Nov 2023 00:58:08 GMT
server
Cleversafe
etag
"29e3dbde50fd786ee16bd7dc9b23808e"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
a4085b98-c624-4ddf-8cd6-ef31eff27ce4
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
content-item-paragraph.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
11 KB
4 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/content-item-paragraph.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
62e24cb66cffae1d26a2a4eb4a3f4678591221fe2a6dbc81c8be8d549e3bc943
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
79c8fc67-2781-419a-9456-1b56bc4dc1ac
content-length
3592
last-modified
Mon, 06 Nov 2023 00:58:08 GMT
server
Cleversafe
etag
"4123c14122fe43244ef88345021bf7fc"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
79c8fc67-2781-419a-9456-1b56bc4dc1ac
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
content-block-heading.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
12 KB
4 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/content-block-heading.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
ebcdf88c1b58ffdb73cda93d69d8c6cb5ce235720d7cf3aab7844732108e2f6a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
446a6912-56a1-4809-b449-f3e452f135aa
content-length
3948
last-modified
Sat, 04 Nov 2023 23:59:30 GMT
server
Cleversafe
etag
"e3f2e2efa83cca02a93a5d9e2f7aa3c5"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
446a6912-56a1-4809-b449-f3e452f135aa
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
content-block-copy.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
12 KB
4 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/content-block-copy.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
e911c1c29592016642ef86a35f49b5620c01186e3931017849a1aaf01382b017
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
042a1edd-f554-4282-b27f-1d7481fe87d0
content-length
3926
last-modified
Sat, 04 Nov 2023 23:59:30 GMT
server
Cleversafe
etag
"633cbc64718a3e704ca354b6ebe5a8f8"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
042a1edd-f554-4282-b27f-1d7481fe87d0
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
defs3.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
4 KB
1 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/defs3.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
235b2da6079701a9043404eebd3ceb370156d704859cdaea64e34e2857fb27f4
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
202f9c47-eb85-4eb9-8000-d6231f6504f2
content-length
1189
last-modified
Sat, 04 Nov 2023 23:59:33 GMT
server
Cleversafe
etag
"69d75ccff48b4c23c0ef621ad07316ad"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
202f9c47-eb85-4eb9-8000-d6231f6504f2
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
content-block.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
14 KB
5 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/content-block.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
3cb26aecbcb0ab73902996ac967561a39105fff68c60704563ebb31988045b42
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
1797ae94-a8ee-4898-8bd8-28996df6076a
content-length
4448
last-modified
Sat, 04 Nov 2023 23:59:31 GMT
server
Cleversafe
etag
"8dfcae652e11ace095033f76d13b7fd8"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
1797ae94-a8ee-4898-8bd8-28996df6076a
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
content-block2.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
324 KB
32 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/content-block2.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
d6257e6616817067a4eac9ccfde08391b99ac8bbd10b71100503b90e98f54cb9
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
f933f755-3e18-4a47-9f65-f437120ed9c8
content-length
32615
last-modified
Sat, 04 Nov 2023 23:59:31 GMT
server
Cleversafe
etag
"9b1355188b5e25e69cc46885982b1404"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
f933f755-3e18-4a47-9f65-f437120ed9c8
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
parent-visibility.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
4 KB
2 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/parent-visibility.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
cdc10319439d709fa2523b6d77efd436632016bad76e09909dbd4b5278a61a95
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
25cc8c02-3697-44c6-acdd-b709808708ec
content-length
1278
last-modified
Sat, 04 Nov 2023 23:59:43 GMT
server
Cleversafe
etag
"fb28b38e39fd502dff6f2f0002bf12ab"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
25cc8c02-3697-44c6-acdd-b709808708ec
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
tab.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
450 KB
38 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/tab.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
56eed3ffa433956003fd0b5399cdbed656c0fe673dba1606fd6bad7983fdf27b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
606b7c34-a2fb-4c0e-a44b-b8752f7f8b88
content-length
38831
last-modified
Mon, 06 Nov 2023 00:58:30 GMT
server
Cleversafe
etag
"8904bf58fe7a370ab15b08725c9406e0"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
606b7c34-a2fb-4c0e-a44b-b8752f7f8b88
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
media-query.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
5 KB
2 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/media-query.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
7693b4e3135a0c38f2e90307f31208b2e80c08af81c29a82c598cc21d4b66bdc
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
d1e2b6e2-c0e6-4480-8418-c25c9d43033f
content-length
1777
last-modified
Mon, 06 Nov 2023 00:58:16 GMT
server
Cleversafe
etag
"9ec6dc1125c92aa707faa74f535e8cfd"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
d1e2b6e2-c0e6-4480-8418-c25c9d43033f
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
content-item2.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
133 KB
15 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/content-item2.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
1f607f6ea04590a54c4a9ff68da5e7024495269df30e7eb7b7c4a1f9086ced30
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
2f9f4781-f538-4364-a81b-acd415d77f3f
content-length
14609
last-modified
Sat, 04 Nov 2023 23:59:33 GMT
server
Cleversafe
etag
"fe55ad14e08bdec988043efd69e63f58"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
2f9f4781-f538-4364-a81b-acd415d77f3f
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
markdown.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
24 KB
7 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/markdown.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
acb07175d9689a1f77812e3f7084f3c4a81ff5af643d52ce844ecfaaf57d2304
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
70507a59-7c6e-4107-82e7-fc5480bf593b
content-length
6827
last-modified
Mon, 06 Nov 2023 00:58:15 GMT
server
Cleversafe
etag
"7548ee2cb00358d44959acf15787e42d"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
70507a59-7c6e-4107-82e7-fc5480bf593b
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
unsafe-html.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
4 KB
2 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/unsafe-html.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
cae9dc673fd3e784807ded7f9ea32e0e1af1c85703c51df96f1ea1ad476842ad
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
c82a2265-0660-4aa2-9c2c-b43d92b57581
content-length
1230
last-modified
Mon, 06 Nov 2023 00:58:31 GMT
server
Cleversafe
etag
"e440334c6b864b60b2f333ea9057310b"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
c82a2265-0660-4aa2-9c2c-b43d92b57581
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
get.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
4 KB
1 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/get.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
95afa57ba7e6a5f7ce78794add7ef62f81e74dff72c5cd462549056e57164a5e
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
