www.cybereason.com Open in urlscan Pro
2606:4700::6811:86b4 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://hi.cybereason.com/e2t/c/*W2FJL5x1myNG8TwLX41qnyql0/*W2HvXk_5VTDQwW8bBtLw6KZMWF0/5/f18dQhb0S1Wc7BfGH_W12NnsW5STPBFW...
Effective URL:
https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionag...
Submission: On February 13 via api (February 13th 2020, 9:31:35 pm UTC) from US

Summary HTTP 125 Redirects Links 65 Behaviour Indicators

Summary

This website contacted 42 IPs in 8 countries across 32 domains to perform 125 HTTP transactions. The main IP is 2606:4700::6811:86b4, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.cybereason.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on September 17th 2019. Valid for: a year.

This is the only time www.cybereason.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:4700::68... 2606:4700::6811:88b4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 5	2606:4700::68... 2606:4700::6810:fd05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
57	2606:4700::68... 2606:4700::6811:86b4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	95.100.67.47 95.100.67.47	16625 (AKAMAI-AS) (AKAMAI-AS)
1	172.217.23.130 172.217.23.130	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2bf::25eb	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	151.139.237.11 151.139.237.11	33438 (HIGHWINDS2) (HIGHWINDS2)
3	2606:4700::68... 2606:4700::6811:4004	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:10:... 2606:4700:10::6814:6e27	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.210.250.44 23.210.250.44	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.112.65 151.101.112.65	54113 (FASTLY) (FASTLY)
4	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	54.173.179.199 54.173.179.199	14618 (AMAZON-AES) (AMAZON-AES)
1	147.75.100.69 147.75.100.69	54825 (PACKET) (PACKET)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:f1cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:815::2003	15169 (GOOGLE) (GOOGLE)
2	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
1	147.75.102.203 147.75.102.203	54825 (PACKET) (PACKET)
1 2	2a00:1450:400... 2a00:1450:4001:820::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:820::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:70b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:44b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:e8cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	70.42.32.31 70.42.32.31	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	64.202.112.95 64.202.112.95	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	147.75.102.13 147.75.102.13	54825 (PACKET) (PACKET)
6 9	34.252.172.232 34.252.172.232	16509 (AMAZON-02) (AMAZON-02)
2	34.193.108.147 34.193.108.147	14618 (AMAZON-AES) (AMAZON-AES)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1 1	2a00:1288:f03... 2a00:1288:f03d:1fa::4000	10310 (YAHOO-1) (YAHOO-1)
1	34.206.200.99 34.206.200.99	14618 (AMAZON-AES) (AMAZON-AES)
1 2	34.95.120.147 34.95.120.147	15169 (GOOGLE) (GOOGLE)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	216.58.207.34 216.58.207.34	15169 (GOOGLE) (GOOGLE)
1 2	37.252.173.38 37.252.173.38	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	52.21.56.60 52.21.56.60	14618 (AMAZON-AES) (AMAZON-AES)
1 2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:cccc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:f905	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:296::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	2a05:f500:10:... 2a05:f500:10:101::b93f:9105	14413 (LINKEDIN) (LINKEDIN)
1 1	2a05:f500:10:... 2a05:f500:10:101::b93f:9101	14413 (LINKEDIN) (LINKEDIN)
125	42

2 2606:4700::6811:88b4 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

hi.cybereason.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:fd05 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cta-image-cms2.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

57 2606:4700::6811:86b4 (United States)

ASN13335 (CLOUDFLARENET, US)

www.cybereason.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 95.100.67.47 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-67-47.deploy.static.akamaitechnologies.com

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s18-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2bf::25eb (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

platform.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.237.11 (Dallas, United States)

ASN33438 (HIGHWINDS2, US)

cdn.rawgit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:4004 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6814:6e27 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.210.250.44 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-250-44.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.65 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

tag.marinsm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.173.179.199 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-173-179-199.compute-1.amazonaws.com

t.sf14g.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.100.69 (Central, Hong Kong)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress16

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:f1cc (United States)

ASN13335 (CLOUDFLARENET, US)

cdn2.hubspot.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:815::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.102.203 (Central, Hong Kong)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress3

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:70b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:44b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e8cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.31 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.95 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

amplifypixel.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.102.13 (Central, Hong Kong)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress1

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 34.252.172.232 (Dublin, Ireland) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-172-232.eu-west-1.compute.amazonaws.com

pixel-geo.prfct.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.193.108.147 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-108-147.compute-1.amazonaws.com

performance.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:f03d:1fa::4000 (United Kingdom) 1 redirects

ASN10310 (YAHOO-1, US)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.206.200.99 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-200-99.compute-1.amazonaws.com

pixel.prfct.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.120.147 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 147.120.95.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.207.34 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s24-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.173.38 (Ascension Island) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.21.56.60 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-56-60.compute-1.amazonaws.com

tracking.leadlander.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:cccc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:f905 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:296::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:10:101::b93f:9105 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:f500:10:101::b93f:9101 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
59	cybereason.com 1 redirects hi.cybereason.com www.cybereason.com	1 MB
14	typekit.net use.typekit.net p.typekit.net performance.typekit.net	179 KB
10	prfct.co 6 redirects pixel-geo.prfct.co pixel.prfct.co	4 KB
6	hubspot.com 1 redirects cta-image-cms2.hubspot.com track.hubspot.com forms.hubspot.com	3 KB
4	facebook.net connect.facebook.net	200 KB
4	linkedin.com 2 redirects platform.linkedin.com px.ads.linkedin.com www.linkedin.com	58 KB
3	twitter.com platform.twitter.com analytics.twitter.com	29 KB
3	doubleclick.net 2 redirects googleads.g.doubleclick.net cm.g.doubleclick.net stats.g.doubleclick.net	3 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	73 KB
3	outbrain.com amplify.outbrain.com tr.outbrain.com amplifypixel.outbrain.com	4 KB
3	addtoany.com static.addtoany.com	59 KB
3	cloudflare.com cdnjs.cloudflare.com	97 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	leadlander.com 1 redirects tracking.leadlander.com	644 B
2	adnxs.com 1 redirects secure.adnxs.com	2 KB
2	openx.net 1 redirects us-u.openx.net	492 B
2	facebook.com www.facebook.com	406 B
2	google.de www.google.de	219 B
2	google.com 1 redirects www.google.com	474 B
2	gstatic.com fonts.gstatic.com	36 KB
1	licdn.com snap.licdn.com	2 KB
1	hubapi.com api.hubapi.com	286 B
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	yahoo.com 1 redirects ads.yahoo.com	273 B
1	hsleadflows.net js.hsleadflows.net	61 KB
1	hs-analytics.net js.hs-analytics.net	26 KB
1	hsadspixel.net js.hsadspixel.net	2 KB
1	hubspot.net cdn2.hubspot.net	51 KB
1	sf14g.com t.sf14g.com	37 KB
1	marinsm.com tag.marinsm.com	10 KB
1	rawgit.com cdn.rawgit.com	2 KB
1	googleadservices.com www.googleadservices.com	10 KB
125	32

	Domain	Requested by
57	www.cybereason.com	hi.cybereason.com www.cybereason.com
10	use.typekit.net	www.cybereason.com use.typekit.net
9	pixel-geo.prfct.co	6 redirects www.cybereason.com
4	track.hubspot.com
4	connect.facebook.net	www.cybereason.com connect.facebook.net
3	static.addtoany.com	www.cybereason.com static.addtoany.com
3	cdnjs.cloudflare.com	www.cybereason.com
2	px.ads.linkedin.com	1 redirects
2	www.google-analytics.com	1 redirects www.cybereason.com
2	tracking.leadlander.com	1 redirects www.cybereason.com
2	secure.adnxs.com	1 redirects www.cybereason.com
2	us-u.openx.net	1 redirects www.cybereason.com
2	www.facebook.com	www.cybereason.com
2	performance.typekit.net	use.typekit.net
2	p.typekit.net	www.cybereason.com
2	www.google.de	www.cybereason.com
2	www.google.com	1 redirects www.cybereason.com
2	platform.twitter.com	www.cybereason.com platform.twitter.com
2	fonts.gstatic.com	www.cybereason.com
2	hi.cybereason.com	1 redirects
1	www.linkedin.com	1 redirects
1	snap.licdn.com	js.hsadspixel.net
1	stats.g.doubleclick.net	1 redirects
1	forms.hubspot.com	js.hsleadflows.net
1	api.hubapi.com	js.hsadspixel.net
1	cm.g.doubleclick.net	1 redirects
1	pixel.rubiconproject.com	www.cybereason.com
1	pixel.prfct.co	www.cybereason.com
1	ads.yahoo.com	1 redirects
1	analytics.twitter.com	www.cybereason.com
1	vars.hotjar.com	static.hotjar.com
1	amplifypixel.outbrain.com	www.cybereason.com
1	tr.outbrain.com	www.cybereason.com
1	js.hsleadflows.net	www.cybereason.com
1	js.hs-analytics.net	www.cybereason.com
1	js.hsadspixel.net	www.cybereason.com
1	script.hotjar.com	static.hotjar.com
1	cdn2.hubspot.net	www.cybereason.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	static.hotjar.com	www.cybereason.com
1	t.sf14g.com	www.cybereason.com
1	tag.marinsm.com	www.cybereason.com
1	amplify.outbrain.com	www.cybereason.com
1	cdn.rawgit.com	www.cybereason.com
1	platform.linkedin.com	www.cybereason.com
1	www.googleadservices.com	www.cybereason.com
1	cta-image-cms2.hubspot.com	1 redirects
125	47

This site contains links to these domains. Also see Links.

Domain
attack.mitre.org
securelist.com
ti.360.net
blog.talosintelligence.com
unit42.paloaltonetworks.com
webcache.googleusercontent.com
enigmaprotector.com
www.vectra.ai
www.clearskysec.com
www.kaspersky.com
malpedia.caad.fkie.fraunhofer.de
blog.trendmicro.com
en.wikipedia.org
www.bbc.co.uk
aawsat.com
www.timesofisrael.com
www.egnyte.com
www.sans.org
www.nirsoft.net
www.addtoany.com
twitter.com
www.linkedin.com
www.youtube.com
www.facebook.com
www.instagram.com

Subject Issuer	Validity	Valid
hi.cybereason.com CloudFlare Inc ECC CA-2	`2019-09-17` - `2020-09-16`	a year	crt.sh
www.cybereason.com CloudFlare Inc ECC CA-2	`2019-09-17` - `2020-09-16`	a year	crt.sh
*.typekit.net DigiCert SHA2 Secure Server CA	`2019-12-06` - `2021-12-10`	2 years	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-01-21` - `2020-04-14`	3 months	crt.sh
platform.linkedin.com DigiCert SHA2 Secure Server CA	`2018-07-11` - `2020-07-15`	2 years	crt.sh
rawgit.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-03` - `2022-01-12`	2 years	crt.sh
cloudflare.com CloudFlare Inc ECC CA-2	`2020-01-07` - `2020-10-09`	9 months	crt.sh
ssl472428.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-12-10` - `2020-06-17`	6 months	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2018-12-14` - `2020-03-14`	a year	crt.sh
g.ssl.fastly.net GlobalSign Organization Validation CA - SHA256 - G2	`2019-09-23` - `2020-09-23`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-01-16` - `2020-04-15`	3 months	crt.sh
t.sf14g.com Go Daddy Secure Certificate Authority - G2	`2019-07-09` - `2020-09-07`	a year	crt.sh
static.hotjar.com Let's Encrypt Authority X3	`2020-02-03` - `2020-05-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
hubspot.net CloudFlare Inc ECC CA-2	`2019-04-16` - `2020-04-16`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-01-21` - `2020-04-14`	3 months	crt.sh
platform.twitter.com DigiCert SHA2 High Assurance Server CA	`2019-08-28` - `2020-09-01`	a year	crt.sh
script.hotjar.com Let's Encrypt Authority X3	`2020-02-03` - `2020-05-03`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-01-21` - `2020-04-14`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
ssl803643.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-11-06` - `2020-05-14`	6 months	crt.sh
ssl803670.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-11-06` - `2020-05-14`	6 months	crt.sh
ssl817706.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2020-01-21` - `2020-07-29`	6 months	crt.sh
vars.hotjar.com Let's Encrypt Authority X3	`2020-02-03` - `2020-05-03`	3 months	crt.sh
*.prfct.co DigiCert SHA2 Secure Server CA	`2019-09-03` - `2021-10-27`	2 years	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2019-04-09` - `2020-04-01`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2018-01-04` - `2020-07-09`	3 years	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.leadlander.com Go Daddy Secure Certificate Authority - G2	`2019-07-09` - `2020-09-07`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-01-21` - `2020-04-14`	3 months	crt.sh
hubapi.com CloudFlare Inc ECC CA-2	`2020-01-21` - `2020-10-09`	9 months	crt.sh
hubspot.com CloudFlare Inc ECC CA-2	`2019-12-04` - `2020-10-09`	10 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2019-05-29` - `2021-06-29`	2 years	crt.sh

This page contains 4 frames:

Primary Page: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Frame ID: 69612229E941B3B51D9CE39FA9C4027A
Requests: 123 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.22.html
Frame ID: 91AF3BD547D0695AFB2E44A733704EF7
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 0D5F4D89B57A1F1B1D7680CD7545ED28
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.7303c29a8108bca4ac5c9ef008ed8164.html?origin=https%3A%2F%2Fwww.cybereason.com
Frame ID: 3ABAC5838B0FAF662D25BA6B6EF91EF3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://hi.cybereason.com/e2t/c/*W2FJL5x1myNG8TwLX41qnyql0/*W2HvXk_5VTDQwW8bBtLw6KZMWF0/5/f18dQhb0S1Wc... Page URL
https://hi.cybereason.com/events/public/v1/track/c/*W2FJL5x1myNG8TwLX41qnyql0/*W2HvXk_5VTDQwW8bBtLw6KZ... HTTP 307
https://cta-image-cms2.hubspot.com/ctas/v2/public/cs/ci/?pg=ce96f475-92ca-48c9-b490-ad91d33d17de&pid=3354902&ec... HTTP 301
https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campa... Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/platform\.twitter\.com\/widgets\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

125
Requests

100 %
HTTPS

53 %
IPv6

32
Domains

47
Subdomains

42
IPs

8
Countries

2492 kB
Transfer

5082 kB
Size

4
Cookies

65 Outgoing links

These are links going to different origins than the main page.