3e074579-449b-48bf-8d4e-410bd4f68425
content-length
1214
last-modified
Sat, 04 Nov 2023 23:59:35 GMT
server
Cleversafe
etag
"0ed792c4301840ae218535ace54cad80"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
3e074579-449b-48bf-8d4e-410bd4f68425
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
stripHTML.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
3 KB
1 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/stripHTML.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
d66510cf04fd3144574235a5b2153bd77d4581f6a6b04c4e6b5215471d0088c0
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
d22f2e61-7955-45df-acdd-3ecd120188ee
content-length
1087
last-modified
Mon, 06 Nov 2023 01:00:16 GMT
server
Cleversafe
etag
"4c6f8c9c79557c92b1e0fae427de307a"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
d22f2e61-7955-45df-acdd-3ecd120188ee
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
content-block-paragraph.js
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/
11 KB
4 KB
Script
General
Full URL
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/content-block-paragraph.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cleversafe /
Resource Hash
61c9fe25e18a8c392a0e05390bae9550820b882e6e15dfb0c7e0c1244ed7d6fa
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-amz-request-id
199c83d9-bdf5-419a-9f79-61d286b2b531
content-length
3606
last-modified
Sat, 04 Nov 2023 23:59:31 GMT
server
Cleversafe
etag
"294b89bebfdd5ad1f46f2984033be821"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-clv-request-id
199c83d9-bdf5-419a-9f79-61d286b2b531
cache-control
max-age=303
accept-ranges
bytes
x-clv-s3-version
2.5
expires
Mon, 06 Nov 2023 11:16:10 GMT
Mid-adult-woman-in-a-continuing-education-class-at-a-community-college-or-university-630x330.jpeg.webp
securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2023/10/
13 KB
14 KB
Image
General
Full URL
https://securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2023/10/Mid-adult-woman-in-a-continuing-education-class-at-a-community-college-or-university-630x330.jpeg.webp
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.5.0
Resource Hash
d3aad8e749f8742ae8e5d349f1e3a2eaf8e17b1d216f1d6bce025a08ce32b44a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1126
x-powered-by
W3 Total Cache/2.5.0
alt-svc
h3=":443"; ma=86400
content-length
13610
pragma
public
referrer-policy
same-origin
last-modified
Thu, 26 Oct 2023 13:00:07 GMT
server
cloudflare
etag
"352a-6089e26ae69aa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sz%2FU%2BiUWySJpVPgObt4HJ5fBBqMRYHIYjdOmJh3UDhUetdmCrxzij3bz434pSNJHFy%2B3IN4%2BozmBvBICYNhwxQVXptbpYYb7%2B0qnfJIkQm0aHYPfDeCFxxdDrYbYWW7BCJkA5IPCa8Cep4dEex%2BEK7prJAkqiMs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=1800, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
821ce4d76893371c-FRA
Security-breach-smartphone-screen-630x330.jpeg.webp
securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2023/10/
10 KB
10 KB
Image
General
Full URL
https://securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2023/10/Security-breach-smartphone-screen-630x330.jpeg.webp
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.5.0
Resource Hash
dc1385391e0ba0002cbc5874f44147a0912041f9a0d255a5c56ae942de394175

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1126
x-powered-by
W3 Total Cache/2.5.0
alt-svc
h3=":443"; ma=86400
content-length
9948
pragma
public
referrer-policy
same-origin
last-modified
Fri, 27 Oct 2023 13:00:05 GMT
server
cloudflare
etag
"26dc-608b2446e777f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MhK5lMwjycChxLphJovr5sW7hTXAXat5KKPw7rkCz2DmGogZjew06p8x%2BXuGhF0cGvDgtesQoW%2B7V1J6VmwmzZ4Lx0SjT%2FpCSrTYqGLSElVsSyDBzRqe5qAmgtAPDWTPap9NtPX%2FEBIRuwqUIiL3N2Z7VxqCb%2F8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=1800, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
821ce4d76895371c-FRA
Red-evil.-Wireframe-model-with-connection-lines-on-black-background-artificial-intelligence-in-futuristic-technology-concept-3d-illustration-630x330.jpeg.webp
securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2023/11/
5 KB
6 KB
Image
General
Full URL
https://securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2023/11/Red-evil.-Wireframe-model-with-connection-lines-on-black-background-artificial-intelligence-in-futuristic-technology-concept-3d-illustration-630x330.jpeg.webp
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.5.0
Resource Hash
4a47d11ab5ea77835041c9d1a96a7ae5c7a27963b1df3a78cc149e5b37d2b62b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:07 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
320
x-powered-by
W3 Total Cache/2.5.0
alt-svc
h3=":443"; ma=86400
content-length
5154
pragma
public
referrer-policy
same-origin
last-modified
Wed, 01 Nov 2023 22:05:02 GMT
server
cloudflare
etag
"1422-6091e768c0463"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FVNuCrxLpHVxhtcHFVvcxIuJ9%2F7NIDtSZKhfLbjb4i2%2BaNPEFcinGLMmR5YQVITfOrXaJKJ9fRITCYnHK9NJB1RX0fI%2BSxA8PQ4UKTkx8Ra92WD5Uf%2FF72ZCXkVJNB7uCwn4UdlVimuMcCUt4qgAY0C2eQ4l7TM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=1800, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
821ce4d76896371c-FRA
Cloud_300x600@2.png
securityintelligence.com/wp-content/uploads/2023/10/
32 KB
33 KB
Image
General
Full URL
https://securityintelligence.com/wp-content/uploads/2023/10/Cloud_300x600@2.png
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.5.0
Resource Hash
8ef96896569c8acc7e933e8cf9927898387cd4bd3824332c8257b3e0f1ec1704

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:08 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.5.0
alt-svc
h3=":443"; ma=86400
content-length
32810
pragma
public
referrer-policy
same-origin
last-modified
Thu, 26 Oct 2023 14:19:17 GMT
server
cloudflare
etag
"802a-6089f41d8f944"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IykYMvt7nNIcmOZW0TosPq4ZYH%2F0l1oWYwsf%2BXe9LRKS8g6kPrcQ9PDrMHy5Jc7LASRXGY6qJLmPWmX2pBkwJYd%2BW7ICcWuNbT5aDFawgYWN3qqmEPjAQGxcfX16AgE5ZFKq1nEhgwtZXoEe3mH%2F%2BTNNLDCNk1k%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, must-revalidate, proxy-revalidate
x-webp-express
Redirected directly to existing webp
accept-ranges
bytes
cf-ray
821ce4d76899371c-FRA
Zz1mMzU4Zjc4Mjc3N2MxMWVlYTlkMmJlNmMxNDFhOGEyZg==
images-cdn.welcomesoftware.com/
310 KB
311 KB
Image
General
Full URL
https://images-cdn.welcomesoftware.com/Zz1mMzU4Zjc4Mjc3N2MxMWVlYTlkMmJlNmMxNDFhOGEyZg==
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:8600:f:fcff:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
46a9d00c35d7ffad7b67ecb4039093ee9993e1ce3849cf353dc4536e62aca891

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 00:04:12 GMT
x-amz-version-id
Ztixxw6kZz8fFu46je6Hfpb8gPs2W_y5
via
1.1 033e374ece012797cbee0d505e2e61b4.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
age
558415
x-amz-server-side-encryption
AES256
x-cache-status
MISS
x-cache
Hit from cloudfront
content-length
317432
last-modified
Mon, 30 Oct 2023 23:35:04 GMT
server
nginx
etag
"b5f559f9dcebca50d95d491688c607f5"
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
0aWDWSR8h4PxCHSWrJ01jCFnC2UToQMXMZgp4zHJstMWCH2yig3s3Q==
ww.js
cdn.ampproject.org/rtv/012310201815000/
51 KB
14 KB
Fetch
General
Full URL
https://cdn.ampproject.org/rtv/012310201815000/ww.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ad5502f37296996e6af3b300b593c1262a3472f70b1431a52c7a9dee8dcdf7bc
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
text/plain
Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 30 Oct 2023 17:12:01 GMT
age
583146
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14438
x-xss-protection
0
server
sffe
etag
"712a1a277f716073"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 29 Oct 2024 17:12:01 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: analytics.newscred.com
URL: https://analytics.newscred.com/analytics_c7caef17012f48e99285467c1b6d8423.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 06 Nov 2023 09:51:32 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
4776
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 06 Nov 2023 11:51:32 GMT
dbdm-data
www-api.ibm.com/data-sync/
2 KB
2 KB
Script
General
Full URL
https://www-api.ibm.com/data-sync/dbdm-data?callback=_dl.fn.dataSync.callback
Requested by
Host: 1.www.s81c.com
URL: https://1.www.s81c.com/common/stats/ida_stats.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/ Express
Resource Hash
02d2a33c2b79cf4f005d12caec2f6637646d65070f8812971e27afbf26774913
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15768000
x-powered-by
Express
etag
W/"947-etwDgn0XcLwLa4RRpOx7ZidNUxg:dtagent10277231024135831URJW"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/javascript; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-timing
dtSInfo;desc="0", dtRpid;desc="-1651158943"
content-length
1815
x-xss-protection
1; mode=block
wp-emoji-release.min.js
securityintelligence.com/wp-includes/js/
18 KB
5 KB
Script
General
Full URL
https://securityintelligence.com/wp-includes/js/wp-emoji-release.min.js?ver=6.3.1
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.5.0
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:09 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.5.0
alt-svc
h3=":443"; ma=86400
content-length
5039
pragma
public
referrer-policy
same-origin
last-modified
Mon, 16 Oct 2023 17:29:25 GMT
server
cloudflare
etag
"4904-607d8bf612c22-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Vts%2FEdwR7MKlPqXiOAOi%2FetnAV5XwAxUMIiKdhtuVTrvX0l30bXKcdR2MwsCqv6hRudA4a5ea5PTVLz5AimRjkATws9QyiSomu3QY8xyDgxyS8XpNQqTJFHyOv2aAJ32ACD87ZTk%2FjXNMKBHZ1herZ5PMaHaSg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
821ce4e178ba371c-FRA
c6217dde-7723-40c6-ab34-2bd05aa01f24
https://securityintelligence.com/
51 KB
0
Other
General
Full URL
blob:https://securityintelligence.com/c6217dde-7723-40c6-ab34-2bd05aa01f24
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2a4718806f9ec16873181b7a80f0d8100f9eda5f95b34b98f09414e79ec6f9b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Length
52052
Content-Type
text/javascript
p_aeec88bacc21e72168bb2c7fcf9917eb7ead5ceaaef4f7ae9f96f4afd64d348e.js
tags.tiqcdn.com/dle/ibm/web/
3 B
413 B
Script
General
Full URL
https://tags.tiqcdn.com/dle/ibm/web/p_aeec88bacc21e72168bb2c7fcf9917eb7ead5ceaaef4f7ae9f96f4afd64d348e.js
Requested by
Host: 1.www.s81c.com
URL: https://1.www.s81c.com/common/stats/ida_stats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:f200:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id
nLbQyMlglyGoXodCndLd0t6DmRceuaJH
date
Mon, 06 Nov 2023 10:38:40 GMT
via
1.1 1a45d1e1304c39dfa9b034c2308f4976.cloudfront.net (CloudFront)
last-modified
Thu, 02 Mar 2023 22:20:41 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
age
1954
x-amz-server-side-encryption
AES256
etag
"b519d08ef66fd54910edbedba6181ec2"
vary
Accept-Encoding
x-cache
Error from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3
x-amz-cf-id
-3EvgTlEyafTYxM-j0pIovi41vuGwncOkjxRC0ondaO6YFp9inbl8g==
White-cloud-in-a-secure-room-630x330.jpeg.webp
securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2023/09/
5 KB
5 KB
Image
General
Full URL
https://securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2023/09/White-cloud-in-a-secure-room-630x330.jpeg.webp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.5.0
Resource Hash
a3eb7422386ab102ec12efe826709c836eb341cb646296cfadadd9b889e4336a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6841
x-powered-by
W3 Total Cache/2.5.0
alt-svc
h3=":443"; ma=86400
content-length
4828
pragma
public
referrer-policy
same-origin
last-modified
Wed, 13 Sep 2023 11:16:15 GMT
server
cloudflare
etag
"12dc-6053bb00e17de"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3QM99O7cWWilGrT3A4lhqed5AwmGOb%2F3q9KCfrSBR8pzBeZxNdbiY%2F5rmWvWA7ppyItFh%2BFENJqYD4jhK65mdxr1gNZ1EmKuZBUTHVCCiuGyjQpm5S21ZYCA0LtOSaYr5HlybGA2oVceUuWREySeorMCkj4SkfI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=1800, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
821ce4e69fd1371c-FRA
computer-safety-concept-trojan-horse-in-electronic-environment-630x330.jpeg.webp
securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2023/09/
83 KB
83 KB
Image
General
Full URL
https://securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2023/09/computer-safety-concept-trojan-horse-in-electronic-environment-630x330.jpeg.webp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.5.0
Resource Hash
32bf67618961bdeb9572a836ef7c2b8df8e19538d98095bcee11b585b98e50d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
153
x-powered-by
W3 Total Cache/2.5.0
alt-svc
h3=":443"; ma=86400
content-length
84706
pragma
public
referrer-policy
same-origin
last-modified
Tue, 12 Sep 2023 16:00:14 GMT
server
cloudflare
etag
"14ae2-6052b89da9820"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ugM%2BTiqrXW5FRT6jJQHNs1RGfdyHv0%2BJsEjSyc7%2Fw7CdQ1N9am79%2F43rbadTzfwqonrYBromTmSet7vyAHgs%2BloLGNPXZfhrTjs%2FlU53PPeXYR%2BpUZocV5ZQGoWmfowBX068PUIl5AdRp0s1i67eIRQUEqNxV10%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=1800, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
821ce4e69fd2371c-FRA
Student-operating-equipment-in-ships-engine-room-simulator-630x330.jpeg.webp
securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2023/09/
23 KB
24 KB
Image
General
Full URL
https://securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2023/09/Student-operating-equipment-in-ships-engine-room-simulator-630x330.jpeg.webp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.5.0
Resource Hash
ddf877dc75786beff643eba62b6769a21b9e2ccdf51b1106b11d31a4fbf18447

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
153
x-powered-by
W3 Total Cache/2.5.0
alt-svc
h3=":443"; ma=86400
content-length
23918
pragma
public
referrer-policy
same-origin
last-modified
Thu, 07 Sep 2023 15:18:21 GMT
server
cloudflare
etag
"5d6e-604c65ed50244"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RhI6qFROyNWUBsMCe%2FpTQ3IAUWhW2OZC35%2BynXa4vSwl%2FIREg89CxmAqkx5bFsCW4J72DF4L5k95EdynC2XK6nwBFoq8apXlnnM5T1TTyx9gH%2BHDp6rPvNzL3eQGOM31o%2F%2BRaik8sAH2OWm1cSrs6EXu9vk7aOo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=1800, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
821ce4e69fd4371c-FRA
logo-white.svg
securityintelligence.com/wp-content/themes/sapphire/images/
8 KB
4 KB
Image
General
Full URL
https://securityintelligence.com/wp-content/themes/sapphire/images/logo-white.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.5.0
Resource Hash
663a14b3fbb5e44ad939917a2f6f4d93f31a0a1d8ab6702fb0a66036141ddc8b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
public
date
Mon, 06 Nov 2023 11:11:10 GMT
content-encoding
gzip
referrer-policy
same-origin
cf-cache-status
DYNAMIC
last-modified
Wed, 26 Apr 2023 13:09:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"2136-5fa3cf3e8f926"
x-powered-by
W3 Total Cache/2.5.0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IGWeb%2FIB%2ByA%2FN4jZ9zxwKV%2Fy1Ao9x9rV91EMXapIA%2FiSnuO8F0Xo%2BKT2p2caXwKMePpLvEehxkKwH%2BpIsqfD5JLfM5m4V5CkDEbTIdCQCD1BggF1q0%2B25znhSzLuWw9ZAxAys5wNzkonAUJswzG6vSBrQoZfKjE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, must-revalidate, proxy-revalidate
cf-ray
821ce4e69fd6371c-FRA
alt-svc
h3=":443"; ma=86400
utag.js
tags.tiqcdn.com/utag/ibm/web/prod/
353 KB
93 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Requested by
Host: 1.www.s81c.com
URL: https://1.www.s81c.com/common/stats/ida_stats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:f200:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c3226f462c1be7d5eb5d8d80f5ed245291be40d13b72e5e1ab84db9a26eda27f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id
yO6KyURO_GBjs4vaeaaLvV58WDYsdTh3
content-encoding
br
via
1.1 1a45d1e1304c39dfa9b034c2308f4976.cloudfront.net (CloudFront)
date
Mon, 06 Nov 2023 11:08:35 GMT
last-modified
Thu, 02 Nov 2023 18:17:20 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