URL: https://attack.mitre.org/groups/G0021/
Title: MoleRATs

Search URL Search Domain Scan URL

URL: https://securelist.com/gaza-cybergang-group1-operation-sneakypastes/90068/
Title: The Gaza Cybergang

Search URL Search Domain Scan URL

URL: https://ti.360.net/blog/articles/suspected-molerats-new-attack-in-the-middle-east-en/
Title: first emerged in January 2019

Search URL Search Domain Scan URL

URL: https://blog.talosintelligence.com/2017/06/palestine-delphi.html
Title: Micropsia

Search URL Search Domain Scan URL

URL: https://unit42.paloaltonetworks.com/unit42-targeted-attacks-middle-east-using-kasperagent-micropsia/
Title: Kaperagent

Search URL Search Domain Scan URL

URL: http://webcache.googleusercontent.com/search?q=cache:https://ti.360.net/blog/articles/suspected-molerats-new-attack-in-the-middle-east-en/
Title: 360’s blog

Search URL Search Domain Scan URL

URL: https://enigmaprotector.com/en/home.html
Title: Enigma Packer

Search URL Search Domain Scan URL

URL: https://www.vectra.ai/blogpost/moonlight-middle-east-targeted-attacks
Title: Moonlight

Search URL Search Domain Scan URL

URL: https://www.clearskysec.com/dustysky/
Title: DustySky

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/blog/desert-falcon-arabic-apt/7678/
Title: Desert Falcons

Search URL Search Domain Scan URL

URL: https://malpedia.caad.fkie.fraunhofer.de/actor/aridviper
Title: APT-C-23

Search URL Search Domain Scan URL

URL: https://blog.trendmicro.com/trendlabs-security-intelligence/new-gnatspy-mobile-malware-family-discovered/
Title: GnatSpy

Search URL Search Domain Scan URL

URL: https://securelist.com/operation-parliament-who-is-doing-what/85237/
Title: Operation Parliament

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Hamas
Title: Hamas

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Palestinian_National_Authority
Title: Palestinian National Authority

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Fatah%E2%80%93Hamas_conflict
Title: historical rivalry

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Trump_peace_plan
Title: Donald Trump and Senior Advisor to the President of the United States Jared Kushner

Search URL Search Domain Scan URL

URL: https://www.bbc.co.uk/news/world-middle-east-50979463
Title: Soleimani’s assassination

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Ismail_Haniyeh
Title: Ismail Haniyeh

Search URL Search Domain Scan URL

URL: https://aawsat.com/english/home/article/2111556/haniyeh-settles-qatar-has-no-plans-return-gaza
Title: falling-out with the Egyptian government

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Al-Ahram
Title: Al-Ahram

Search URL Search Domain Scan URL

URL: https://www.timesofisrael.com/hamas-chief-to-remain-outside-gaza-for-months-his-deputy-says/
Title: sparked tension with the Egyptian authorities

Search URL Search Domain Scan URL

URL: https://www.egnyte.com/
Title: Egnyte

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/software/S0385/
Title: njRAT

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/software/S0012/
Title: Poison Ivy

Search URL Search Domain Scan URL

URL: https://www.sans.org/reading-room/whitepapers/malicious/xtremerat-unicode-breaks-35897
Title: XtremeRAT

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/software/S0062/
Title: DustySky

Search URL Search Domain Scan URL

URL: https://malpedia.caad.fkie.fraunhofer.de/details/win.molerat_loader
Title: MoleRAT Loader

Search URL Search Domain Scan URL

URL: https://unit42.paloaltonetworks.com/unit42-the-tophat-campaign-attacks-within-the-middle-east-region-using-popular-third-party-services/
Title: Scote

Search URL Search Domain Scan URL

URL: https://ti.360.net/blog/articles/suspected-molerats-new-attack-in-themiddle-east-en/
Title: in previous attacks

Search URL Search Domain Scan URL

URL: https://www.nirsoft.net/utils/winlister.html
Title: WinLister

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/JSON
Title: json

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1193/
Title: Spearphishing Attachment

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1059
Title: Command-Line Interface

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1053
Title: Scheduled Task

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1088
Title: Bypass User Account Control

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1082/
Title: System Information Discovery

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1113
Title: Screen Capture

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1102/
Title: Web Service

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1022/
Title: Data Encrypted

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1192
Title: Spearphishing Link

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1060
Title: Registry Run Keys / Startup Folder

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1165
Title: Startup Items

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1140
Title: Deobfuscate/Decode Files or Information

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1033/
Title: User Discovery

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1119/
Title: Automated Collection

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1132
Title: Data Encoding

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1064
Title: Scripting

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1023
Title: Shortcut Modification

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1089
Title: Disabling Security Tools

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1497/
Title: Virtualization/Sandbox Discovery

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1105/
Title: Remote File Copy

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1204
Title: User Execution

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1107
Title: File Deletion

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1045
Title: Software Packing

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1036
Title: Masquerading

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1523/
Title: Evade Analysis Environment

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1063/
Title: Security Software Discovery

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/share#url=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fnew-cyber-espionage-campaigns-targeting-palestinians-part-one%3Futm_campaign%3DCyber%2520Espionage%2520Targeting%2520Palestinians%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ%26_hsmi%3D83340888%26utm_source%3Dhs_email%26utm_content%3D83340888%26hsCtaTracking%3Dce96f475-92ca-48c9-b490-ad91d33d17de%257Ce3fe8794-40ee-420c-9000-851caf84ce79&title=New%20Cyber%20Espionage%20Campaigns%20Targeting%20Palestinians%20-%20Part%201%3A%20The%20Spark%20Campaign

Search URL Search Domain Scan URL

URL: https://twitter.com/cybereason
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/cybereason
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCOm7AaB0HiNH4Phe66sK0Ew
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Cybereason/
Title:

Search URL Search Domain Scan URL

URL: https://www.instagram.com/cybereason/?hl=en
Title:

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/
Title: AddToAny

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://hi.cybereason.com/e2t/c/*W2FJL5x1myNG8TwLX41qnyql0/*W2HvXk_5VTDQwW8bBtLw6KZMWF0/5/f18dQhb0S1Wc7BfGH_W12NnsW5STPBFW2wqBV43wygw1N5J28kx_ZyTRW30rM1y85k9HPW3yNWR95MJ5cTW4k6wVm1srSMlW37zG_55YTG-TW86-t5g8gycK4W2ZYBYX8QjqKPW4sBWnw4Fl0pLW7QndN_3v9tB3W7ZTDPM4JWsRjW17Lf_p2NkqPWW5x4RZt1kHgfZW2wJGL96y2wxgW3fXzrz8XPYbbW1230TB2Wlmn1W7sHkp34ZYM5GW1PN3Nm5B3Xl5W1hMnPx5grcn_W7q5Jps1-yJCFW3Rl1dL6G9hxYW90NMT_6tyvMsW55md-817xv9RW6mj3mm7--HN-W231Zf_1YgBxqVcfpCS4XT02fVVLgHJ18WRSWW2fDCDg49Vk-NW854GGB4t5D6MW6PjWkn6MfNYfVChrGW1Sr_NwW1xNcv97txXpRW7jVJ4T5BTJN-W4HgQSZ7s6pt8W9fm1sZ1dXr3jW3JKZTX2dZGv1W2BDsD016B5MqW4Yr73l1QCxWLW4qlv_B2c41VzW5Km1F01J03yJW2-b0L38GNG0vW4CwMKv1G0fwRV9pg3V36T4j7W1KP61K3k0gtJW7h1XFr2Z3R2fW8jCs083YgGC7W3_40YZ1FcszWVZWyGN512lPkW18CGxb4dJDpFVBfK_h6Xn06gN45q_Jnn-fz8W8sTK0t7XydxjVNC8vY6lnd_lW8vsYDS3l1CX9W5Q4HQm3SRbc1W85n9Q44t93f6W2ygjny6bTCDJW7whtw248lprKW60T63S7VzBKyW4zDTtX9c92FrW7KS-6s8HH46cW9lCbd329xJ2QW4qK1cB90tJsGN2_YS34zry6Pf7Wy_JK03 Page URL
https://hi.cybereason.com/events/public/v1/track/c/*W2FJL5x1myNG8TwLX41qnyql0/*W2HvXk_5VTDQwW8bBtLw6KZMWF0/5/f18dQhb0S1Wc7BfGH_W12NnsW5STPBFW2wqBV43wygw1N5J28kx_ZyTRW30rM1y85k9HPW3yNWR95MJ5cTW4k6wVm1srSMlW37zG_55YTG-TW86-t5g8gycK4W2ZYBYX8QjqKPW4sBWnw4Fl0pLW7QndN_3v9tB3W7ZTDPM4JWsRjW17Lf_p2NkqPWW5x4RZt1kHgfZW2wJGL96y2wxgW3fXzrz8XPYbbW1230TB2Wlmn1W7sHkp34ZYM5GW1PN3Nm5B3Xl5W1hMnPx5grcn_W7q5Jps1-yJCFW3Rl1dL6G9hxYW90NMT_6tyvMsW55md-817xv9RW6mj3mm7--HN-W231Zf_1YgBxqVcfpCS4XT02fVVLgHJ18WRSWW2fDCDg49Vk-NW854GGB4t5D6MW6PjWkn6MfNYfVChrGW1Sr_NwW1xNcv97txXpRW7jVJ4T5BTJN-W4HgQSZ7s6pt8W9fm1sZ1dXr3jW3JKZTX2dZGv1W2BDsD016B5MqW4Yr73l1QCxWLW4qlv_B2c41VzW5Km1F01J03yJW2-b0L38GNG0vW4CwMKv1G0fwRV9pg3V36T4j7W1KP61K3k0gtJW7h1XFr2Z3R2fW8jCs083YgGC7W3_40YZ1FcszWVZWyGN512lPkW18CGxb4dJDpFVBfK_h6Xn06gN45q_Jnn-fz8W8sTK0t7XydxjVNC8vY6lnd_lW8vsYDS3l1CX9W5Q4HQm3SRbc1W85n9Q44t93f6W2ygjny6bTCDJW7whtw248lprKW60T63S7VzBKyW4zDTtX9c92FrW7KS-6s8HH46cW9lCbd329xJ2QW4qK1cB90tJsGN2_YS34zry6Pf7Wy_JK03?_ud=9e48785a-5168-4776-b735-aaf1c6c8976d&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p HTTP 307
https://cta-image-cms2.hubspot.com/ctas/v2/public/cs/ci/?pg=ce96f475-92ca-48c9-b490-ad91d33d17de&pid=3354902&ecid=ACsprvso4kyXDMYM9ZWK3Dtza9lgKpZDlnqry3VQOAt985TuBcq4fkip3w14ONfI8c0FJZwd1x3T&hseid=83340888&hsic=false&utm_rewrite=REWRITE_ALL&utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_source=hs_email&utm_medium=email&utm_content=83340888&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888 HTTP 301
https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 99

https://pixel-geo.prfct.co/tagjs?a_id=71641&source=js_tag HTTP 302
https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=71641&source=js_tag

Request Chain 105

https://pixel-geo.prfct.co/cs/?partnerId=twtr HTTP 302
https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_X0TRcl28GvO0U0aTN

Request Chain 106

https://pixel-geo.prfct.co/cs/?partnerId=yah HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10001073209&eid=pa_X0TRcl28GvO0U0aTN&sigv=1&esig=2~ff5336774371fb5fb977638680d8d463488769dd HTTP 302
https://pixel.prfct.co/cb?partnerId=yah&xid=E0&eid=pa_X0TRcl28GvO0U0aTN

Request Chain 107

https://pixel-geo.prfct.co/cs/?partnerId=opx HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_X0TRcl28GvO0U0aTN HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537114372&val=pa_X0TRcl28GvO0U0aTN

Request Chain 108

https://pixel-geo.prfct.co/cs/?partnerId=rbcn HTTP 302
https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_X0TRcl28GvO0U0aTN

Request Chain 109

https://pixel-geo.prfct.co/cs/?partnerId=goo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfWDBUUmNsMjhHdk8wVTBhVE4 HTTP 302
https://pixel-geo.prfct.co/cb?partnerId=goo

Request Chain 111

https://secure.adnxs.com/seg?t=2&add=8257847 HTTP 302
https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D8257847

Request Chain 112

https://tracking.leadlander.com/api/tracking?accountId=27717&page=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fnew-cyber-espionage-campaigns-targeting-palestinians-part-one%3Futm_campaign%3DCyber%2520Espionage%2520Targeting%2520Palestinians%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ%26_hsmi%3D83340888%26utm_source%3Dhs_email%26utm_content%3D83340888%26hsCtaTracking%3Dce96f475-92ca-48c9-b490-ad91d33d17de%257Ce3fe8794-40ee-420c-9000-851caf84ce79&referer=&fp=d2fff768385a51f6e295620ea70f0269 HTTP 302
https://tracking.leadlander.com/tracking.png