age
156
x-amz-server-side-encryption
AES256
etag
W/"5035e36e4d8a2d6d965db5da0f71ac3a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
delekwBGSpcKIqeyvKWFNtOPYV2zAhQt7vfq5J04RcKXjWWjFHMtSg==
notice
consent.trustarc.com/
41 KB
13 KB
Script
General
Full URL
https://consent.trustarc.com/notice?c=teconsent&domain=ibm.com&country=DE&language=en-US&privacypolicylink=https%3A%2F%2Fwww.ibm.com%2Fprivacy&js=nj&noticeType=bb&text=true&pcookie&cdn=1&gtm=1
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-52.fra2.r.cloudfront.net
Software
/
Resource Hash
865a62380441ce3cb911020d05bd0d783ecfd0dd3e302510b3e8c48e07f37173
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:05:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
355
x-cache
Hit from cloudfront
cloudfront-viewer-country
DE
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
max-age=3600
cloudfront-viewer-country-region
BE
timing-allow-origin
*
x-amz-cf-id
URuu1Ry7A5ilQavbkQ2tFhU9yXgIV1GF2hslcOfURBaBpMMzYDtI3g==
expires
Mon, 06 Nov 2023 12:05:15 GMT
utag.v.js
tags.tiqcdn.com/utag/tiqapp/
2 B
431 B
Script
General
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=ibm/web/202311021814&cb=1699269070285
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:f200:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id
2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date
Mon, 06 Nov 2023 11:08:40 GMT
via
1.1 1a45d1e1304c39dfa9b034c2308f4976.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
age
151
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2
last-modified
Sat, 11 Mar 2023 06:57:46 GMT
server
AmazonS3
etag
"7bc0ee636b3b83484fc3b9348863bd22"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=300
accept-ranges
bytes
x-amz-cf-id
e2wH8K6-epTjeGo1OxkGklF6shIMLMdw3Xh1tv3Ml6zkMiH2QnKV4Q==
get
consent.trustarc.com/ Frame 2C7E
2 KB
1 KB
Document
General
Full URL
https://consent.trustarc.com/get?name=crossdomain.html&domain=ibm.com
Requested by
Host: consent.trustarc.com
URL: https://consent.trustarc.com/notice?c=teconsent&domain=ibm.com&country=DE&language=en-US&privacypolicylink=https%3A%2F%2Fwww.ibm.com%2Fprivacy&js=nj&noticeType=bb&text=true&pcookie&cdn=1&gtm=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-52.fra2.r.cloudfront.net
Software
/
Resource Hash
093d12d8b3568fe7d205eab6a5ceb766772d6018aebe44d3e16f9e85fb7ab68e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1008
cache-control
max-age=2592000
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Mon, 06 Nov 2023 10:54:22 GMT
expires
Wed, 06 Dec 2023 10:54:22 GMT
pragma
public
strict-transport-security
max-age=31536000; includeSubDomains
timing-allow-origin
*
vary
Origin
via
1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
x-amz-cf-id
UY4mPUdco1RWTppB-52y1xquCUX365fyZ3Wb8jBLGFGswi-0bxJ3EA==
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
v1.7-1064
consent.trustarc.com/asset/notice.js/v/
88 KB
26 KB
Script
General
Full URL
https://consent.trustarc.com/asset/notice.js/v/v1.7-1064
Requested by
Host: consent.trustarc.com
URL: https://consent.trustarc.com/notice?c=teconsent&domain=ibm.com&country=DE&language=en-US&privacypolicylink=https%3A%2F%2Fwww.ibm.com%2Fprivacy&js=nj&noticeType=bb&text=true&pcookie&cdn=1&gtm=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-52.fra2.r.cloudfront.net
Software
/
Resource Hash
f45a4b7d84fcba68fee4db26859810d7021314e50fca1a716449a2a7beeb97e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:37:02 GMT
content-encoding
gzip
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA2-C1
age
2048
x-cache
Hit from cloudfront
pragma
public
last-modified
Mon, 23 Oct 2023 05:12:34 GMT
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
BV0jAlkaRe0GlnKJvulGISHNkODpa_HOFYR-dR-U9hLWbWP9F_PHMg==
expires
Wed, 06 Dec 2023 10:37:02 GMT
log
consent.trustarc.com/
43 B
428 B
Image
General
Full URL
https://consent.trustarc.com/log?domain=ibm.com&country=de&state=&behavior=implied&session=bd1e541d-dcc4-4757-97dd-a9514068525b&userType=NEW&c=aee6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-52.fra2.r.cloudfront.net
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 11:11:10 GMT
via
1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA2-C1
vary
Origin
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
x-amz-cf-id
X4fUfL0bfLjM7edzULEZpn0dj3-Eo4r2cU2uTAZKQcYBSCdRd6RVgQ==
expires
Mon, 26 Jul 1997 05:00:00 GMT
ibmplexsans-semibold.woff2
1.www.s81c.com/common/fonts/plex/v1/
37 KB
37 KB
Font
General
Full URL
https://1.www.s81c.com/common/fonts/plex/v1/ibmplexsans-semibold.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
3df4c72b33d93f627a79f3ec0e4744d88f9478a3513a41ae0a2386abac4ef831
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://securityintelligence.com/
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:10 GMT
strict-transport-security
max-age=2592000
last-modified
Mon, 19 Jun 2017 20:17:05 GMT
server
AkamaiNetStorage
content-md5
z5UWknac7Z0FWhN2mXfHFw==
etag
"cf951692769ced9d055a13769977c717:1672864811.754472"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
37416
expires
Mon, 13 Nov 2023 11:11:10 GMT
ibmplexsans-regular.woff2
1.www.s81c.com/common/fonts/plex/v1/
34 KB
35 KB
Font
General
Full URL
https://1.www.s81c.com/common/fonts/plex/v1/ibmplexsans-regular.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:784::b3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
de80b2b0c32b938ed432b49c0f3dc09f8c6152fc6b090ac49294b891ad8933bc
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://securityintelligence.com/
Origin
https://securityintelligence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 11:11:10 GMT
strict-transport-security
max-age=2592000
last-modified
Mon, 19 Jun 2017 20:17:05 GMT
server
AkamaiNetStorage
content-md5
eSYTpp4e/tmcui3POb3b1A==
etag
"792613a69e1efed99cba2dcf39bddbd4:1672864811.711241"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
35276
expires
Mon, 13 Nov 2023 11:11:10 GMT
get
consent.trustarc.com/
679 B
873 B
Image
General
Full URL
https://consent.trustarc.com/get?name=ibm_close_icon.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-52.fra2.r.cloudfront.net
Software
/
Resource Hash
96509ae3806587a5029b14cfa9a0a4ebf0dddaf201bf34516f92edb593f20261
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
public
date
Mon, 06 Nov 2023 10:37:44 GMT
content-encoding
gzip
via
1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA2-C1
age
2006
vary
Origin
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
bRbyWzpAV9EfLoQeAowSDcylXujZP_EQKzaCs3mntGXbjIiwUoytpw==
expires
Wed, 06 Dec 2023 10:37:44 GMT
bannermsg
consent.trustarc.com/
43 B
429 B
Image
General
Full URL
https://consent.trustarc.com/bannermsg?action=views&domain=ibm.com&behavior=implied&country=de&language=en&rand=0.48217263086249296&session=bd1e541d-dcc4-4757-97dd-a9514068525b&userType=NEW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-52.fra2.r.cloudfront.net
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 11:11:10 GMT
via
1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA2-C1
vary
Origin
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
x-amz-cf-id
V4XsF2EhALuPkKGxy2Xq0URBLnrqygpbn2RradPnwTZDiwcpZRGMWA==
expires
Mon, 26 Jul 1997 05:00:00 GMT
collect
www.google-analytics.com/j/
3 B
214 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=0&a=750063325&t=pageview&_s=1&dl=https%3A%2F%2Fsecurityintelligence.com%2Fx-force%2Fhive0051-malicious-operations-enabled-dns-fluxing%2F&dp=%2Fx-force%2Fhive0051-malicious-operations-enabled-dns-fluxing%2F&ul=en-us&de=UTF-8&dt=Hive0051%E2%80%99s%20large%20scale%20malicious%20operations%20enabled%20by%20synchronized%20multi-channel%20DNS%20fluxing&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABAAAAACAAo~&jid=1664156740&gjid=260505506&cid=1089965677.1699269068&tid=UA-150713566-56&_gid=362423701.1699269069&_r=1&_slc=1&cd12=c7caef17012f48e99285467c1b6d8423&cd15=3bba4c0a-3a87-469a-b0ef-d5ece2e2b847&cd13=(not%20set)&cd17=(not%20set)&cd16=(not%20set)&cd1=(not%20set)&cd14=(not%20set)&z=1998623311
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 11:11:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://securityintelligence.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
Zz1mZTc2NDVlODc3N2MxMWVlYWFjYWJlYWNlN2M2YTVjOQ==
images-cdn.welcomesoftware.com/
237 KB
238 KB
Image
General
Full URL
https://images-cdn.welcomesoftware.com/Zz1mZTc2NDVlODc3N2MxMWVlYWFjYWJlYWNlN2M2YTVjOQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:8600:f:fcff:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6dbe2754ffcedf3b0e3bf65c94bf30840c1badbedf1ddfbfe005ad09db570797

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 00:04:13 GMT
x-amz-version-id
jSHYrn7QEX5F3toXJACi8d5Qu8P9i.nn
via
1.1 033e374ece012797cbee0d505e2e61b4.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
age
558422
x-amz-server-side-encryption
AES256
x-cache-status
MISS
x-cache
Hit from cloudfront
content-length
242715
last-modified
Mon, 30 Oct 2023 23:35:22 GMT
server
nginx
etag
"223497f394273d6469f96976c66f5723"
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
yBEXgW9V6zmmJWcD3MOmozHDQcWn7yEvPE9gDmz-VzCJs6baG7YdNg==
Zz0wNzZlYTJmODc3N2QxMWVlYjNmYTVhNGMxN2U5MGJhZg==
images-cdn.welcomesoftware.com/
521 KB
522 KB
Image
General
Full URL
https://images-cdn.welcomesoftware.com/Zz0wNzZlYTJmODc3N2QxMWVlYjNmYTVhNGMxN2U5MGJhZg==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:8600:f:fcff:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f34a4e3336f8e772e18b53ff6b95c508851d79157f7f4812a21bc063e07c9aa2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 00:04:14 GMT
x-amz-version-id
rh.GvTOqzrrEj0vMgsKdHMVi8qu3eSIv
via
1.1 033e374ece012797cbee0d505e2e61b4.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
age
558421
x-amz-server-side-encryption
AES256
x-cache-status
EXPIRED
x-cache
Hit from cloudfront
content-length
533243
last-modified
Mon, 30 Oct 2023 23:35:37 GMT
server
nginx
etag
"418826539138c39f0d64bc76f825f7e4"
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
TlSWhCV3f8NcuKi6kb5m2rochG5kr4oV6IIUHLmtnNFBYBpXcR25mQ==
Zz0xNjZhODBiMDc3N2QxMWVlYWNlYTVlZDIxZjRlYjcyYw==
images-cdn.welcomesoftware.com/
113 KB
114 KB
Image
General
Full URL
https://images-cdn.welcomesoftware.com/Zz0xNjZhODBiMDc3N2QxMWVlYWNlYTVlZDIxZjRlYjcyYw==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:8600:f:fcff:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b32ead2b4dd4dfb3272a19643d9135e91823162cb367e9f893742e1392c3836a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 00:04:15 GMT
x-amz-version-id
zLbyD2W3xq8LrNGglMabLJw3xjBWqwut
via
1.1 033e374ece012797cbee0d505e2e61b4.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
age
558420
x-amz-server-side-encryption
AES256
x-cache-status
MISS
x-cache
Hit from cloudfront
content-length
115910
last-modified
Mon, 30 Oct 2023 23:36:03 GMT
server
nginx
etag
"c2abedb02c526a682671b4e8da5b2c9a"
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
lV2NM7uRMNq5kwwb7IDE0msfioINgSqQTYui4sFrhwMRBnhkjxEbPQ==
Zz0yM2I2ZDMwNDc3N2QxMWVlYWJjNDVhNGMxN2U5MGJhZg==
images-cdn.welcomesoftware.com/
466 KB
466 KB
Image
General
Full URL
https://images-cdn.welcomesoftware.com/Zz0yM2I2ZDMwNDc3N2QxMWVlYWJjNDVhNGMxN2U5MGJhZg==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:8600:f:fcff:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
cb7aa65862128f03adeed9a4f684414960b3b7108fcbd79f7d8c9e723846680f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 00:04:16 GMT
x-amz-version-id
MTJq4a2aYI9S_y5tip0odg8Zy8arQgBx
via
1.1 033e374ece012797cbee0d505e2e61b4.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
age
558419
x-amz-server-side-encryption
AES256
x-cache-status
EXPIRED
x-cache
Hit from cloudfront
content-length
476690
last-modified
Mon, 30 Oct 2023 23:36:25 GMT
server
nginx
etag
"13c353b1485e6478eb52159434553078"
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
pXZ4mlNr-hT7vmsZNS1e8Tkn1tObE1zWBH9M1hLqA5dYte80oGwGPA==

Verdicts & Comments Add Verdict or Comment

98 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture object| AMP function| Swiper function| sendClickTag function| tagAllLinks object| digitalData object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP__EXPERIMENT_TOGGLES object| __AMP_URL_CACHE boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS object| _wpemojiSettings undefined| $ function| jQuery function| validateInput object| elementList object| _appInfo object| qpprFrontData object| litHtmlVersions function| JSCompiler_renameProperty object| litElementVersions function| DOMPurify object| regeneratorRuntime object| $jscomp string| __ncconfig string| GoogleAnalyticsObject function| ga object| ncAudienceInsights boolean| isIdaStatsLoaded boolean| isAnalyticsLibLoaded object| _ibmAnalytics object| _dl object| ghostQueue object| ibmStats function| createPageviewTagForSPA function| bindPageViewWithAnalytics function| jQuery2 boolean| isJQueryOnSupported object| v16elu string| pageViewAttributes object| ibmweb object| dl string| IBMPageCategory boolean| isProductPage object| record object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| utag_data function| tealium_enrichment string| US_PRIVACY object| twemoji object| wp object| utag_err boolean| utag_condload string| tmeid object| responseTokenMap undefined| eventInfo undefined| url object| utag function| e function| _tealium_old_error boolean| __tealium_twc_switch object| utag_cfg_ovrd object| datalayer object| utag2 string| computedFontFamily object| adobe function| Visitor object| __TEALIUM function| targetPageParamsAll function| targetPageParams boolean| teconsentActive object| truste function| shouldRepop function| shouldResolveConsent string| userType object| $temp_inner_iframe object| $temp_closebtn_style object| $temp_box_overlay object| $temp_box_overlay_border string| $temp_externalcss function| _truste_eu object| PREF_MGR_API_DEBUG object| PrivacyManagerAPI object| TRUSTE_CMAPI_DEBUG object| bnFirstElement

12 Cookies

Domain/Path Name / Value
.securityintelligence.com/ Name: __ncuid
Value: 3bba4c0a-3a87-469a-b0ef-d5ece2e2b847
.securityintelligence.com/ Name: pageviewContext
Value: 0b778411-2c0b-451c-a834-6e37b21bcbfc
.securityintelligence.com/ Name: _ga
Value: GA1.2.1089965677.1699269068
.securityintelligence.com/ Name: _gid
Value: GA1.2.362423701.1699269069
www-api.ibm.com/ Name: notice_preferences_master
Value: {}
www-api.ibm.com/ Name: 1816d7fd5563fd474b747d804593718b
Value: f39fac75e276ef84881a4f90c528f1a9
.securityintelligence.com/ Name: userContext
Value: n/a|0|0|0|DE|BY|1|n/a|expressed|zz|n/a|n/a|n/a
.securityintelligence.com/ Name: OPTOUTMULTI
Value: 0:0%7Cc1:1%7Cc3:1%7Cc2:1
.securityintelligence.com/ Name: utag_main
Value: v_id:018ba4544d650024c440cec4cf7803074005b06c00b08$_sn:1$_se:1$_ss:1$_st:1699270870182$ses_id:1699269070182%3Bexp-session$_pn:1%3Bexp-session$is_country_requiring_explicit_consent:true
.securityintelligence.com/ Name: TAsessionID
Value: bd1e541d-dcc4-4757-97dd-a9514068525b|NEW
.securityintelligence.com/ Name: notice_behavior
Value: implied|eu
.securityintelligence.com/ Name: _gat_ncAudienceInsightsGa
Value: 1

2 Console Messages

Source Level URL
Text
javascript warning URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Message:
The resource https://securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2023/10/Cyber-Security-Ransomware-Email-Phishing-Encrypted-Technology-Digital-Information-Protected-Secured.jpeg.webp was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://securityintelligence.com/x-force/hive0051-malicious-operations-enabled-dns-fluxing/
Message:
The resource https://securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2023/10/Cyber-Security-Ransomware-Email-Phishing-Encrypted-Technology-Digital-Information-Protected-Secured.jpeg.webp was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.www.s81c.com
analytics.newscred.com