Request Chain 120

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1473289618&t=pageview&_s=1&dl=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fnew-cyber-espionage-campaigns-targeting-palestinians-part-one%3Futm_campaign%3DCyber%2520Espionage%2520Targeting%2520Palestinians%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ%26_hsmi%3D83340888%26utm_source%3Dhs_email%26utm_content%3D83340888%26hsCtaTracking%3Dce96f475-92ca-48c9-b490-ad91d33d17de%257Ce3fe8794-40ee-420c-9000-851caf84ce79&ul=en-us&de=UTF-8&dt=New%20Cyber%20Espionage%20Campaigns%20Targeting%20Palestinians%20-%20Part%201%3A%20The%20Spark%20Campaign&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=1268935784&gjid=292777754&cid=988405954.1581629479&tid=UA-56367941-1&_gid=605716661.1581629479&_r=1&z=1621612673 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-56367941-1&cid=988405954.1581629479&jid=1268935784&_gid=605716661.1581629479&gjid=292777754&_v=j81&z=1621612673 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-56367941-1&cid=988405954.1581629479&jid=1268935784&_v=j81&z=1621612673 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-56367941-1&cid=988405954.1581629479&jid=1268935784&_v=j81&z=1621612673&slf_rd=1&random=4125991142

Request Chain 122

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=994281&url=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fnew-cyber-espionage-campaigns-targeting-palestinians-part-one%3Futm_campaign%3DCyber%2520Espionage%2520Targeting%2520Palestinians%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ%26_hsmi%3D83340888%26utm_source%3Dhs_email%26utm_content%3D83340888%26hsCtaTracking%3Dce96f475-92ca-48c9-b490-ad91d33d17de%257Ce3fe8794-40ee-420c-9000-851caf84ce79&time=1581629478627 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D994281%26url%3Dhttps%253A%252F%252Fwww.cybereason.com%252Fblog%252Fnew-cyber-espionage-campaigns-targeting-palestinians-part-one%253Futm_campaign%253DCyber%252520Espionage%252520Targeting%252520Palestinians%2526utm_medium%253Demail%2526_hsenc%253Dp2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ%2526_hsmi%253D83340888%2526utm_source%253Dhs_email%2526utm_content%253D83340888%2526hsCtaTracking%253Dce96f475-92ca-48c9-b490-ad91d33d17de%25257Ce3fe8794-40ee-420c-9000-851caf84ce79%26time%3D1581629478627%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=994281&url=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fnew-cyber-espionage-campaigns-targeting-palestinians-part-one%3Futm_campaign%3DCyber%2520Espionage%2520Targeting%2520Palestinians%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ%26_hsmi%3D83340888%26utm_source%3Dhs_email%26utm_content%3D83340888%26hsCtaTracking%3Dce96f475-92ca-48c9-b490-ad91d33d17de%257Ce3fe8794-40ee-420c-9000-851caf84ce79&time=1581629478627&liSync=true

125 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 f18dQhb0S1Wc7BfGH_W12NnsW5STPBFW2wqBV43wygw1N5J28kx_ZyTRW30rM1y85k9HPW3yNWR95MJ5cTW4k6wVm1srSMlW37zG_55YTG-TW86-t5g8gycK4W2ZYBYX8QjqKPW4sBWnw4Fl0pLW7QndN_3v9tB3W7ZTDPM4JWsRjW17Lf_p2NkqPWW5x4RZt1kHg... Show response
hi.cybereason.com/e2t/c/*W2FJL5x1myNG8TwLX41qnyql0/*W2HvXk_5VTDQwW8bBtLw6KZMWF0/5/ 11 KB
3 KB 126ms
74ms Document
text/html 2606:4700::6811:88b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hi.cybereason.com/e2t/c/*W2FJL5x1myNG8TwLX41qnyql0/*W2HvXk_5VTDQwW8bBtLw6KZMWF0/5/f18dQhb0S1Wc7BfGH_W12NnsW5STPBFW2wqBV43wygw1N5J28kx_ZyTRW30rM1y85k9HPW3yNWR95MJ5cTW4k6wVm1srSMlW37zG_55YTG-TW86-t5g8gycK4W2ZYBYX8QjqKPW4sBWnw4Fl0pLW7QndN_3v9tB3W7ZTDPM4JWsRjW17Lf_p2NkqPWW5x4RZt1kHgfZW2wJGL96y2wxgW3fXzrz8XPYbbW1230TB2Wlmn1W7sHkp34ZYM5GW1PN3Nm5B3Xl5W1hMnPx5grcn_W7q5Jps1-yJCFW3Rl1dL6G9hxYW90NMT_6tyvMsW55md-817xv9RW6mj3mm7--HN-W231Zf_1YgBxqVcfpCS4XT02fVVLgHJ18WRSWW2fDCDg49Vk-NW854GGB4t5D6MW6PjWkn6MfNYfVChrGW1Sr_NwW1xNcv97txXpRW7jVJ4T5BTJN-W4HgQSZ7s6pt8W9fm1sZ1dXr3jW3JKZTX2dZGv1W2BDsD016B5MqW4Yr73l1QCxWLW4qlv_B2c41VzW5Km1F01J03yJW2-b0L38GNG0vW4CwMKv1G0fwRV9pg3V36T4j7W1KP61K3k0gtJW7h1XFr2Z3R2fW8jCs083YgGC7W3_40YZ1FcszWVZWyGN512lPkW18CGxb4dJDpFVBfK_h6Xn06gN45q_Jnn-fz8W8sTK0t7XydxjVNC8vY6lnd_lW8vsYDS3l1CX9W5Q4HQm3SRbc1W85n9Q44t93f6W2ygjny6bTCDJW7whtw248lprKW60T63S7VzBKyW4zDTtX9c92FrW7KS-6s8HH46cW9lCbd329xJ2QW4qK1cB90tJsGN2_YS34zry6Pf7Wy_JK03
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:88b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 708473df9d677f0e044fc2a64ab129a769f1f20734bbcbf7089f176a1b320dbf

Request headers

:method: GET
:authority: hi.cybereason.com
:scheme: https
:path: /e2t/c/*W2FJL5x1myNG8TwLX41qnyql0/*W2HvXk_5VTDQwW8bBtLw6KZMWF0/5/f18dQhb0S1Wc7BfGH_W12NnsW5STPBFW2wqBV43wygw1N5J28kx_ZyTRW30rM1y85k9HPW3yNWR95MJ5cTW4k6wVm1srSMlW37zG_55YTG-TW86-t5g8gycK4W2ZYBYX8QjqKPW4sBWnw4Fl0pLW7QndN_3v9tB3W7ZTDPM4JWsRjW17Lf_p2NkqPWW5x4RZt1kHgfZW2wJGL96y2wxgW3fXzrz8XPYbbW1230TB2Wlmn1W7sHkp34ZYM5GW1PN3Nm5B3Xl5W1hMnPx5grcn_W7q5Jps1-yJCFW3Rl1dL6G9hxYW90NMT_6tyvMsW55md-817xv9RW6mj3mm7--HN-W231Zf_1YgBxqVcfpCS4XT02fVVLgHJ18WRSWW2fDCDg49Vk-NW854GGB4t5D6MW6PjWkn6MfNYfVChrGW1Sr_NwW1xNcv97txXpRW7jVJ4T5BTJN-W4HgQSZ7s6pt8W9fm1sZ1dXr3jW3JKZTX2dZGv1W2BDsD016B5MqW4Yr73l1QCxWLW4qlv_B2c41VzW5Km1F01J03yJW2-b0L38GNG0vW4CwMKv1G0fwRV9pg3V36T4j7W1KP61K3k0gtJW7h1XFr2Z3R2fW8jCs083YgGC7W3_40YZ1FcszWVZWyGN512lPkW18CGxb4dJDpFVBfK_h6Xn06gN45q_Jnn-fz8W8sTK0t7XydxjVNC8vY6lnd_lW8vsYDS3l1CX9W5Q4HQm3SRbc1W85n9Q44t93f6W2ygjny6bTCDJW7whtw248lprKW60T63S7VzBKyW4zDTtX9c92FrW7KS-6s8HH46cW9lCbd329xJ2QW4qK1cB90tJsGN2_YS34zry6Pf7Wy_JK03
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

status: 200
date: Thu, 13 Feb 2020 21:31:15 GMT
content-type: text/html;charset=utf-8
set-cookie: __cfduid=da5957da57632397a47c09fa82db7ab1b1581629475; expires=Sat, 14-Mar-20 21:31:15 GMT; path=/; domain=.hi.cybereason.com; HttpOnly; SameSite=Lax __cfruid=38d3dce46b07a2993af52547677c3e929c58639f-1581629475; path=/; domain=.hi.cybereason.com; HttpOnly; Secure; SameSite=None
cf-ray: 5649e87f788d1f41-FRA
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
server: cloudflare
content-encoding: br

GET
H2

200

Primary Request new-cyber-espionage-campaigns-targeting-palestinians-part-one Show response
www.cybereason.com/blog/
Redirect Chain

https://hi.cybereason.com/events/public/v1/track/c/*W2FJL5x1myNG8TwLX41qnyql0/*W2HvXk_5VTDQwW8bBtLw6KZMWF0/5/f18dQhb0S1Wc7BfGH_W12NnsW5STPBFW2wqBV43wygw1N5J28kx_ZyTRW30rM1y85k9HPW3yNWR95MJ5cTW4k6wV...
https://cta-image-cms2.hubspot.com/ctas/v2/public/cs/ci/?pg=ce96f475-92ca-48c9-b490-ad91d33d17de&pid=3354902&ecid=ACsprvso4kyXDMYM9ZWK3Dtza9lgKpZDlnqry3VQOAt985TuBcq4fkip3w14ONfI8c0FJZwd1x3T&hseid=...
https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N...

130 KB
25 KB

765ms
271ms

Document
text/html

2606:4700::6811:86b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79

Requested by

Host: hi.cybereason.com
URL: https://hi.cybereason.com/e2t/c/*W2FJL5x1myNG8TwLX41qnyql0/*W2HvXk_5VTDQwW8bBtLw6KZMWF0/5/f18dQhb0S1Wc7BfGH_W12NnsW5STPBFW2wqBV43wygw1N5J28kx_ZyTRW30rM1y85k9HPW3yNWR95MJ5cTW4k6wVm1srSMlW37zG_55YTG-TW86-t5g8gycK4W2ZYBYX8QjqKPW4sBWnw4Fl0pLW7QndN_3v9tB3W7ZTDPM4JWsRjW17Lf_p2NkqPWW5x4RZt1kHgfZW2wJGL96y2wxgW3fXzrz8XPYbbW1230TB2Wlmn1W7sHkp34ZYM5GW1PN3Nm5B3Xl5W1hMnPx5grcn_W7q5Jps1-yJCFW3Rl1dL6G9hxYW90NMT_6tyvMsW55md-817xv9RW6mj3mm7--HN-W231Zf_1YgBxqVcfpCS4XT02fVVLgHJ18WRSWW2fDCDg49Vk-NW854GGB4t5D6MW6PjWkn6MfNYfVChrGW1Sr_NwW1xNcv97txXpRW7jVJ4T5BTJN-W4HgQSZ7s6pt8W9fm1sZ1dXr3jW3JKZTX2dZGv1W2BDsD016B5MqW4Yr73l1QCxWLW4qlv_B2c41VzW5Km1F01J03yJW2-b0L38GNG0vW4CwMKv1G0fwRV9pg3V36T4j7W1KP61K3k0gtJW7h1XFr2Z3R2fW8jCs083YgGC7W3_40YZ1FcszWVZWyGN512lPkW18CGxb4dJDpFVBfK_h6Xn06gN45q_Jnn-fz8W8sTK0t7XydxjVNC8vY6lnd_lW8vsYDS3l1CX9W5Q4HQm3SRbc1W85n9Q44t93f6W2ygjny6bTCDJW7whtw248lprKW60T63S7VzBKyW4zDTtX9c92FrW7KS-6s8HH46cW9lCbd329xJ2QW4qK1cB90tJsGN2_YS34zry6Pf7Wy_JK03

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:86b4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / HubSpot

Resource Hash

9a818cec96eeba25fc05e914ffa40ed7f8b2c53b4b4c33f75f3ff521f15b78b6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=0

Request headers

:method: GET
:authority: www.cybereason.com
:scheme: https
:path: /blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Referer: https://hi.cybereason.com/e2t/c/*W2FJL5x1myNG8TwLX41qnyql0/*W2HvXk_5VTDQwW8bBtLw6KZMWF0/5/f18dQhb0S1Wc7BfGH_W12NnsW5STPBFW2wqBV43wygw1N5J28kx_ZyTRW30rM1y85k9HPW3yNWR95MJ5cTW4k6wVm1srSMlW37zG_55YTG-TW86-t5g8gycK4W2ZYBYX8QjqKPW4sBWnw4Fl0pLW7QndN_3v9tB3W7ZTDPM4JWsRjW17Lf_p2NkqPWW5x4RZt1kHgfZW2wJGL96y2wxgW3fXzrz8XPYbbW1230TB2Wlmn1W7sHkp34ZYM5GW1PN3Nm5B3Xl5W1hMnPx5grcn_W7q5Jps1-yJCFW3Rl1dL6G9hxYW90NMT_6tyvMsW55md-817xv9RW6mj3mm7--HN-W231Zf_1YgBxqVcfpCS4XT02fVVLgHJ18WRSWW2fDCDg49Vk-NW854GGB4t5D6MW6PjWkn6MfNYfVChrGW1Sr_NwW1xNcv97txXpRW7jVJ4T5BTJN-W4HgQSZ7s6pt8W9fm1sZ1dXr3jW3JKZTX2dZGv1W2BDsD016B5MqW4Yr73l1QCxWLW4qlv_B2c41VzW5Km1F01J03yJW2-b0L38GNG0vW4CwMKv1G0fwRV9pg3V36T4j7W1KP61K3k0gtJW7h1XFr2Z3R2fW8jCs083YgGC7W3_40YZ1FcszWVZWyGN512lPkW18CGxb4dJDpFVBfK_h6Xn06gN45q_Jnn-fz8W8sTK0t7XydxjVNC8vY6lnd_lW8vsYDS3l1CX9W5Q4HQm3SRbc1W85n9Q44t93f6W2ygjny6bTCDJW7whtw248lprKW60T63S7VzBKyW4zDTtX9c92FrW7KS-6s8HH46cW9lCbd329xJ2QW4qK1cB90tJsGN2_YS34zry6Pf7Wy_JK03

Response headers

status: 200
date: Thu, 13 Feb 2020 21:31:17 GMT
content-type: text/html;charset=utf-8
set-cookie: __cfduid=d0559c8ae7bb993aaa424f5a3170ee6a91581629476; expires=Sat, 14-Mar-20 21:31:16 GMT; path=/; domain=.www.cybereason.com; HttpOnly; SameSite=Lax __cfruid=1cd6eb4098b5948950752b7e09fb558abaf2de17-1581629477; path=/; domain=.www.cybereason.com; HttpOnly; Secure; SameSite=None
cf-ray: 5649e8868b692488-FRA
cache-control: s-maxage=120,max-age=5
link: </hs-fs/hub/3354902/hub_generated/template_assets/1581622811976/combined-css-e55ddf6f2bf7e283892d58214e13b194.css>; rel=preload; as=style
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
content-security-policy: upgrade-insecure-requests
edge-cache-tag: CT-25537919171,P-3354902,L-14460236224,L-17583002703,L-5467046824,CW-14462747638,CW-17578879074,CW-6216123918,E-5348736541,E-5350539849,E-5350675680,PGS-ALL,SW-0,SD-2,B-5272851739
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-hs-cache-config: BrowserCache-5s-EdgeCache-120s
x-hs-content-id: 25537919171
x-hs-hub-id: 3354902
x-powered-by: HubSpot
x-trace: 2BE85897AB90BE4900C4AAA2439C3A5E6B1592A06EB102D809FD407B2201
server: cloudflare
content-encoding: br
cf-h2-pushed: </hs-fs/hub/3354902/hub_generated/template_assets/1581622811976/combined-css-e55ddf6f2bf7e283892d58214e13b194.css>

Redirect headers

status: 301
date: Thu, 13 Feb 2020 21:31:16 GMT
set-cookie: __cfduid=da748d674deee508d9b41c2d1df363abe1581629476; expires=Sat, 14-Mar-20 21:31:16 GMT; path=/; domain=.hubspot.com; HttpOnly; SameSite=Lax
x-trace: 2B2457F9206FB2973C8DFBC4297FC8B4B4C4E3023C000000000000000000
expires: Sat, 01 Jan 2000 00:00:00 GMT
location: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
x-robots-tag: noindex, follow
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 5649e8830a2f0ebb-FRA

GET
H2 200 combined-css-e55ddf6f2bf7e283892d58214e13b194.css
www.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/1581622811976/ 353 KB
45 KB 62ms
0ms Stylesheet
text/css 2606:4700::6811:86b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/1581622811976/combined-css-e55ddf6f2bf7e283892d58214e13b194.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:86b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64b3a0505df97efe5e5fc6797bd62f9f9bbc7786f64453524fcb750dfb806230

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
content-encoding: br
cf-cache-status: HIT
age: 1095
cf-ray: 5649e8882fe02488-FRA
status: 200
x-amz-request-id: 8D7D8786861322AF
x-amz-id-2: A+FDwq3ZslxLGGI+6gcdbyDcVYAAVjtKryPKUzV1F9d8iLGbMZgxfeq/rcRwQW8Tm8kVdN46Wtg=
last-modified: Thu, 13 Feb 2020 19:40:12 GMT
server: cloudflare
etag: W/"e55ddf6f2bf7e283892d58214e13b194"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 5XY.8LN9jIVI2M20QPORjmyNlTs8fVx0
cache-control: s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
content-type: text/css

GET
H2 200 jquery-1.11.2.js Show response
www.cybereason.com/hs/hsstatic/jquery-libs/static-1.4/jquery/ 94 KB
32 KB 37ms
35ms Script
application/javascript 2606:4700::6811:86b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybereason.com/hs/hsstatic/jquery-libs/static-1.4/jquery/jquery-1.11.2.js
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:86b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
via: 1.1 27eb501c8caff149895f88cac34554af.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 564668
cf-ray: 5649e888484e2488-FRA
x-cache: Hit from cloudfront
status: 200
content-encoding: br
last-modified: Thu, 08 Jan 2015 18:08:00 GMT
server: cloudflare
etag: W/"5790ead7ad3ba27397aedfa3d263b867"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-cf-pop: IAD89-C2
content-type: application/javascript; charset=utf-8
x-amz-cf-id: smWoIpZoOcIg9a9aUkpWdUz5Q3jcHFhMyd1DSPpQfsLerYdrugMAFw==

GET
H2 200 vyv2ljd.js Show response
use.typekit.net/ 20 KB
8 KB 93ms
38ms Script
text/javascript 95.100.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/vyv2ljd.js

Requested by

Host: www.cybereason.com
URL: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-100-67-47.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

cd7908a80313043ae934d5f599a062460c50f94370cee5dc092e0cb9b8d123ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
access-control-allow-origin: *
date: Thu, 13 Feb 2020 21:31:17 GMT
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
status: 200
cache-control: public, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
content-length: 7640

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 25 KB
10 KB 43ms
41ms Script
text/javascript 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

cafe /

Resource Hash

b1e43308ad37fba80d03dac9a497a96febac77a457711dab836dcf12efb80cef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9855
x-xss-protection: 0
server: cafe
etag: 7067135177091508594
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 13 Feb 2020 21:31:17 GMT

GET
H/1.1 200
OK in.js Show response
platform.linkedin.com/ 181 KB
55 KB 22ms
8ms Script
text/javascript 2a02:26f0:6c00:2bf::25eb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.linkedin.com/in.js
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2bf::25eb , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Play /
Resource Hash: 7a5157ea032f2c5ec7a28fd56804a7046168188f1f5eac557f9a2a402ab3fa29

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 13 Feb 2020 21:31:17 GMT
Content-Encoding: gzip
X-CDN-CLIENT-IP-VERSION: IPV6
Server: Play
X-CDN: AKAM
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: text/javascript; charset=UTF-8
Cache-Control: public, max-age=3600
X-Li-Pop: prod-eda6
X-LI-Proto: http/1.1
Content-Length: 55596
X-LI-UUID: HA7DRK0Q8xWQiNFh9CoAAA==
X-Li-Fabric: prod-ltx1
Expires: Thu, 13 Feb 2020 21:37:10 GMT

GET
H2 200 cybereason-custom.js Show response
www.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/5350539849/1569776480490/Custom/page/web_page_basic/ 5 KB
2 KB 33ms
31ms Script
application/javascript 2606:4700::6811:86b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/5350539849/1569776480490/Custom/page/web_page_basic/cybereason-custom.js
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:86b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: caa333db2175837df41125b50f0c0169c55f919427ee2c6992e2566948e9e518

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
content-encoding: br
cf-cache-status: HIT
age: 637
cf-ray: 5649e888484f2488-FRA
status: 200
x-amz-request-id: F2C3858ED0C4821B
x-amz-id-2: uFANtJt21qLbKxYPnLI6kb3sG8jXcXTKDVWlf3zc70cgCWUu4iMK0qJEX6qIWICZfJv68z2G5YU=
last-modified: Sun, 29 Sep 2019 17:01:21 GMT
server: cloudflare
etag: W/"5ef74fad1c1382e5acb9ca424910aae0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: QSLj7gaEL7IC2nt4kS1_hdFjsekt2ki6
cache-control: s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
content-type: application/javascript; charset=utf-8

GET
H2 200 readingTime.js Show response
cdn.rawgit.com/michael-lynch/reading-time/4255f585/src/ 7 KB
2 KB 63ms
20ms Script
application/javascript 151.139.237.11
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.rawgit.com/michael-lynch/reading-time/4255f585/src/readingTime.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.237.11 Dallas, United States, ASN33438 (HIGHWINDS2, US),

Reverse DNS

Software

NetDNA-cache/2.2 /

Resource Hash

6872a6c9c2a917ceeb92fefd3ef73cee7402a56689e1dbddf743b0aaa9e654c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload, max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2340
cf-ray: 50f0a2dbbf9dc85f-AMS
x-cache: HIT
status: 200
strict-transport-security: max-age=31536000; preload, max-age=31536000; preload
sunset: Tue, 01 Oct 2019 00:00:00 GMT
rawgit-cache-status: MISS
server: NetDNA-cache/2.2
etag: W/"56c9e3f737fa6f093a52c954565840d65fba231a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315569000, immutable
x-robots-tag: none
link: <https://rawgit.com/>; rel="sunset"; title="RawGit will soon shut down. Please stop using it."

GET
H2 200 slick.js Show response
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/ 87 KB
15 KB 32ms
31ms Script
application/javascript 2606:4700::6811:4004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/slick.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9baa573e4378873b7ac81ccb1d954ce9bb2b1a933947ad3012263ddc604d8505

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
content-encoding: br
cf-cache-status: HIT
age: 565990
cf-ray: 5649e8884c772760-FRA
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
alt-svc: h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified: Thu, 17 May 2018 09:25:37 GMT
server: cloudflare
etag: W/"5afd4a91-15b7b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Tue, 02 Feb 2021 21:31:17 GMT
cache-control: public, max-age=30672000
timing-allow-origin: *
served-in-seconds: 0.002

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
7 KB 24ms
23ms Stylesheet
text/css 2606:4700::6811:4004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
content-encoding: br
cf-cache-status: HIT
age: 569088
cf-ray: 5649e8884c762760-FRA
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
alt-svc: h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified: Thu, 17 May 2018 09:19:12 GMT
server: cloudflare
etag: W/"5afd4910-7918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
expires: Tue, 02 Feb 2021 21:31:17 GMT
cache-control: public, max-age=30672000
timing-allow-origin: *
served-in-seconds: 0.001

GET
H2 200 LOGO-Web-Owl-Mono-Copy.png
www.cybereason.com/hs-fs/hubfs/ 4 KB
5 KB 28ms
27ms Image
image/webp 2606:4700::6811:86b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/LOGO-Web-Owl-Mono-Copy.png?width=306&name=LOGO-Web-Owl-Mono-Copy.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:86b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6561b2dd1e1b0f9b2f678dfd01a29e1174ec8ac628405a546e42b717a2d3388b

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
via: 1.1 4638ed8bcd9a9c4a4ffe655049a6e058.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 172326
cf-polished: origFmt=png, origSize=8547
edge-cache-tag: F-6694579067,P-3354902,FLS-ALL
status: 200
content-disposition: inline; filename="LOGO-Web-Owl-Mono-Copy.webp"
x-hs-cf-lambda: us-east-1.setCacheTagHeaders 53
content-length: 4120
x-cache: Miss from cloudfront
last-modified: Mon, 03 Dec 2018 23:05:56 GMT
server: cloudflare
etag: "272c915f8898375baf0a61f20d6a437c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
x-amz-cf-pop: IAD89-C3
accept-ranges: bytes
cf-ray: 5649e88848512488-FRA
x-amz-cf-id: T_wKYVPFlgBKttHH3lvZIIlV45QTYUC4APEB1399hAfC-XGvNFIVNw==
cf-bgj: imgq:85

GET
H2 200 CR%20Logo%20copy.png
www.cybereason.com/hs-fs/hubfs/Cybereason%20Logos/ 2 KB
2 KB 34ms
33ms Image
image/webp 2606:4700::6811:86b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/Cybereason%20Logos/CR%20Logo%20copy.png?width=228&name=CR%20Logo%20copy.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:86b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4aeba3c62a91ed236d5acdc5ea52f5e051801379d306817ad8f4c850e550d2a

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
via: 1.1 c307613fe3146dad6950808dc74f82f6.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 172326
cf-polished: origFmt=png, origSize=3695
edge-cache-tag: F-6696434934,FD-5166594488,P-3354902,FLS-ALL
status: 200
content-disposition: inline; filename="CR%20Logo%20copy.webp"
x-hs-cf-lambda: us-east-1.setCacheTagHeaders 53
content-length: 1838
x-cache: Miss from cloudfront
last-modified: Tue, 04 Dec 2018 06:42:08 GMT
server: cloudflare
etag: "23310787edb9779a8e7eaeb7b306639b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
x-amz-cf-pop: IAD89-C2
accept-ranges: bytes
cf-ray: 5649e88848532488-FRA
x-amz-cf-id: PCqegQUClcqg99j4BwC-3ipa-WzV3vBe5t_Im8owBX58wTAIy0jdEQ==
cf-bgj: imgq:85

GET
H2 200 cr-owl-logomobile.png
www.cybereason.com/hs-fs/hubfs/Cybereason%20Files/images/ 5 KB
6 KB 23ms
23ms Image
image/webp 2606:4700::6811:86b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/Cybereason%20Files/images/cr-owl-logomobile.png?width=220&name=cr-owl-logomobile.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:86b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a6e3510af52bd4c550e719eef6ae49cfd1ff4be530c8240b4c8233a2860747d