cdn.ampproject.org
consent.trustarc.com
fonts.googleapis.com
fonts.gstatic.com
images-cdn.welcomesoftware.com
securityintelligence.com
tags.tiqcdn.com
unpkg.com
www-api.ibm.com
www.google-analytics.com
108.138.36.73
13.224.189.52
2600:9000:225b:8600:f:fcff:7940:93a1
2600:9000:225b:f200:7:2bfb:7c00:93a1
2606:4700:3033::ac43:86d6
2606:4700::6810:7caf
2a00:1450:4001:801::200a
2a00:1450:4001:806::200e
2a00:1450:4001:830::2001
2a00:1450:4001:831::2003
2a02:26f0:3100:784::b3a
02d2a33c2b79cf4f005d12caec2f6637646d65070f8812971e27afbf26774913
03d81c05d2b7bcd709563806be145309333dd0f398a91885350953cda5a1a04f
047c7672706fb8ff659368066109ec3bc0e5d6d61c8dcb747e0f617a1dc3d5da
04b235fb0434ba2996a7adad1f77b7044133f11d7a0fd1fbdde3c027d761a7e5
05382ca2c2ab1254bdae63c9fd696e83b884f86bb55618949ecb0dea59a5df06
055242be429679afbdc44ca60d2060eff0d478b817102a347105adc5bbb6f90a
061d68548d70b449039f082ba0e4d8b5931e37eb74f0c1a1784a0fa83369476f
0640549e1c4e2c3a07e648ab3c5a4684fdf19fdfb273f9830ddf93efb1db8fe5
06f22cc39b965efddd2d8217790e7208ab61420129339a1dc960829719dd5137
075c2e54b7c5a6fac205ff9ffcb19000475f58792e16649b159b99a0f5fc2121
08817ef016d047c4d049551225dbedb8f1e96ac53af38f8bc70c65e0ed90ac8d
093d12d8b3568fe7d205eab6a5ceb766772d6018aebe44d3e16f9e85fb7ab68e
0a7758377edd86ae9e438a98076928b5e634f2230f86b1b26ec2d2c8c21e0bea
0b1484bcad1f0edb07c38c2f967b9cf180b2bed0dcc3a13eabe32b2cfa4e897d
0ced51538d4e0744bfb9dd4c93df7935ee72a727fa922eda829ec18fa1b20ee0
0daacbec8b84ea75e745a5eb6f3556e1e9e0bd14566bd91e7f3c5a0a53c6c178
0e82da81b591f6ffc35aa67bcd9e1c39aa5983f7f8baaf35892956e8b2dc004b
0f4df07a6dceb54650fb871363381c8206a005c7eaa97daab9a004b165c1af59
0f86c226defe3b41071d76e1ab54bdacaeec93a52f2387fe2622300ea9d2b9b6
0fc1ffd7c6b0b952f94e417532ede23e2f88ddea35dce894f03ed7e9ebfc9cf4
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860
108e3ea336fad8c51dca90cfd82f2dde7603282b773a9fa7b10a68fc5b3a3a30
10c32fc3bd960b57290d4469a55b9c3a970f58f72f3b37455d44b1f4885878ae
1168470362c9e25221d6b6657b18253250baf449c2b6c1f1fe9db13beb2f8c7f
12b384ce247c0d08cabb68defdd3aca2830ca50abc152009a02e7e7bab4cc0b7
131637e802df8efe821db2e04e2d5fbf8156e8dfd21c86f7568e0ed55c5ffa6a
148f5bd38cf3b8e0aec0003782dfbba92df960a30944bbe2f9f977213c762a5f
14fe65bf833c23c6f76cc94e7ce59bc0a903b32fafa76a82e54e952a2cfea1d8
1576c2907a73940c1be9b413e1c56ada9dbca5d762068ec1b7feaced8078cab5
1590392832c5c7e5fcfa0e76a406b9f40aa3384fa6d1a392c06cfff47633a920
15f0de6f72f96c642c24a05c883f7e6bec2c8ab4f9c165ebe7fb2e447cca3f1b
16302338afc2c7ecff024cad37c76d5ead033b25fcf4ba6354c6a31cffe8ae34
17d13eff6604c141128b7dc1e6a70477dbc612d45444ae93adbf710a5305af74
17f7dec0e77938aac0a94d62a97ad70ed43d4365da5b8edd49376583d25b28bc
192227729ba30517442c20e43ee699f59cdb3b801c86a0b2fe9b59639881e371
1a42916b367342229c06b3cf94f122aa8c58c9f4f23b6e42f016f01f99bd6e0f
1b1fa2a35d5a9f824bd85d608b88e43d317c199183194eb43996ee637b839f4b
1c227006efb1fba0e36bb30543339fb562dca62f378baa11ec8b8ddfc8b97cd4
1ce57fe09c3a2b9bb5703bfb387c57a91be0baae1d219771455dd3f8e1503dca
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d5169c036684aea1474c6b1fd92bb02bb34e13de0293188cea9c718e7950fad
1e02759d55df0cf6bfc3fae3f962a47c635693835441d8a83254d3a7600ddcbc
1f0efadddd89ddc54651d7ecfb4792d73462f2af62e809d5612adfffa33e4377
1f607f6ea04590a54c4a9ff68da5e7024495269df30e7eb7b7c4a1f9086ced30
1fad73efd1fa15b2d69d2ec0d65bf11d4d3bf5ed4681462c6ddf05b8259cfb5d
1fb80047319fc7f35bf012bb331440197f1c7c9f4928a7d73e77f961985a5412
212c50e5e49761927400c63fd6afa36d34cccfa0ed307d8d01a54bc1b1cf1af2
2245baa305bbb28e3b75fef91666d4ad89cef15a96ed5662ec2f97e78ac79c15
22eecbdf47f752eb7cec9586b3fec89b38704ed2eaab7cdb58a490552c61a437
22f3f3fe2f2c78ebbb4eb6d0c475235cd022edea6103c2074bdf43c1dd724b79
235b2da6079701a9043404eebd3ceb370156d704859cdaea64e34e2857fb27f4
2474929d0b22a0b5083acba9ee9f6e50e0e68d0f8fe0001468af372ceb237a21
24d5f2b480d4f967e709f60a4b7b7553767ee42e11b1e60c2876114a5f0ef816
24f0af9588d389ba730e1125fd766c1ccaf512d29d325d8cac2813d1e02ecebc
27be757f5178af3f83c7eda5ae26c3ac4c985c111bcbd0fdd0f6a6bff2819d92
27d29c45e52622f5f8e062649d4415e6a22f35b1e173e635a9b5affbd4b69cac
27f02b94e79640b905bf25c89495d09fb0950faeea56a852e10f855f12c56d85
2976316c10150185f779ba14e4a6851b2724ac1cf43458fb8e92a1fd7b79ad06
2a4718806f9ec16873181b7a80f0d8100f9eda5f95b34b98f09414e79ec6f9b5
2c5a8d602972048c36a43bc7204ccf206c50eb380fc209bf00b98833c26e7c68
2c8ba3832f267ff1339157aab74084f92bd1a803bde8b112f822ec63f736d339
2d9f5ca4557a48b7b5d671eef2f2880658245985c1b7ea549a0096a2bf5db4ba
2dd8e8669f0fe3be72caed1be0a1a1152998a0703ce47b2222404b2585e99dfc
2e50fd20cc0430024ee9914d1b372f4d98d4490712ca7eb0cda9d786e3a2b07d
2f22eeac4501bb24cd47630791adafd966bd0940d398def0c94b3f22767c7485
2f5c46e1d404df5a4c0813d11cbb826a9c17727aacff600308c27f2fd3c892a4
2fff36e6a269af9be134992c620929c6c7788d582b8f4be51e4fc97df3c91db1
31535a91ce3f6b8ed3ddedadab1e49957e2220263a640df1a3f14f6fdfe15eb6
3278027216d38249989e1cf39be055d632e774f68118d18a5282b8cfdee08b6e
32bf67618961bdeb9572a836ef7c2b8df8e19538d98095bcee11b585b98e50d9
332057640e22e0ddfc0a657c5b844d833b6e48ead6dbe24cd1b2f9e6ada20373
350f51428ceea4f17016885aa3fb82d8ee563e948cee80abf3f6c0a907097599
351a42c63450da7b3b9b91766dfed6351ac06ad927b839eeb83a52496cd795f4
374c61fb8261a766c9a6d5d78a36047aa8f82ac86e5811008d3131de82795413
391dc528a428a16f90b7ba966a0ed85d1ada1fbcf828c24ad3eb9b02d91f33fd
39775316f5604b2e15e817b6bb60be3ced64a3d2dca29b4f49575617ab807d9a
39dd759ff5c50fb31d083cdeae81b5285589827cb3c879ed9fe8feed7dd08f45
3a530c73051135e4e846ff802b0ac00681e252200643093bcb1f095a0409cba0
3adb402306c2c52d918d6987b18c173c1ea4a3674170d418e838b1f680e946f7
3bdb4d576d4ad410916849e7c7d6e94f2bf3647e0fba1885b47a3b09fb262f1c
3cb26aecbcb0ab73902996ac967561a39105fff68c60704563ebb31988045b42
3cc6d6cbbcb082f1536061bb5cd7387b729b62f147a461b7201156eb1d10c7a2
3d4168763cc7c89e4251a5b813bc96b2a2a1cfc6b78bd01e93eb0562a2bff69b
3dad2475c26b0269ff5725c68d74308f0f07271473f3a8828516b21d218e9d00
3df4c72b33d93f627a79f3ec0e4744d88f9478a3513a41ae0a2386abac4ef831
3eae5bd86b425501f957fb101f82557039973c1c5c1f04a3af57ba6a4b9b7716
3fc2845d22c09928ba9dae73f657a21ede05bed89a42efafe1028bcbe4ee499b
40e39a2a1a1a5149a3303e38b732ac43b1c69edba7b42ab2d8688429a0fcd244
40e7fb8685e1826b3dbc0c6b449afb8e3c028f9caaec522ef537cb002e3279f4
426088c52a92325403e37c7799edcd262e67191849c6d4b564d82467c77097cd
438836179e58da34ffa952d54044cd6418887f212dcd9cbdbfb1e184f6d2d03b
44593cf623a1ee35822978355705c9af11033841970d543c19ee548fef0f750f
4486175c960172520f189c0dd9036f440fde56a7ef6c93263bbab91e3e6d9172
44a14fefb8c37af73e740e0cd2c36051bf2136f4bf9e834e7237c6be19d66c68
44a55e68b0089ee691777917ed9bf22f764251c0a7f0253024a8b27c2278a8c7
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
45510ed788cdc0a18d79412e1fda8fa82d4393b063f11f10cb2f145b925d2139
45725f6aba012413709dd5927c4af00fe05e56d69da79134e4f8fb747450d897
4676df23d89cb1eb3ccc4355ad76e8b03f913b27333d24fa9137d7902492f6d7
46a9d00c35d7ffad7b67ecb4039093ee9993e1ce3849cf353dc4536e62aca891
480ee17ae9bd1943c860d3ca42f244b02462071cbf31bbf06e314f37bad84b99
48d3bcb4f8e3b1e50266dfe8bbf41815b4043c450d0042bbf5c057a0ba34512e
494ad745441a0e2121bb9da59b9fe7b5281abf4454698c9633a1b4bb99f50789
4a47d11ab5ea77835041c9d1a96a7ae5c7a27963b1df3a78cc149e5b37d2b62b
4b23563b01f795fd12489dd66e36f70b33556c517c4a47de7714dfeaed3b14cd
4b77f8ffe6dea7f6c7b7c27aa5a37afd1cea55c5e5efb7e9af524912d1b3876a
4c5eb6a7a557ccd9622cff8e53c9b95f543c97b5411a22b726fc56f078055af9
4c8f0bc66fefbbcd1b790e43518e3f1b4db6fc3ded4ff13e2875d6d76d3b0551
4cdd2c5e80b344731d46a78ab0effb8b8802340c5222131514d4d4bc1787bb9b
4d4cb2bdcedfe67851df0a0098e36c6fecb22a3832cb46e59f663e37169cdd14
4daf37c4400eb748090f8ef717a92b6c2ada74d4a27206996c1c001dc2360d72
4dd1908c6a8fd56a009de150a0d1b0c6c18a21543ff2f246a7108f385a22500e
4e57cf766447c0f0f0473dd492b395ea0e401261811c8f8218faac081a107a8b
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4fb9fc84ae9e963f8128445e4d7b63277d09475e4395a61fae6c2176ef28d267
4fe194ab21fc3a14a9f1107091b8141fc461e7cbb0b6430deb925fde9a86dc5d