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
via: 1.1 7b32163caf7e91fe96df7bbeaa58c0f9.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 172323
cf-polished: origFmt=png, origSize=9128
edge-cache-tag: F-6598017767,FD-5348774744,P-3354902,FLS-ALL
status: 200
content-disposition: inline; filename="cr-owl-logomobile.webp"
x-hs-cf-lambda: us-east-1.setCacheTagHeaders 53
content-length: 5558
x-cache: Miss from cloudfront
last-modified: Fri, 23 Nov 2018 19:10:03 GMT
server: cloudflare
etag: "766b51e70e55d99809346026aba1e8ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
x-amz-cf-pop: IAD89-C1
accept-ranges: bytes
cf-ray: 5649e888d9eb2488-FRA
x-amz-cf-id: bJR5Kxyk4qE8Tm-Q0MPgP5ZctqhA6LggWYXSVhAvLc21kEJLSDVwSg==
cf-bgj: imgq:85

GET
H2 200 cr-nav-platform-cta-sm.png
www.cybereason.com/hubfs/Award%20Logos/ 45 KB
45 KB 57ms
51ms Image
image/webp 2606:4700::6811:86b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hubfs/Award%20Logos/cr-nav-platform-cta-sm.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:86b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d111c83d2520fd8d1ec059493162072af6e97b725aa4b56eb846f09a01f8e9c

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
via: 1.1 c05282a87474a55ae2a8dd2aa77d1233.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-meta-cache-tag: F-19074217591,FD-5876486557,P-3354902,FLS-ALL
age: 7199
cf-polished: origFmt=png, origSize=49423
edge-cache-tag: F-19074217591,FD-5876486557,P-3354902,FLS-ALL
status: 200
content-disposition: inline; filename="cr-nav-platform-cta-sm.webp"
x-hs-cf-lambda: us-east-1.setCacheTagHeaders 52
x-amz-request-id: 99CF5EB5330C54D4
x-amz-id-2: pxgujia/zvXePEhCCPbGT5wLYdQTRTn3LTSNYRfwtHtdODob/eOC5JET+DQYNmSsF30PyGC7UYw=
x-cache: Miss from cloudfront
accept-ranges: bytes
last-modified: Wed, 23 Oct 2019 18:39:48 GMT
server: cloudflare
etag: "954ec251009f855ca41c27fb77257c50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: s-maxage=1209600, max-age=1209600
x-amz-version-id: mzDN6bdznDFNk4FUdOIJrHxzn9JFsv4o
x-amz-cf-pop: FRA6-C1
content-length: 45704
cf-ray: 5649e8890a742488-FRA
x-amz-cf-id: vTHw_7MYBmC9sXhNCGfTMzeFaOXX_jmgr1zOrQEwJFiwjmhXORSBXg==
cf-bgj: imgq:85

GET
H2 200 image9-10.png
www.cybereason.com/hs-fs/hubfs/ 4 KB
4 KB 46ms
39ms Image
image/webp 2606:4700::6811:86b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/image9-10.png?width=633&name=image9-10.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:86b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26fa2ba123efa3364c194ae18055734ad310789537c1eb2e605aebbf7599956d

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
via: 1.1 5195de19cbc5ce842ac6538e9a6850cb.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 57765
cf-polished: origFmt=png, origSize=8648
edge-cache-tag: F-25561450057,P-3354902,FLS-ALL
status: 200
content-disposition: inline; filename="image9-10.webp"
x-hs-cf-lambda: us-east-1.setCacheTagHeaders 53
content-length: 3974
x-cache: Miss from cloudfront
last-modified: Mon, 10 Feb 2020 19:47:51 GMT
server: cloudflare
etag: "43cd8a094314bee47d9d8b86b68f8925"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
x-amz-cf-pop: IAD89-C1
accept-ranges: bytes
cf-ray: 5649e8890a752488-FRA
x-amz-cf-id: XEKSA3ZgHLzfFn0eHD6KcBL_mQ03yvP9vVdNRub6pbzxsZuWmPiBtg==
cf-bgj: imgq:85

GET
H2 200 image1-21.png
www.cybereason.com/hs-fs/hubfs/ 15 KB
15 KB 48ms
41ms Image
image/webp 2606:4700::6811:86b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/image1-21.png?width=636&name=image1-21.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:86b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5199e0f25a98dd7b6b491196c24bb9e0a060dd7793c6d31d4243db14c6925e6c

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
via: 1.1 c35f767218cbd1125d801b52fa785c8d.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 16425
cf-polished: origFmt=png, origSize=33607
edge-cache-tag: F-25561449034,P-3354902,FLS-ALL
status: 200
content-disposition: inline; filename="image1-21.webp"
x-hs-cf-lambda: us-east-1.setCacheTagHeaders 53
content-length: 15392
x-cache: Miss from cloudfront
last-modified: Thu, 13 Feb 2020 16:35:14 GMT
server: cloudflare
etag: "0409817b8265584ccde6f01563de95ef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
x-amz-cf-pop: IAD89-C3
accept-ranges: bytes
cf-ray: 5649e8890a762488-FRA
x-amz-cf-id: z8KD4l129KmJwoB8S92NlQQKT_HJODHuoU36phVIvd_yGES_YV87Ew==
cf-bgj: imgq:85

GET
H2 200 image20-7.png
www.cybereason.com/hs-fs/hubfs/ 8 KB
9 KB 31ms
25ms Image
image/webp 2606:4700::6811:86b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/image20-7.png?width=638&name=image20-7.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:86b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aac17f4657bb755e2a22811d18ce321f796b0451678625f98222c7bbc6519231

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
via: 1.1 c5bb940b2890383b4ca2d8b74b68699a.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 57765
cf-polished: origFmt=png, origSize=19992
edge-cache-tag: F-25564497720,P-3354902,FLS-ALL
status: 200
content-disposition: inline; filename="image20-7.webp"
x-hs-cf-lambda: us-east-1.setCacheTagHeaders 53
content-length: 8564
x-cache: Miss from cloudfront
last-modified: Mon, 10 Feb 2020 20:18:24 GMT
server: cloudflare
etag: "d900ea63f7418e4689730a7b9fc079eb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
x-amz-cf-pop: IAD89-C2
accept-ranges: bytes
cf-ray: 5649e8890a772488-FRA
x-amz-cf-id: n6PLb_jUy3oQngGqqkSzUcLUjAqRCappA3t85ZTAWaQsd8BkeycxIg==
cf-bgj: imgq:85

GET
H2 200 image19-7.png
www.cybereason.com/hs-fs/hubfs/ 7 KB
7 KB 41ms
35ms Image
image/webp 2606:4700::6811:86b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/image19-7.png?width=637&name=image19-7.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:86b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e26fd168997ef8e32fb67cb993020aeead8c554c34c745605dbe313b45addfb

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
via: 1.1 c5bb940b2890383b4ca2d8b74b68699a.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 57764
cf-polished: origFmt=png, origSize=16732
edge-cache-tag: F-25561518523,P-3354902,FLS-ALL
status: 200
content-disposition: inline; filename="image19-7.webp"
x-hs-cf-lambda: us-east-1.setCacheTagHeaders 53
content-length: 7042
x-cache: Miss from cloudfront
last-modified: Mon, 10 Feb 2020 20:18:25 GMT
server: cloudflare
etag: "0e36790f1762b4e37290e146584d84fd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
x-amz-cf-pop: IAD89-C2
accept-ranges: bytes
cf-ray: 5649e8890a782488-FRA
x-amz-cf-id: D5CYXetMlOBDBtbCV4h2MV3H2DS3Flfgb0MNmBuzM5egJHjIofZK3g==
cf-bgj: imgq:85

GET
H2 200 image5-13.png
www.cybereason.com/hs-fs/hubfs/ 98 KB
98 KB 34ms
28ms Image
image/webp 2606:4700::6811:86b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/image5-13.png?width=628&name=image5-13.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:86b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2caf2b50b9deeac31f6fc4a09ee5fc0fdd927d88f6a00837afe0a42a519e506

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
via: 1.1 ef6762d67d012a06d2761f42352c9e53.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 57764
cf-polished: origFmt=png, origSize=162844
edge-cache-tag: F-25564497813,P-3354902,FLS-ALL
status: 200
content-disposition: inline; filename="image5-13.webp"
x-hs-cf-lambda: us-east-1.setCacheTagHeaders 53
content-length: 100418
x-cache: Miss from cloudfront
last-modified: Mon, 10 Feb 2020 20:18:25 GMT
server: cloudflare
etag: "eb75017580ab50194b3db87a2029329e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
x-amz-cf-pop: IAD89-C1
accept-ranges: bytes
cf-ray: 5649e8890a7a2488-FRA
x-amz-cf-id: gOlHa8zNhQmjCs1uzMPCFode_2vHPCNKjdmkM79w_3lTHNIS8x5Ryw==
cf-bgj: imgq:85

GET
H2 200 image24-5.png
www.cybereason.com/hs-fs/hubfs/ 35 KB
36 KB 56ms
49ms Image
image/webp 2606:4700::6811:86b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/image24-5.png?width=628&name=image24-5.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:86b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76384b3223d6e28aa3ae51c736e87c28533fde7da4898becc0fbee971fe9df27

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
via: 1.1 f88487c9214731db4c82619c9183bf7b.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 57764
cf-polished: origFmt=png, origSize=74179
edge-cache-tag: F-25563900686,P-3354902,FLS-ALL
status: 200
content-disposition: inline; filename="image24-5.webp"
x-hs-cf-lambda: us-east-1.setCacheTagHeaders 53
content-length: 35930
x-cache: Miss from cloudfront
last-modified: Mon, 10 Feb 2020 20:18:26 GMT
server: cloudflare
etag: "1e09164ca35cf21fe870eb025d257b0c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
x-amz-cf-pop: IAD89-C1
accept-ranges: bytes
cf-ray: 5649e8890a7b2488-FRA
x-amz-cf-id: mzAWPfiqpxPkDi6ygvk5UZy0HcN8W8bfs7fuSHrpH3MBJwyMvO8THQ==
cf-bgj: imgq:85

GET
H2 200 image12-10.png
www.cybereason.com/hs-fs/hubfs/ 14 KB
14 KB 44ms
38ms Image
image/webp 2606:4700::6811:86b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/image12-10.png?width=640&name=image12-10.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:86b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec5ab03df13acd27d9b42841414e14128cc4e3c222ec31e5e139e6f7bfa8ac42

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
via: 1.1 936f33bed45438343f0ef2adff442815.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 57764
cf-polished: origFmt=png, origSize=21642
edge-cache-tag: F-25561518668,P-3354902,FLS-ALL
status: 200
content-disposition: inline; filename="image12-10.webp"
x-hs-cf-lambda: us-east-1.setCacheTagHeaders 53
content-length: 14010
x-cache: Miss from cloudfront
last-modified: Tue, 11 Feb 2020 16:07:30 GMT
server: cloudflare
etag: "f9d223c3cd428995170c82eee328d006"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
x-amz-cf-pop: IAD89-C1
accept-ranges: bytes
cf-ray: 5649e8890a7e2488-FRA
x-amz-cf-id: aZGvGn1nsF3asFYrysd1vwyS2WQMR6qSl6kFc0HBEkok-0u9rHS1qA==
cf-bgj: imgq:85

GET
H2 200 image14-11.png
www.cybereason.com/hs-fs/hubfs/ 26 KB
26 KB 35ms
29ms Image
image/webp 2606:4700::6811:86b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/image14-11.png?width=615&name=image14-11.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:86b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 922ac633a666a606910b428245f241d6467a79ced3879b6ed63f00def07f0111

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
via: 1.1 f88487c9214731db4c82619c9183bf7b.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 57763
cf-polished: origFmt=png, origSize=51657
edge-cache-tag: F-25563703532,P-3354902,FLS-ALL
status: 200
content-disposition: inline; filename="image14-11.webp"
x-hs-cf-lambda: us-east-1.setCacheTagHeaders 53
content-length: 26360
x-cache: Miss from cloudfront
last-modified: Mon, 10 Feb 2020 20:18:26 GMT
server: cloudflare
etag: "8c3d1eb93a6fec2928bab72dd2784163"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
x-amz-cf-pop: IAD89-C1
accept-ranges: bytes
cf-ray: 5649e8890a7f2488-FRA
x-amz-cf-id: vRFI-jB6k5LYy9stLYoKvud_jLQOvfEscNzAPY1_ZuiltyRhZsTzWg==
cf-bgj: imgq:85

GET
H2 200 image17-8.png
www.cybereason.com/hs-fs/hubfs/ 52 KB
53 KB 38ms
32ms Image
image/webp 2606:4700::6811:86b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/image17-8.png?width=600&name=image17-8.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:86b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b93897776342fd32649389db6380c01876c03b6b9b6ac5c5e8853530aca6e1d

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
via: 1.1 09e7a54b3c0e42cf23f1deb97f4f6b95.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 57763
cf-polished: origFmt=png, origSize=73848
edge-cache-tag: F-25563900885,P-3354902,FLS-ALL
status: 200
content-disposition: inline; filename="image17-8.webp"
x-hs-cf-lambda: us-east-1.setCacheTagHeaders 53
content-length: 53596
x-cache: Miss from cloudfront
last-modified: Mon, 10 Feb 2020 20:18:25 GMT
server: cloudflare
etag: "65dbe71591c20b09c9c14fe85ee38882"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
x-amz-cf-pop: IAD89-C2
accept-ranges: bytes
cf-ray: 5649e8890a802488-FRA
x-amz-cf-id: H42FzNu7Uc7mZoNZeoHPzdteyE7nPIATiLUpblcV8NFtMjJ1Pa6G0g==
cf-bgj: imgq:85

GET
H2 200 image7-11.png
www.cybereason.com/hs-fs/hubfs/ 11 KB
11 KB 69ms
63ms Image
image/webp 2606:4700::6811:86b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/image7-11.png?width=630&name=image7-11.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:86b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45a229d8ccd90ad1ae8896f5ba6089185bf455a59dd882e495371caae7b792da