515b7597687252e042a8cafb23f4e5676a63c654f0dca9897d30c1717c283d47
51b55d095033da97c0b57b7d02035cec0064e83018d9c04378e98fd72336ae0d
51d0384096ea89a36841bb111a9d595e88500727bbaacdfcad190b8838f32c7b
520ce26b6197072574754f35e9234cdedc2ec12924558a291d6140fb39e0a8d3
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
52f565134d07b4351ba6593dc0b134653be0d9834fb21f4ccbe188e0750bdb06
5332f7be0c1e727604740ec11ed47a59287fc95d8b05cf97da5f225cdbe8c429
534a72d8cbdb7e793828deb405bead2f4c57e6e6c8e4bcb70c6c1d5508e09d02
5362b061983a3dec0baedadae28c6d9e9f66e20ef90ba320d685a8b235f265e7
546f45981d2584126d3157e7035c54b05115f3fe5b21b79faf6d00a6d9508b50
5535c6eefeb1b9b801618860f012d78fd66e3142e12271dffceb858181067473
5556018e3cc4cbd607b38c07e31e76f591c43f74e4dba26b7be123d55177c6ed
555a116644043f85e66b58349cc49079be7192f717b8238c0ead571451c492d5
564350298257685a411a43eee8fa2b604d88fdce7861a2044cef95265c68b76d
56eed3ffa433956003fd0b5399cdbed656c0fe673dba1606fd6bad7983fdf27b
5790f65182367ee37e03f746cb278c50d07f2224d9658c34b98c2d8f8f60dc61
580410bce2b2067d7f22d95475dad5abf008a95ddb3561a2eef756c431e1f35f
588b5f84ecbbc7124ca8a9e90d2a80a3c8157db7898467e7b23a5d735c9e78fb
591a6a94143a5b8cbdd7fe5551d441d899ddfb6448737be08941f7f4373222c1
5c18e13e16f8f31e2072cb42c3b9b351ae354b14348385be05e59dc767be32a8
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5ca8e25ea762a4009afda41ce81eeb22728dc99d653b204a48a879559a9b2935
5d5997f11a9482db230a12a91801a5006294d0c68817607fb2d8efdc7ecf006a
5ef914e59b0047a261844d96acabb60c34d3acab6b85ea24198726ce4781fd37
5f300ce5623ab42dd2e013b707265acb5fc74b76592b04a22bc21c512c36a564
60500125f4a0acf2b006e48b9676d5113eff2db0accc9063e989aa4cb3612009
60a69b71ca37f27f48a3ddf5ed1fd31e0ce2669ef9638654c9f5aaea2d60de5e
60ed749d6f5cfc6cbaef111aeee9a3d3fc37807555bc3152210b1a7824fa8872
618ebe62abd4e143384d9e917238cfad242be40e90290a4aa9f8e7f8b0c1e93d
61c9fe25e18a8c392a0e05390bae9550820b882e6e15dfb0c7e0c1244ed7d6fa
620f743f192276ff10ba3cd06a00e0fabd1805f4ba2a17cd44b8561aab9138d8
62e24cb66cffae1d26a2a4eb4a3f4678591221fe2a6dbc81c8be8d549e3bc943
62e8fe39e6549f7aa2fbfdd7a4bdf48937364b5427f669d7be4cc94da106096e
636c039cd55a93fd5f45174a3ad250ea24413e065b509bfed3b06d9644d0896c
64541d6d00c236d45a4b46b189a5adbd2336349ed8fbebee9e03a9e0b6e823fd
65abc7b0e6de94afe1a08ad5ca902eae3e8ddca70f632cf80c304d39c5a4434e
66275ecb70fefd392ce2e1f1f16a62b0875e4b8ff98fdcfd5a0fa5fef86a0aad
663a14b3fbb5e44ad939917a2f6f4d93f31a0a1d8ab6702fb0a66036141ddc8b
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
684e7806452caf5297d6277a50b697d153779b3ee46ec9ffd7592f428e96ebf2
687a057c92b4f6239167f336f96e053988db59f36e61c906ae61a85d0abe5896
68969bac2a1db27ac853c8c231e8031bbd53afc29379ab0e4ee68a20fb85bafc
6908a14d13b6cd244881f31f0ee16e1c4a4881939ce0d9a8fb991bf0b50ed490
6be62c2f8d5edfd48f4d8de499432b74c846ad441c4edf63d0d4a68f14a3d368
6c725974f1982b5ec1aeff0f5546683467d3a6808c686f77448bb56a438d1498
6dbe2754ffcedf3b0e3bf65c94bf30840c1badbedf1ddfbfe005ad09db570797
6eb1725148073b0d97917b373c481dd25c2d4c07fdf00f1377a2591cddde3b50
6ec5c233f0b18f0e432f5697a291f9c23853c9c3baeebdbe4a614bdc6cb26919
70c35a3b3b36b2fc6bfa0561f148268064ecc7ccf10e336bf3b91540326a647a
70e86f96c689b4d31fd726460660ff73fd3a4643ede63ad358ce9cbebbc3de05
72205c164566dd51031ec220319d306bd4606c71182d485e3c5f16a58b09b53d
73f701d7eed1b391a0387b4337cb71fd5ac4cae4cdd90baa4a8e30eab0ba413d
7538612bdb078a717b768980a36c62088aa4b97ef4a12db12981c5d9fe67ea95
75526a1f79a580e2b1452091b385354c2ef225f0d230af14f21e194f13d47c6e
7693b4e3135a0c38f2e90307f31208b2e80c08af81c29a82c598cc21d4b66bdc
76fcb4bd326a5ebe219ba59bb435e3d8e9ca5111bff9c6575467ed988fae8c1a
77f5d507b3bd2c7ed625d8291b3f9a91e4ee29839781d09c67cfbe1f0f4dec49
78af1cdf1d62b4344795b5858e53e4fda51359566bd86a633ce7768a0e494825
792b017f865b1a31cbf7a7c802ab9d05d1bd28596bc15a33bfc58edcd84b2aa1
7a3a1a24324b661e918681982552dba1b617b5f0313344dcce1bc39fd36f773f
7a829e39c72843a8059c0822301e9be43990a985e09a81ebd27180fe4a5142b7
7b4521ab2b6b25c01f216412599cf2652debb77c047efa4a55cb8d777aaca73e
7badf3f8d9de634e94a26ad4e6480afb424ace7b21992ecc724960c026347fe0
7bb85c6b3eb442173f57214a267449e51548381a82fedb86428812815d0ec64c
7bcb04c9697cc11618e7d7fb4e6b357530b7e779fdb16b23cea3c9d52ab53c2e
7c4bfbdad82735e58dd96f775aa45d11c965d9967e638e048318fc56df7dd5b0
7d3fc3b7ea2776d037257e1e175a66e3bb1ac7f103ce474549d6a3e0a6645c8b
7dd7f11627e1ad73c79a4b8197892b5f3892039b3482fdbcc62495c1a1244b0b
7ecbc1d3b6c0d537ea94cf1485a9a9ef2734fbc48fa977d911bc5ac499cda2fd
7f09f7ed9350c681587c37e087601818e96a09bfccda3cf5f86daae2d9bab1a6
7f2c690cc6175be879d93be0ebfc16fa2e31e09ba7a536fb73b1aa5d0e05f9ba
7f71745c11db1688fbefd3d72b7f748568b29fd2ca3ead276cdd08c95310b98c
7fca82f33b39819397c836a6359e51e92f018740cf47adb8946958c9139f8afa
7ffaf29b87a34332eff2bfeed40df69611fdb31b2acb6c413f240a553a60ea0a
801557f34e0712e2d4d8957a174f30cfc1b06f4a963e41ee46aa123c495ffabe
808e3f3b08cb517cabda3690db1ba2ba69c39f0a8b201aa7ad57114485d9181f
819f5f74ac359bce633d6b4f3c10981663492d901065198ca0d2df185a4a855b
823affe05448723d5a5e4cb1d3f35677954a760006a5aefb48068b4ad41b9c04
835de0b00f5d8ea56795085cefcaf53d6017c132e081129f100188e005d6f2b3
842f46a7d8ca0abc47026e28a709cb6cea557e64daad9eb91a8bff507945c92b
84d1bf4cd5b5fefe99357eac6db2f21c1e0e579112ffce60b2c69cd098f3ebeb
865a62380441ce3cb911020d05bd0d783ecfd0dd3e302510b3e8c48e07f37173
86c3d32e24dcbc0dfa79692ff1ee28978811da8c2d12a9067cf13a37928da4af
879c800760e3d4c1180ae0a041efbeecc1420edfb13513d373e2d6c8327f5f69
87aa7e8eecbcc64fcd6878351518a72c7e495269e206cb10472959d50d6c8f95
888b819dd4b26c639512b91ba565307ce311acb713071945293e3fafcab65ae5
89c408d56226d22fdb22eabbb7e0d6b91c3801fa61b87d5a0bba0b3636a811b1
8bfbc721b242454c04cd907419888ac023dc4c4f4986bd7b8cfa71194cde0821
8de86f9f9306473b042dfe2d1bbb7156b2d3561b82706e54f9c4c1f7022d4964
8eb93961e3d809ab83af2a4ab681e14891ce63b6bb6a9766108ca6c3b5337db9
8ef96896569c8acc7e933e8cf9927898387cd4bd3824332c8257b3e0f1ec1704
8f19c6d6e152827203ecdde3583ef11e2f28ff0b8903beca54647f255949deaf
8f5846dedbc1a167297f4ea6714f75ba35da3d4049c707e3105568329b170a3a
95afa57ba7e6a5f7ce78794add7ef62f81e74dff72c5cd462549056e57164a5e
96509ae3806587a5029b14cfa9a0a4ebf0dddaf201bf34516f92edb593f20261
97f698db61191883189e51243d3cbb3b18e7afaf8e09b1a87c9f02d85abdd11a
980fa871d6613703024ce03aa34947ccf2528898ebfe6ae4abf737fea1c70576
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99b96fc4b91ac2d223c6efc6fab6097db4d616caa626ee90030d2a9ae63d46d3
9ab25ed49d09ce15b8499cd6bb216afab5730ccbc9810f70178e3266e5b21bbb
9ac3e156c0e504af177fa04ebb5c234c264b794c0dd636025c8c814e60a1c592
9b6a8a47b2ee723329aaceb68a28e591c7da541832af19b6efda3310a46a8dbb
9bb19f369be6814be10d4cf49d4755e5925e49b872341aa8fb4ea1f4ac4b90fd
9c8f633e0bb1e0b5e8b24936fb875ff21e28f5db929bef360731ad0adafd1653
9d93a1336940e518d434495ffac563a82772b0be980c5aac1b41a4af3ff4a360
9e5c6ffc03c35b00ba073da7047038391eae135cd65088c7667519aa25af72af
9edc28759e1866c29cc73e8b388ac0b1b044e93cca651a8da39102e263b525a0
9f5ba914c0bb3d4d49bca654188d9977889f175b9db0736b6880f912a548a55e
a1a8fd1a12b0131a0e48aa5639c4c84592f4d214ff9b3dcc19fae66cce7e1aba
a1f055f566ed4e872a988ead5038d7c08238381f7110bbebb5fd99ae0f0ccb34
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a3d562dd7f27076647d2ee17526d676491ef9fe959edd2179d5538265d8e72cf
a3e9d686656f80308d448c7a438842e54adee5d370d304a458ec68168572e676
a3eb7422386ab102ec12efe826709c836eb341cb646296cfadadd9b889e4336a
a5468ad5750d7374997aefbfe093ae29c3ee7dfc8ec5f51702c40eb6b90f91ae
a550027dbe16ae842d3f4e3632f8ade0c352c147330698f518c38f8f87555989
a5bb5196d568ccc436e40919b0daaefdbbec711bfcfdbf3a82930bbb58a7bd20
a6d5adaf3a68ff52fcdcf50861572525528e6dbb2199724333e23f7367f9fb16
a70b9635dd7cebe8634aa78201f5533e14c7521c46462f036fc82feaa0dfddb6
a93ccf89475f83336712a14da8d52d2d4a8f1b93e62465507e5e74fec5857860
aa8fb84a43802c369be5cc8ffb33bb3f7099cd6c29d8c998bc49bf12f6f25241
aac50e2336e7a537f3ad867240e349639cd33282b3cc40c9d5668a1e0b0db4cb
ab94e9181ccfa0fbd37d9523154d1b8e27825737b0228d14e2ef14396d1d9f2d