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
via: 1.1 3095e870e1a1a1b03178e40ab1872de5.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-meta-cache-tag: F-25564498084,P-3354902,FLS-ALL
age: 105539
cf-polished: origFmt=png, origSize=42230
edge-cache-tag: F-25564498084,P-3354902,FLS-ALL
status: 200
content-disposition: inline; filename="image7-11.webp"
x-hs-cf-lambda: us-east-1.setCacheTagHeaders 53
x-amz-request-id: 1DEB586C31FC2D2B
x-amz-id-2: ryQ7HmO5nKE6rlEKNDe1eO+TeCWrRzsEm0VMpwcC60ntc2N7P+P2/jxPf1aTKj33mDqQOzSXz38=
x-cache: Miss from cloudfront
accept-ranges: bytes
last-modified: Mon, 10 Feb 2020 20:14:45 GMT
server: cloudflare
etag: "99d1640255455449a1b1b1344340641d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: fpDV.KkYWj1Tf9JDhiP1RN86chPNsVSE
x-amz-cf-pop: FRA6-C1
content-length: 10838
cf-ray: 5649e8890a812488-FRA
x-amz-cf-id: PVJkBrbVlzVvUEVtAi27aqFHcgrun1WznGl6oJEvwJ3XDqfP_Nq_2g==
cf-bgj: imgq:85

GET
H2 200 Decompiled-Autoit-script.png
www.cybereason.com/hs-fs/hubfs/ 22 KB
23 KB 62ms
56ms Image
image/webp 2606:4700::6811:86b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/Decompiled-Autoit-script.png?width=637&name=Decompiled-Autoit-script.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:86b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d61a36ebdc4403cb02d2b3cfb7ebfc547a91e753812a1730f5d46832d91107f9

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-meta-cache-tag: F-25563901360,P-3354902,FLS-ALL
age: 105539
cf-polished: origFmt=png, origSize=96720
edge-cache-tag: F-25563901360,P-3354902,FLS-ALL
status: 200
content-disposition: inline; filename="Decompiled-Autoit-script.webp"
x-hs-cf-lambda: us-east-1.setCacheTagHeaders 53
x-amz-request-id: FFEF0724E2D951A4
x-amz-id-2: WAe1liJzAIaNBEDREKdaPbdcdX5QkYnY3zhU3L2cCae2XcmpYd4XNqRU6DYqm23xQeLX0FCmjlc=
x-cache: Miss from cloudfront
accept-ranges: bytes
last-modified: Mon, 10 Feb 2020 20:23:18 GMT
server: cloudflare
etag: "8e565bde7c377986b346e8dd7cf27703"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: E_dbR0Whk7yBb.80V29W_D0Hzpdwi9gL
x-amz-cf-pop: FRA6-C1
content-length: 22594
cf-ray: 5649e8890a822488-FRA
x-amz-cf-id: dYG_rskL7kfrs8Ek8Vn_opftkpT0Rcm87IIrv7IBF-betsKqaq4f8A==
cf-bgj: imgq:85

GET
H2 200 image23-4.png
www.cybereason.com/hs-fs/hubfs/ 4 KB
5 KB 74ms
68ms Image
image/webp 2606:4700::6811:86b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/image23-4.png?width=632&name=image23-4.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:86b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6643ad3856db5a4b76ee71ca3af264d6dccc33eebd76aa7b83c78b620c280a6

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
via: 1.1 530b01c2c88db2b27d295e2504b501cb.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 57761
cf-polished: origFmt=png, origSize=6381
edge-cache-tag: F-25563704129,P-3354902,FLS-ALL
status: 200
content-disposition: inline; filename="image23-4.webp"
x-hs-cf-lambda: us-east-1.setCacheTagHeaders 53
content-length: 4538
x-cache: Miss from cloudfront
last-modified: Mon, 10 Feb 2020 20:24:30 GMT
server: cloudflare
etag: "b889752f3d10d2108d2bd0646e43a710"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
x-amz-cf-pop: IAD89-C1
accept-ranges: bytes
cf-ray: 5649e8890a832488-FRA
x-amz-cf-id: fHeHKhnyNcGvJckRTZWNshEv064pb4282X9o7962FopPL_gFTUKeiw==
cf-bgj: imgq:85

GET
H2 200 image3-16.png
www.cybereason.com/hs-fs/hubfs/ 163 KB
164 KB 51ms
45ms Image
image/webp 2606:4700::6811:86b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/image3-16.png?width=625&name=image3-16.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:86b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbc46b8d765c072ee83b36a1d63edd7b06e472d2897f1a115ec0145d24502ea3

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
via: 1.1 c8c9787916110356915bbdbddd0a32d6.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 57761
cf-polished: origFmt=png, origSize=272515
edge-cache-tag: F-25563901517,P-3354902,FLS-ALL
status: 200
content-disposition: inline; filename="image3-16.webp"
x-hs-cf-lambda: us-east-1.setCacheTagHeaders 53
content-length: 167046
x-cache: Miss from cloudfront
last-modified: Mon, 10 Feb 2020 20:51:39 GMT
server: cloudflare
etag: "8b76fa9559f1d7114a831a6de96cecb3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
x-amz-cf-pop: IAD89-C2
accept-ranges: bytes
cf-ray: 5649e8890a852488-FRA
x-amz-cf-id: WKQfNE3ink-axSzEWJaPvto5Jj2S_Htyf_ZSVAZABeMdxjPiwnVLsg==
cf-bgj: imgq:85

GET
H2 200 image25-2.png
www.cybereason.com/hs-fs/hubfs/ 26 KB
26 KB 64ms
58ms Image
image/webp 2606:4700::6811:86b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/image25-2.png?width=630&name=image25-2.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:86b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3bc80135916185e92f44b5ef3841b12a77c2319ad5b7cb406775bd371a97152b

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
via: 1.1 041a4887d523cabe8177e269cc358163.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 57760
cf-polished: origFmt=png, origSize=50445
edge-cache-tag: F-25563704241,P-3354902,FLS-ALL
status: 200
content-disposition: inline; filename="image25-2.webp"
x-hs-cf-lambda: us-east-1.setCacheTagHeaders 53
content-length: 26464
x-cache: Miss from cloudfront
last-modified: Mon, 10 Feb 2020 20:51:40 GMT
server: cloudflare
etag: "c0a4c3da74cea62c9084a3a10db131e2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
x-amz-cf-pop: IAD89-C1
accept-ranges: bytes
cf-ray: 5649e8890a872488-FRA
x-amz-cf-id: rllcK7fhqbXSozQRclI72y-qW2a_3Fp96eFeqUO9B6LxkoZHPLKgbA==
cf-bgj: imgq:85

GET
H2 200 image6-11.png
www.cybereason.com/hs-fs/hubfs/ 24 KB
24 KB 65ms
59ms Image
image/webp 2606:4700::6811:86b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/image6-11.png?width=624&name=image6-11.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:86b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ecafab6d1fefff67569e003abe4ad03781f616120f68c4a00207f1c62ac7401

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
via: 1.1 1448f69604d5be1f9c9f0c64cfa90595.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 57760
cf-polished: origFmt=png, origSize=41408
edge-cache-tag: F-25563901632,P-3354902,FLS-ALL
status: 200
content-disposition: inline; filename="image6-11.webp"
x-hs-cf-lambda: us-east-1.setCacheTagHeaders 53
content-length: 24276
x-cache: Miss from cloudfront
last-modified: Mon, 10 Feb 2020 20:51:37 GMT
server: cloudflare
etag: "1e0c090a2db6ad87fd1ae01890efc263"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
x-amz-cf-pop: IAD89-C1
accept-ranges: bytes
cf-ray: 5649e8890a892488-FRA
x-amz-cf-id: hYQ1fAw__wzOUEq8UOlNgoNdiAR6dQdxfSSmt4-Vv9AVXpOgwY71wg==
cf-bgj: imgq:85

GET
H2 200 image8-13.png
www.cybereason.com/hs-fs/hubfs/ 24 KB
24 KB 33ms
27ms Image
image/webp 2606:4700::6811:86b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/image8-13.png?width=597&name=image8-13.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:86b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a310a56bdcf42c4addf125bbe22aeddff32a257d3101d3347486c7ba044be2d

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
via: 1.1 48c70f7a0c91fc5e8cb64d6c71ad9827.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 57760
cf-polished: origFmt=png, origSize=42118
edge-cache-tag: F-25563871829,P-3354902,FLS-ALL
status: 200
content-disposition: inline; filename="image8-13.webp"
x-hs-cf-lambda: us-east-1.setCacheTagHeaders 53
content-length: 24096
x-cache: Miss from cloudfront
last-modified: Wed, 12 Feb 2020 18:18:44 GMT
server: cloudflare
etag: "0273497a406a813e2c4ed091801bc07c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
x-amz-cf-pop: IAD89-C2
accept-ranges: bytes
cf-ray: 5649e8890a8a2488-FRA
x-amz-cf-id: n3W1P7-H2ji0wGSDNGRvDnFUHNx01OgFK9kazAk9XsAAuz7ixEwwRQ==
cf-bgj: imgq:85

GET
H2 200 image16-7.png
www.cybereason.com/hs-fs/hubfs/ 14 KB
14 KB 52ms
46ms Image
image/webp 2606:4700::6811:86b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/image16-7.png?width=600&name=image16-7.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:86b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ca28f8a79a5360bcf85ba9ea86068db7f6ed8301f8a2585e0edb7fe25e903a7

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
via: 1.1 86ef89199388021c33b079c598103b12.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-meta-cache-tag: F-25570824764,P-3354902,FLS-ALL
age: 57759
cf-polished: origFmt=png, origSize=36404
edge-cache-tag: F-25570824764,P-3354902,FLS-ALL
status: 200
content-disposition: inline; filename="image16-7.webp"
x-hs-cf-lambda: us-east-1.setCacheTagHeaders 53
x-amz-request-id: 9D8F7247537FA6B9
x-amz-id-2: /QMONlCSLc3lbVmEIpNehpjlvM63uEnlURNnTyqTdWOU5EPJRnCqm9UIjvCqbpV3X1qQczm+IJ8=
x-cache: Miss from cloudfront
accept-ranges: bytes
last-modified: Mon, 10 Feb 2020 20:30:13 GMT
server: cloudflare
etag: "c77239964245dbe68701e24ae0a7f68a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: 3_4_DSQUTchhJAeEfU80YEc4Vd.WeP45
x-amz-cf-pop: FRA53-C1
content-length: 13936
cf-ray: 5649e8890a8b2488-FRA
x-amz-cf-id: bVjqFsmtjmoISKLcAyIXKZ8SKiQdsTXemD1FYoNQRsJTMJ2wCk0Bvg==
cf-bgj: imgq:85

GET
H2 200 image10-10.png
www.cybereason.com/hs-fs/hubfs/ 15 KB
16 KB 57ms
51ms Image
image/webp 2606:4700::6811:86b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/image10-10.png?width=618&name=image10-10.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:86b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7214a638288d8a9825f5d836eac45df9725b37e94ea12c89dbf2182376d606d9

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-meta-cache-tag: F-25564035984,P-3354902,FLS-ALL
age: 57759
cf-polished: origFmt=png, origSize=38406
edge-cache-tag: F-25564035984,P-3354902,FLS-ALL
status: 200
content-disposition: inline; filename="image10-10.webp"
x-hs-cf-lambda: us-east-1.setCacheTagHeaders 53
x-amz-request-id: 3889A2E9E279FF13
x-amz-id-2: NnhjsrBewhKaoFh6KGQ8blV18LaA4NIgC2nvh0Iw60gnP0haSPGB7vNO4jIDIIvHk5tvUo59JTc=
x-cache: Miss from cloudfront
accept-ranges: bytes
last-modified: Mon, 10 Feb 2020 20:31:25 GMT
server: cloudflare
etag: "ccfecce5cdb13e17211b5648402c8c1c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: ylbLYbVUCc1GkwY9.hgm2HNXVsEct7Ok
x-amz-cf-pop: FRA53-C1
content-length: 15394
cf-ray: 5649e8890a8d2488-FRA
x-amz-cf-id: VUjFq12e82DJWeXx9963pyN_hnyvfpzdc-vwZee3ooBs1gyBPblgHA==
cf-bgj: imgq:85

GET
H2 200 image15-10.png
www.cybereason.com/hs-fs/hubfs/ 18 KB
18 KB 54ms
49ms Image
image/webp 2606:4700::6811:86b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/image15-10.png?width=600&name=image15-10.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:86b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1b028c30b6b268b17673f369cc56a05c55ea6f23f9847538876dd160bfeb427

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389765.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-meta-cache-tag: F-25564036041,P-3354902,FLS-ALL
age: 57758
cf-polished: origFmt=png, origSize=46874
edge-cache-tag: F-25564036041,P-3354902,FLS-ALL
status: 200
content-disposition: inline; filename="image15-10.webp"
x-hs-cf-lambda: us-east-1.setCacheTagHeaders 53
x-amz-request-id: 1C9F055F68BFF0CB
x-amz-id-2: r7jcHkX8vWFuzRoUl/RqjOlx9NR9JQ61lTnXEPh/mMkrZvbADll93H2Mx0xR3b5OpfUaMFb4T3A=
x-cache: Miss from cloudfront
accept-ranges: bytes
last-modified: Mon, 10 Feb 2020 20:31:53 GMT
server: cloudflare
etag: "38133ec2eab4d18dca0a4d77847e7939"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: sxEEuFmu3_EECPw5aIn5goa3tYWl2Qb0
x-amz-cf-pop: FRA53-C1
content-length: 18358
cf-ray: 5649e8890a8e2488-FRA
x-amz-cf-id: PO0wTl-EkyYhDjw-YF7v1NMTLsCIqb5f3xr2_wZJzd2xN3-isvh94g==
cf-bgj: imgq:85

GET
H2 200 image23-5.png
www.cybereason.com/hs-fs/hubfs/ 4 KB
5 KB 50ms
44ms Image
image/webp 2606:4700::6811:86b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/image23-5.png?width=428&name=image23-5.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:86b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46474002c6d62e77768766489c209b0ba80707d4d7e788e12eeeda6add14ce80

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
via: 1.1 9acd372742573b89975d7dceea2dc950.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 57757
cf-polished: origFmt=png, origSize=5946
edge-cache-tag: F-25782980533,P-3354902,FLS-ALL
status: 200
content-disposition: inline; filename="image23-5.webp"
x-hs-cf-lambda: us-east-1.setCacheTagHeaders 53
content-length: 4530
x-cache: Miss from cloudfront
last-modified: Wed, 12 Feb 2020 18:59:54 GMT
server: cloudflare
etag: "f2e835e128a9d5fcb7328b0134d4994f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
x-amz-cf-pop: IAD89-C2
accept-ranges: bytes
cf-ray: 5649e8890a902488-FRA
x-amz-cf-id: W0LTFxgAbqcxFnOTRLtciM7ghql9mpPVsvmNpgubzMj3IUzt5bUmtA==
cf-bgj: imgq:85

GET
H2 200 image13-13.png
www.cybereason.com/hs-fs/hubfs/ 26 KB
26 KB 35ms
30ms Image
image/webp 2606:4700::6811:86b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/image13-13.png?width=600&name=image13-13.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:86b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a576cd1375a7005f4b2f60f24cc9856c6067a15d07dbab0edf09e0d44ca8ff2

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
via: 1.1 4b0f0fc4315eea23426f6074a7254a8d.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 57757
cf-polished: origFmt=png, origSize=37004
edge-cache-tag: F-25782986011,P-3354902,FLS-ALL
status: 200
content-disposition: inline; filename="image13-13.webp"
x-hs-cf-lambda: us-east-1.setCacheTagHeaders 53
content-length: 26136
x-cache: Miss from cloudfront
last-modified: Wed, 12 Feb 2020 19:06:11 GMT
server: cloudflare
etag: "7a017f7f861cca5b4f19bbfef97d2a08"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
x-amz-cf-pop: IAD89-C2
accept-ranges: bytes
cf-ray: 5649e8890a922488-FRA
x-amz-cf-id: x9cxy9YawmyzxF9Jc03Tp-VYT3l1fjE6ZDuhOp27mzO6VSSOegpBhQ==
cf-bgj: imgq:85

GET
H2 200 image18-7.png
www.cybereason.com/hs-fs/hubfs/ 16 KB
17 KB 46ms
41ms Image
image/webp 2606:4700::6811:86b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/image18-7.png?width=600&name=image18-7.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:86b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ad79a56c42c69c4e830593af7421ddbac8a0606457e6e1909bf854bc06b37e9

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-meta-cache-tag: F-25564036063,P-3354902,FLS-ALL
age: 57756
cf-polished: origFmt=png, origSize=33129
edge-cache-tag: F-25564036063,P-3354902,FLS-ALL
status: 200
content-disposition: inline; filename="image18-7.webp"
x-hs-cf-lambda: us-east-1.setCacheTagHeaders 53
x-amz-request-id: 814AC7BB87E3802C
x-amz-id-2: dV9mf+1Hu4yOezlUJ/Nc2PFoelvxDVgoBaHYKdraSkzhswM9TiJrPHHchfjpCjmXF5ir6A08L5k=
x-cache: Miss from cloudfront
accept-ranges: bytes
last-modified: Mon, 10 Feb 2020 20:32:25 GMT
server: cloudflare
etag: "0a14dec8deda7cbc3deec6b35738fd36"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: _DL2zg8vSkUd7cJ29dxQrXutAJqsR4pK
x-amz-cf-pop: FRA53-C1
content-length: 16392
cf-ray: 5649e8890a932488-FRA
x-amz-cf-id: kUHwMvv-_HAELxNcqZf1OxgaMLlvFtglwbtFLLRH2PC1KJK6PZJ80Q==
cf-bgj: imgq:85

GET
H2 200 image4-12.png
www.cybereason.com/hs-fs/hubfs/ 30 KB
30 KB 63ms
58ms Image
image/webp 2606:4700::6811:86b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/image4-12.png?width=600&name=image4-12.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:86b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ada0c4eaa697a93621e450310b90732e6547fd6c8339d4d73a949ea67130aff

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
via: 1.1 befe3b8553d90339ecf78e5d7cefa60b.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-meta-cache-tag: F-25563902306,P-3354902,FLS-ALL
age: 13870
cf-polished: origFmt=png, origSize=117159
edge-cache-tag: F-25563902306,P-3354902,FLS-ALL
status: 200
content-disposition: inline; filename="image4-12.webp"
x-hs-cf-lambda: us-east-1.setCacheTagHeaders 53
x-amz-request-id: 9426EC151736B254
x-amz-id-2: EwHe6fGq1Oy75t3zVr5WBRrWwIKZPYiHsqKEAJo/jY0gp9ZX5OvB2FKxpZJRlK611MM6dAcnJEs=
x-cache: Miss from cloudfront
accept-ranges: bytes
last-modified: Mon, 10 Feb 2020 20:40:05 GMT
server: cloudflare
etag: "81296281d0460fc114ca0040c8c74121"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: wH06msKDXSsY2zCympoJCbezp4l.xz7N
x-amz-cf-pop: FRA53-C1
content-length: 30360
cf-ray: 5649e8890a982488-FRA
x-amz-cf-id: KeOSNohwhhtg22wTU4Rtge73pnLYMMSy-hizR7u4MbamTxhgCTXF6g==
cf-bgj: imgq:85

GET
H2 200 image14-13.png
www.cybereason.com/hs-fs/hubfs/ 7 KB
8 KB 62ms
57ms Image
image/webp 2606:4700::6811:86b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/image14-13.png?width=674&name=image14-13.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:86b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7eeabb79b5d8cb89def68bf696e346a7a418755694e786792e06feaa087db04d

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62f.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-meta-cache-tag: F-25782908528,P-3354902,FLS-ALL
age: 58431
cf-polished: origFmt=png, origSize=18682
edge-cache-tag: F-25782908528,P-3354902,FLS-ALL
status: 200
content-disposition: inline; filename="image14-13.webp"
x-hs-cf-lambda: us-east-1.setCacheTagHeaders 53
x-amz-request-id: D32B89FE2949B6D8
x-amz-id-2: mFeHgoGlBx+I6M1BaXhXdfWj058jAhyyzdlfu2CRVqP+trni4sTduYTE64vtlH1U0VzIqdbn1Us=
x-cache: Miss from cloudfront
accept-ranges: bytes
last-modified: Wed, 12 Feb 2020 19:04:36 GMT
server: cloudflare
etag: "fc0598ed2e15d1488a5e28ee7ec3bc94"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: VaqodIE63KwyxBojnLl9ZS00JAWwigDg
x-amz-cf-pop: FRA2-C2
content-length: 7228
cf-ray: 5649e8890a992488-FRA
x-amz-cf-id: KF1DkSMYEb_0hD0_9p1OsZ8g3W-EYodEF8dJiUEXf6zZbMWREXRJvA==
cf-bgj: imgq:85

GET
H2 200 image13-11.png
www.cybereason.com/hs-fs/hubfs/ 45 KB
45 KB 36ms
31ms Image
image/webp 2606:4700::6811:86b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/image13-11.png?width=600&name=image13-11.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:86b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc9c929ac66be4caffcbed19daa29a2e3f4b4258207c46934dd472cddf90977c

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
via: 1.1 d1cde188ada6755fe03b8541b71fce4a.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 57754
cf-polished: origFmt=png, origSize=89894
edge-cache-tag: F-25570825717,P-3354902,FLS-ALL
status: 200
content-disposition: inline; filename="image13-11.webp"
x-hs-cf-lambda: us-east-1.setCacheTagHeaders 53
content-length: 46102
x-cache: Miss from cloudfront
last-modified: Mon, 10 Feb 2020 20:51:37 GMT
server: cloudflare
etag: "6480580025aaecdc560289160c93d248"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
x-amz-cf-pop: IAD89-C1
accept-ranges: bytes
cf-ray: 5649e8890a9a2488-FRA
x-amz-cf-id: 2zG_Ty6HVZI22s-YMdvD4xSmKR_piCXPvCJ03kEK3bO_Q-j9B4gtBw==
cf-bgj: imgq:85

GET
H2 200 image11-9.png
www.cybereason.com/hs-fs/hubfs/ 11 KB
12 KB 55ms
50ms Image
image/webp 2606:4700::6811:86b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/image11-9.png?width=600&name=image11-9.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:86b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52f856a029de565af77bb835d656aa0d8906e2cc6f5e20b0e2f24b4c4d2e71ea

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
via: 1.1 c37f72766931ae9c3f146ffa54018d1c.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 57754
cf-polished: origFmt=png, origSize=23746
edge-cache-tag: F-25570825762,P-3354902,FLS-ALL
status: 200
content-disposition: inline; filename="image11-9.webp"
x-hs-cf-lambda: us-east-1.setCacheTagHeaders 53
content-length: 11648
x-cache: Miss from cloudfront
last-modified: Mon, 10 Feb 2020 20:51:37 GMT
server: cloudflare
etag: "05bf9faa1a4775b82859fd17db7bee1c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
x-amz-cf-pop: IAD89-C2
accept-ranges: bytes
cf-ray: 5649e8891a9b2488-FRA
x-amz-cf-id: sFQMplJSH5NsOPtD3_jwncNUBSA5r7zin2HzQF2wsx1FlNJTmi6qkg==
cf-bgj: imgq:85

GET
H2 200 image21-7.png
www.cybereason.com/hs-fs/hubfs/ 8 KB
8 KB 37ms
32ms Image
image/webp 2606:4700::6811:86b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/image21-7.png?width=224&name=image21-7.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:86b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d37d0311412e4f435e69f22b2d4b6e5a00d93b13f333a0eb262156359271d0f

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
via: 1.1 09e7a54b3c0e42cf23f1deb97f4f6b95.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 57753
cf-polished: origFmt=png, origSize=9619
edge-cache-tag: F-25565882711,P-3354902,FLS-ALL
status: 200
content-disposition: inline; filename="image21-7.webp"
x-hs-cf-lambda: us-east-1.setCacheTagHeaders 53
content-length: 7796
x-cache: Miss from cloudfront
last-modified: Mon, 10 Feb 2020 20:50:43 GMT
server: cloudflare
etag: "006a7a6291bddc4079fbc8038b5faf23"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
x-amz-cf-pop: IAD89-C2
accept-ranges: bytes
cf-ray: 5649e8891a9e2488-FRA
x-amz-cf-id: 1r1i-FCz0aKaVrh10avq2D0alA1CafPNRck1QQy8FdWvfTzo5R5u5g==
cf-bgj: imgq:85

GET
H2 200 soc-blue-fb.svg
www.cybereason.com/hubfs/Cybereason%20Images/ 2 KB
1 KB 52ms
48ms Image
image/svg+xml 2606:4700::6811:86b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hubfs/Cybereason%20Images/soc-blue-fb.svg
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:86b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b71a982dad86829660cef46a0467ecf81c34576eece4b297126a552902ef543c

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-meta-cache-tag: F-5470665926,FD-5168280605,P-3354902,FLS-ALL
age: 173206
edge-cache-tag: F-5470665926,FD-5168280605,P-3354902,FLS-ALL
status: 200
x-cache: Miss from cloudfront
x-hs-cf-lambda: us-east-1.setCacheTagHeaders 53
content-encoding: br
x-amz-request-id: C6A1C5DC7EDCCDFA
x-amz-id-2: 8gLqb17yMoCYEDTJ1z/QX47zUYt2SVA/CGiH7o7xNxcOtVuBE1/DfTRbuaMcCiDtJ3aeEJVaGYw=
last-modified: Fri, 08 Dec 2017 19:35:35 GMT
server: cloudflare
etag: W/"6a18b1cc988c1076e049cda4cbcd4153"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: kKljKdFH3buDh02hr4JKseZqGd9UNmJC
x-amz-cf-pop: FRA6-C1
cf-ray: 5649e8891a9f2488-FRA
x-amz-cf-id: ZOQdlKKFALiSw-0-EU16XV2NtxUdZUmo21cZLPVg0UTP8hA70kmhXA==

GET
H2 200 soc-blue-tw.svg
www.cybereason.com/hubfs/Cybereason%20Images/ 4 KB
2 KB 43ms
38ms Image
image/svg+xml 2606:4700::6811:86b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hubfs/Cybereason%20Images/soc-blue-tw.svg
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:86b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 496f753f7e96c1427cf6e11d9c5f822a5f1f46b3c54b7429df9a195fa8362884

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
via: 1.1 0e75d8f2d484ce463fc04f5c422aa179.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-meta-cache-tag: F-5470665934,FD-5168280605,P-3354902,FLS-ALL
age: 73312
edge-cache-tag: F-5470665934,FD-5168280605,P-3354902,FLS-ALL
status: 200
x-cache: Miss from cloudfront
x-hs-cf-lambda: us-east-1.setCacheTagHeaders 53
content-encoding: br
x-amz-request-id: 6297E2C5829C8B56
x-amz-id-2: 2ZqhGTaNfFMSvMytm9ZdpWDSQXrV3Sla+8c6H5ysJqge7TfZO8ps1Gq8YttYm5aDkKCKE+KhcZw=
last-modified: Fri, 08 Dec 2017 19:35:35 GMT
server: cloudflare
etag: W/"0b57c6649a05d662ec7f30d40940f833"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: D3IpbdW8RRnzDTspH4xTHYjY3Gw9XB_2
x-amz-cf-pop: FRA2-C1
cf-ray: 5649e8891aa02488-FRA
x-amz-cf-id: f4huVrlMlyRmbtZyuvRE7CTYXK8P34IgV3bG75Sjwklp0VwE1yljFQ==