acb07175d9689a1f77812e3f7084f3c4a81ff5af643d52ce844ecfaaf57d2304
acc61f08e979d54268daa7615e1121c83687a2eece1a1de04ca00a6aad397e69
ad5502f37296996e6af3b300b593c1262a3472f70b1431a52c7a9dee8dcdf7bc
ada49e5c38aa38ae857b0b8806b41788dc2a4f3845c4717da30baf3e14313265
aec2a44eeea6df3fe0ddd88e4f2dd5b227ef678b89ce754251060fc5160f9ac9
b054619e4845729c52a31708e871e23b327a53c26d7cc52309a30d1b858fe44e
b0fabb6cdca970485d787ab3aa2ad69ec7be6a7e1da3d1e702431ad88f513331
b11dee66c99d6b6e3444a2f66694d0f7de9a7c8d728d68690feb7b3a4d9f924d
b2892b1c7e5dba9aa27ca9559244807f20538bd11574076962478a06cf08e0d0
b32ead2b4dd4dfb3272a19643d9135e91823162cb367e9f893742e1392c3836a
b427f52a719026de868165a02f2bac2e8292e2b7a749e1f11fe14a71c0aed79d
b4a901bc3eb881768a22a736aa344715c8385a2d1315e5d0ab58e65384fccbf5
b64a42cb2d4bb0497aa1bd9f04cbe3aaafdf5e40b62bec89004b1726f0f10b56
b6b223048d53962ba8887fa17fd057385058f87474cd247e974ec87c2df4d693
b9ea34f1917142e1e4593102fd61b0ee9625c67a9202b971d6c3d1eca19f8c5d
bb18d4166211ffb4d0b77cd388bfbb4d89718a11ba413ee5fbca320fe0f2cc2f
bb91a3d6fa4ce291537aa3a50eccedf2fd8c79c98f89083a9fae9aad5b106f8d
bbc2a908d267ae71b9d9d50ea105b17c52835c0155ba62a40b4be067f4e71e85
bbc367f73bc831632abae23bd931a4b50ebabe6bb1a36a89e48c9e5ec3dfea8e
bd14d0b978a5aaa57bf28684442136fe2afdb7e4768a81a5365d75250b032321
bd3c06907c8bae0fbe82d227181eb6aeb1f1e8c38b693e6bf403de980c2f2a42
bd8cf80ac0e7f7fa126a0cbe0f16d568325a156ca744e8f1e6aef14a9f23e2b2
be3244f18ec46e3495666e8f7a9163ffac8bc1b41ec08255609fa7ed27adc30c
bfad53aa5488b166229cc8470e7755b2ca60e6e4fa9e00de64bdbac5b564bb34
bffde2dc0f1de1372fcc64e33a129386adc36be643ed00ffeb188c06521ca2ea
c0c68ee99978a72f6b30031323c8b4793e97e24ff03adb6edb22ffa7d5d6a24a
c23269df2b82f8486814488d21a8e6e1ed55afae34877a44fc2573a5914a3cb8
c3226f462c1be7d5eb5d8d80f5ed245291be40d13b72e5e1ab84db9a26eda27f
c61cb46c0622deb811081ad6416cd92036f89e68e1dce91e471d92e00b0faf08
c6c4aa2602e3356046f5d00ce1d6b56190e8e985618b8dc2d01e72d58ccb6492
c813bcb8b6f45b885a02fa0d03cc9b499ccda7623a3b7392c84c14f18e75c3af
c870aabc7adf8c354ea4a86cab2e1e6d254c829247988df9f26e6e78778d1d8a
c8bef46109f54969e5ba696561e3002fa41eded7e6fb3ebe8103ae07714a9170
c8d0dcf01dafd2c20f57fa2400fb0e95051ff11be6d9e75dcf154b9bf1e4da50
c8d124da4c83eab62cb6300dab7e1c6365430c42338d3c529760a9c15dcd46f4
c9717bdf1a395d9b36792d842da11dc0f736587439691c013c651ce5acafb3c3
cae9dc673fd3e784807ded7f9ea32e0e1af1c85703c51df96f1ea1ad476842ad
cb107bfd360d379e6de729ca91b805f47a6e0affe7f814743f998d70264a671e
cb7aa65862128f03adeed9a4f684414960b3b7108fcbd79f7d8c9e723846680f
cdc10319439d709fa2523b6d77efd436632016bad76e09909dbd4b5278a61a95
cde8866183a768c3e0b93a8ff2efb0c999e65029ca02d853f5798bedb3a41095
cdf398f0b57b04f7174b818d55ed5b1d0462802e2cd327aac8c11d2602ef39ff
cdff66106ed5d07d4531bfa2f883e0ce47a719a579f79521a412b75ec25e3bb7
cff90ab35aaba7458a6fe8e6fd3889baf8e6dece0310efba27dd906458cd51a5
cffb5b48affdb7d28dce91917fcff0c53b351c3a4e37fb974d011a6865dbcd64
d0407e70a9ae582e473287d2780ae8d1ff8709943112bffa888ea8b540ce1835
d0f02fdf609ea86efc0155d8b7964bfdc08250b3920043644f831e7c28b4a9d1
d17cb7e33b4982aa013bff4d3b9aca59b461d6bcb75c9d91a12288107c30ebe9
d1af2872827294dc5109471ef33290c54f5f8426acc8632cda14db72a5368d85
d2737b45406ac420fd0d05e0405a842a92dc64102ae9539385c4f5fd19df09d2
d2f5cf75a63fc6050035c507c308b27f1298db9c178bf0a98e852041d3bf574d
d344ff76816bb38cd57cd56e5386601d9a3d2defd0b6a8d5321b4929db65dbec
d38e20d218c98ac4cc9b1a478be4b129af0d1a76e00252cdcc5687555f453cd0
d3aad8e749f8742ae8e5d349f1e3a2eaf8e17b1d216f1d6bce025a08ce32b44a
d566b0df5ed3c4e90da21a0ee58cce6cbd0d3259bb0f98bb31d524b00c0e9afc
d6257e6616817067a4eac9ccfde08391b99ac8bbd10b71100503b90e98f54cb9
d65b089121a7205b05eb696462e9b58048326f236f4e010c6415673f2ac42db3
d66510cf04fd3144574235a5b2153bd77d4581f6a6b04c4e6b5215471d0088c0
d6919a40101e75c8accad2e0e756dc04e61a582c3f33ccfd51dd2593418e11fe
d69fad25dcdb27b58042a06c3b8bf85918aae966b3cf970d9b2ec57a6342a93d
d7082511522c4df5d87ddcabb64e2696b0b316cd7b208d2e8110089a3dc5f705
d75c0f8978966c8154b1898447d2c3bff7f7880dee71f5e22394dd278709e30e
d814714dfdb518b0e13c82074c7ba39581f53169afcc1424f88e25927f020adb
d86a381a8750a3e22956160bca45b26a41ae9068078382f7db7b59bca0962739
d8bc2fabd324a865fb6f11276bc6b7517f8c66e637f1b585b1a2a568a7065112
d8c05592597de267189f0f5b92e1cff66ff3131e9d51f56adb2d33663ed76e25
d913a95a44c9d6edff5f1b0c6ac6c004cd6ed5fa4e9659f6109ad2377df8db03
d9df6451975419c0b0f7b076b048cf03e83262c6643940a0d6ab5f976028a353
d9eb3620b0e35fc8349466d2d382faa3b13fbd137ab9bcdf1c9bb4db9260f068
db4f572bc91cee1dab0fc799b5bc3352e38dab65c7126f68deb5555960161728
db71f8a28ad8501544fb4e7668e3c6d0b731760b6f20de3525ebaeba597f1922
dc1385391e0ba0002cbc5874f44147a0912041f9a0d255a5c56ae942de394175
dc65ba5a418ecb5dbbada6d80e8a5f1fecb3cd618a4958d8f0bbe9f10c3b1fd6
dd272710c504a3193bc7e6abcf33aa69f0648e1219be6235a3dafe86e46a5bca
dd5588c8432d8f1630319a4d3a12d7f77adcf1e01e315a649275dca5e5921198
ddf877dc75786beff643eba62b6769a21b9e2ccdf51b1106b11d31a4fbf18447
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de80b2b0c32b938ed432b49c0f3dc09f8c6152fc6b090ac49294b891ad8933bc
df1dbd788a45cdd037755b5119123c0faff5c55c3330c32f4788f8aa9eb05c11
df5e72491de42d519d782711ffe4b0914a57585f13235927db42324c5c8b8154
e11445732cf434d9b573c7e891f414abea3a97c49f6c8b7f927094ec5ee48c69
e1a2ed0c708a2a9f8f96128e0f0ff4518dbf1af4e2f56276681273bb1659642f
e1fff56002d3946dd7c79b2cb93a55291d4a97818be06047dd187419dc4a06ff
e29570cc8b7dff7da0cf3846fb7e636b24ba9f0335830b126d61f466a72cf9a4
e3a1dd05339611c84ee60c9d03845819a8c4de3f04ee9ac4161949acf88d6249
e700120f7653aa6fb3ee2a44706e4003a4e33a55821f65b337b7b37314c28dee
e7cbc8627c6e593075352516c356c6789b7ae8d73a3f8f67d468529bbc94c4cb
e815dc84458bd7c80ac84e100f9f43bdb5dbe30eb05602d0a43ee4543954dd25
e8247375044496d06ad9447a156f1bbc1e2a50e2895041ae5552d5554d3d5d4a
e89cc85750cabe4a1352be2c824af05958b906fdf9ab9b9e99fdd15a4d798152
e8bd98ddd87d5d989622372cf423dd4f13f20e2d418401b8239b6293e1f190b7
e8e8684b2782578f2eecf9fe26270f06d27ac30d81f06d30357b16349cfc1472
e8e8a692a3d205212b325961053e9fab1e3faadc837ff38fe709efc6a62261e4
e911c1c29592016642ef86a35f49b5620c01186e3931017849a1aaf01382b017
e94dea6a076445d2063bbe7101fa33c8fb6cdd723863eb5c25eeaa81e3736b16
ea19d09e274ea490bbc49dd96de986b6826b466e9a4024c6e6e066652f151093
ea7f53d0f3c0177b20a3604c7263e406013ea8def4fa82f7a09361a8ac6845c2
ebcdf88c1b58ffdb73cda93d69d8c6cb5ce235720d7cf3aab7844732108e2f6a
ebd04a96b54329b8a1254bc7bd0e1479415c2f4b5e475216c7658a5874c1b071
ecdbd8d21ada7e09e601733e47c6451cc913b439cbea82ad83b93a96d9fa8cf8
ed6e91de3135860c57b28a6ecd16522733e91d09551e26ae34ad30c0ed4f9151
efbaa31a58e8a666e4a16f95608bf41d683be39bb09d7e75c80d8ce0ce59b235
f059a5aa0a112fddeea0086027cdfb5c4c612a2e6d86e7e430213093b7425424
f0703ff34ae27d0b01225a8a3cae58e280ec356786151d77536888bca8afafe4
f09070396827145f8cb2728f9825de55826781572964ba3394a62c8234cdb06c
f0a0f0a4b2d759a8835534898f86e94c86ec878671320004233fb580ca540c84
f34a4e3336f8e772e18b53ff6b95c508851d79157f7f4812a21bc063e07c9aa2
f42d85a1fbec8757d847b58ea0138e7c8a93e6769af086f4a1cf9dc46b5e6fa4
f45a4b7d84fcba68fee4db26859810d7021314e50fca1a716449a2a7beeb97e2
f503579f524d5507bc7527819d785431844202756f2aba17ae35ac2306cfdbfc
f638c06469327f93e5bc86ced0856b2cb42f583334ebcf3ea346fb802a5446c1
f8609823c25cc4e11a990283485276d5d71dc9077929644fbb6ab41842329432
f8f2ea1401819fe906dc24d499bec9d073c2f3757be8f5e3944432001b9556f9
f976589b67405bbc6b9c773eaf742662f600465db7843d1e70100bb8f3c173cf
f9f7422b25370825ab0cef89fabb4d02139cb2077319d3e75cecaa014508489b
fb4529cc42ed4fdee59dfb30fec6d069634cb6b3211c2274505e556c8be0cf3b
fbd656e9c30ba6b8cdf83393b4d8e23ad8b919e5b7df32bd29f8069bf193c721
fc9840876318b8c21fa8718b599a2942e6e23c9e302a37274a8b19be6a439864
fd46dedc29e158f84b8c2359267ca246daede6cfb39d3ece3ffb85da4c809bbf
fd553f6229e34abb458572766f7c5693c7fbe509dfb24558f5d9e99532d3d9d0
fdbb17d7117737eacfc3f1ae776596878488229b2e7fc16268e2437b22205935
fee248102959ee652ab2c28d934bbce89200a51a5cdc9968ce90f977f6dc1dac