GET
H2 200 soc-blue-li.svg
www.cybereason.com/hubfs/Cybereason%20Images/ 6 KB
2 KB 49ms
45ms Image
image/svg+xml 2606:4700::6811:86b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hubfs/Cybereason%20Images/soc-blue-li.svg
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:86b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d52338fe73e62ffcfa568e9ea399ef0c88783883327b794eace9faa78febf8

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-meta-cache-tag: F-5470665927,FD-5168280605,P-3354902,FLS-ALL
age: 173206
edge-cache-tag: F-5470665927,FD-5168280605,P-3354902,FLS-ALL
status: 200
x-cache: Miss from cloudfront
x-hs-cf-lambda: us-east-1.setCacheTagHeaders 53
content-encoding: br
x-amz-request-id: D329109A7D6340F2
x-amz-id-2: cydxvVV8l7h7b8h4GdeeArA9Md96O6r09h1ofNHNtOGp4RzsmlYBysG4izmd0t1tVPCh5hgyeyw=
last-modified: Fri, 08 Dec 2017 19:35:35 GMT
server: cloudflare
etag: W/"5e6c5282d1c524efcf53ed15f3d5bfcf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: 4hkpKyRa8xBg1y3U4IHwCZVBen9AnWpx
x-amz-cf-pop: FRA6-C1
cf-ray: 5649e8891aa12488-FRA
x-amz-cf-id: uhbtIfBlUJoZXDKzfLlQxkla3EHqK805twOZEvkNsmgRsMFy6PmxsA==

GET
H2 200 soc-blue-all.svg
www.cybereason.com/hubfs/Cybereason%20Images/ 2 KB
2 KB 45ms
40ms Image
image/svg+xml 2606:4700::6811:86b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hubfs/Cybereason%20Images/soc-blue-all.svg
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:86b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ebbf16975e8957d1e3b765a49226e95711b30af5852c253906c2f171325949b

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-meta-cache-tag: F-5470665923,FD-5168280605,P-3354902,FLS-ALL
age: 173206
edge-cache-tag: F-5470665923,FD-5168280605,P-3354902,FLS-ALL
status: 200
x-cache: Miss from cloudfront
x-hs-cf-lambda: us-east-1.setCacheTagHeaders 53
content-encoding: br
x-amz-request-id: 583BF4DA9FD7BE25
x-amz-id-2: vz+jxhk9UnwAC57TKe1TvSlni9963qzGP35beQFSE0e4Fanik7bW5hR3hp6XcazR3QVunJDqX+k=
last-modified: Fri, 08 Dec 2017 19:35:35 GMT
server: cloudflare
etag: W/"9243f0c4bf7f108e60528f8e0d1c316a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: 9BhyX.B86mcN2azKUAqRU6M3GLg60M66
x-amz-cf-pop: FRA6-C1
cf-ray: 5649e8891aa32488-FRA
x-amz-cf-id: gDJDCsUlEvYpZOkRedJmBplyU4SKU-_2lPs-6vJIIi4CHebqpTyJYQ==

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 80 KB
26 KB 33ms
14ms Script
application/javascript 2606:4700:10::6814:6e27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:6e27 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fdc62b86bb13c8c4776c372bf18e06356fed78dc785c2bb7f361be072453056

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
via: e5s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 44865
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
last-modified: Sat, 01 Feb 2020 08:08:40 GMT
server: cloudflare
etag: W/"13f93-59d7f32b0419d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=172800
cf-ray: 5649e8892ebcd719-FRA
cf-bgj: minify

GET
H2 200 back-to-blog.svg
www.cybereason.com/hubfs/ 1 KB
1016 B 48ms
43ms Image
image/svg+xml 2606:4700::6811:86b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hubfs/back-to-blog.svg
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:86b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2432844517e2dd99a05c54b57aac9aac78553489b6111ace7c3d97b826af19ec

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
via: 1.1 7ed7afde326861e358c3c83359e99895.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-meta-cache-tag: F-5470517914,P-3354902,FLS-ALL
age: 173206
edge-cache-tag: F-5470517914,P-3354902,FLS-ALL
status: 200
x-cache: Miss from cloudfront
x-hs-cf-lambda: us-east-1.setCacheTagHeaders 53
content-encoding: br
x-amz-request-id: C1656BB22DCA322E
x-amz-id-2: 3UMHx2YwPnyGDALQJ6fIfHQdnxRiONV6sooGdHAvrg4LUmjm13+blcRPm5hJsF06ypjJHJccdcs=
last-modified: Fri, 08 Dec 2017 21:03:59 GMT
server: cloudflare
etag: W/"f8eec92543191f23fee7ab47394dc947"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: AQqdyWUpAjHHjtN7KvPODBFXJFuM5V8s
x-amz-cf-pop: FRA6-C1
cf-ray: 5649e8891aa42488-FRA
x-amz-cf-id: DHDVp27Q0Zzsy6DOX1wpxXR3_Dbac53lRklMh7Op5deLMCCyv_WjJQ==

GET
H2 200 cr-logo.svg
www.cybereason.com/hubfs/ 7 KB
3 KB 43ms
39ms Image
image/svg+xml 2606:4700::6811:86b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hubfs/cr-logo.svg
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:86b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 173db45379b49d9271f8638f9f80936b5e74671a2bbb8376e394090ae9db931e

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-meta-cache-tag: F-21223925924,P-3354902,FLS-ALL
age: 6090
edge-cache-tag: F-21223925924,P-3354902,FLS-ALL
status: 200
x-cache: Miss from cloudfront
x-hs-cf-lambda: us-east-1.setCacheTagHeaders 52
content-encoding: br
x-amz-request-id: B9852A802F6921C4
x-amz-id-2: EbokLt1NT3eTvxkzzkQwhqmxN1+kzAL8/KV3dMsaPvFzivOazWOTqYuoAt6zGKJeI2NEV2Qe+tY=
last-modified: Thu, 14 Nov 2019 17:13:14 GMT
server: cloudflare
etag: W/"adecc79934699dcf241e9b6f8f8b280b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=1209600, max-age=1209600
x-amz-version-id: B.7LxTlHESzhX6SLvf9EJR3NJ0vLM7Ei
x-amz-cf-pop: FRA6-C1
cf-ray: 5649e8891aa52488-FRA
x-amz-cf-id: Bscfc2k87AxwZrK-vVOH29kGZQdzTpxfaSqmQZbHtXqX4tx9tuYoew==

GET
H2 200 twitter.svg
www.cybereason.com/hubfs/social-icons/ 792 B
995 B 48ms
44ms Image
image/svg+xml 2606:4700::6811:86b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hubfs/social-icons/twitter.svg
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:86b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0005cf2627e9e54179f90c78bbf355fccafb3907c4ae9e699bc09c4a57d75bf6

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
via: 1.1 8e04f5d6c745b231c10fce7c2aa9c70f.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-meta-cache-tag: F-21232815295,FD-5415380040,P-3354902,FLS-ALL
age: 6090
edge-cache-tag: F-21232815295,FD-5415380040,P-3354902,FLS-ALL
status: 200
x-cache: Miss from cloudfront
x-hs-cf-lambda: us-east-1.setCacheTagHeaders 52
content-encoding: br
x-amz-request-id: 271E2E60DCB62DE6
x-amz-id-2: gHiiZWkF4X8/4VBempeeXpVgES5yfOhIE5K4WjhOR2gxs2qZsHsOaTRmpXJebNjK87SAihWFncc=
last-modified: Thu, 14 Nov 2019 17:24:01 GMT
server: cloudflare
etag: W/"14debb189e620cc0a3c4ea84a614b8d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=1209600, max-age=1209600
x-amz-version-id: IMkvHwxtEDDIUOZjgxuxmMpUX.nX82Sy
x-amz-cf-pop: FRA6-C1
cf-ray: 5649e8891aa72488-FRA
x-amz-cf-id: jrMjODu3AZZXk_lOdW82rsAdmZr8hRjbKLKwApWIHqoCo8MbdSBF2g==

GET
H2 200 linkedin.svg
www.cybereason.com/hubfs/social-icons/ 529 B
912 B 63ms
59ms Image
image/svg+xml 2606:4700::6811:86b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hubfs/social-icons/linkedin.svg
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:86b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fc1bd4c0666cad8d8af42cf8f26c59bc5535b3d907b4db560c7db627e1e5253

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-meta-cache-tag: F-21232480017,FD-5415380040,P-3354902,FLS-ALL
age: 4484
edge-cache-tag: F-21232480017,FD-5415380040,P-3354902,FLS-ALL
status: 200
x-cache: Miss from cloudfront
x-hs-cf-lambda: us-east-1.setCacheTagHeaders 52
content-encoding: br
x-amz-request-id: B25590D16E6D57E7
x-amz-id-2: Yysjy9jm0eZZwnFTeXb3/l5ZUs1NDVxO52Hcow855pkOxSekf+07wyOFBBXhH/rZW3QvUC9Zbbc=
last-modified: Thu, 14 Nov 2019 17:24:01 GMT
server: cloudflare
etag: W/"847da66019040cba5b0aed254309f083"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=1209600, max-age=1209600
x-amz-version-id: b893YG7fG7.uXMP.wuBYwG7bD7IigLB0
x-amz-cf-pop: FRA6-C1
cf-ray: 5649e8891aa92488-FRA
x-amz-cf-id: 47qGqXorWti_uQI06S-uPshXvuK6jWr4QeNQKZ9QFUv5JyopfdkIdg==

GET
H2 200 youtube.svg
www.cybereason.com/hubfs/social-icons/ 729 B
799 B 53ms
49ms Image
image/svg+xml 2606:4700::6811:86b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hubfs/social-icons/youtube.svg
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:86b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 312c7a4e3e547301e162c0bf3a7788cf8d52caf2668fbafc01351c9185b97ce4

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
via: 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-meta-cache-tag: F-21232480018,FD-5415380040,P-3354902,FLS-ALL
age: 173205
edge-cache-tag: F-21232480018,FD-5415380040,P-3354902,FLS-ALL
status: 200
x-cache: Miss from cloudfront
x-hs-cf-lambda: us-east-1.setCacheTagHeaders 53
content-encoding: br
x-amz-request-id: 55A802C32204AFB9
x-amz-id-2: f7xelpoqWWjGKosQvLJ2O2ZRB2ST9NtL/QoeZAIoNNKP8ujynaTWbcFxosk44h5UhP16zY4wpm0=
last-modified: Thu, 14 Nov 2019 17:24:01 GMT
server: cloudflare
etag: W/"8c8a5ac2ddb60a58a59c7236297f35e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: FRY7VN7QoyOabw.AAGUdC1vw3qSDmi_m
x-amz-cf-pop: FRA6-C1
cf-ray: 5649e8891aaa2488-FRA
x-amz-cf-id: Pbsk0wTKrL2pJ4aMmPohlmIvjmxMEThswt1jzdwc8G25bsHOZgqdLw==

GET
H2 200 facebook.svg
www.cybereason.com/hubfs/social-icons/ 433 B
858 B 72ms
67ms Image
image/svg+xml 2606:4700::6811:86b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hubfs/social-icons/facebook.svg
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:86b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b329852f8f537591d001152e26a1b598ef4e4466fa10d859135843c307d5344e

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-meta-cache-tag: F-21224264479,FD-5415380040,P-3354902,FLS-ALL
age: 4485
edge-cache-tag: F-21224264479,FD-5415380040,P-3354902,FLS-ALL
status: 200
x-cache: Miss from cloudfront
x-hs-cf-lambda: us-east-1.setCacheTagHeaders 52
content-encoding: br
x-amz-request-id: B2257372163CBA21
x-amz-id-2: qVA4DACvAXq0Sj4JyR7qfB1xGeq4b9lQcnRUecHOfVFjaxLLhFQACIvy7j7pZwH2sxaCzr+o1pw=
last-modified: Thu, 14 Nov 2019 17:24:01 GMT
server: cloudflare
etag: W/"e97d7b693699cf2ee748031bf4de38f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=1209600, max-age=1209600
x-amz-version-id: C89llISjlQVo62IUPVtqXB4yDzHnmHiT
x-amz-cf-pop: FRA6-C1
cf-ray: 5649e8891aab2488-FRA
x-amz-cf-id: d7H1FxRzrJJ4EbD5VNAOgzul6InqOPuBb2g0ilKOB3LejadurzdIQQ==

GET
H2 200 instagram.svg
www.cybereason.com/hubfs/social-icons/ 2 KB
1 KB 43ms
39ms Image
image/svg+xml 2606:4700::6811:86b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hubfs/social-icons/instagram.svg
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:86b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 008a6b447b38fe87dac9127b3e47c83f89df61e8ac7285a7e86051ee89e99af9

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
via: 1.1 25c6baf0a31a5ef699c1e219b25ce7b9.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-meta-cache-tag: F-21223960139,FD-5415380040,P-3354902,FLS-ALL
age: 4484
edge-cache-tag: F-21223960139,FD-5415380040,P-3354902,FLS-ALL
status: 200
x-cache: Miss from cloudfront
x-hs-cf-lambda: us-east-1.setCacheTagHeaders 52
content-encoding: br
x-amz-request-id: C2175FD47740E975
x-amz-id-2: uOgfL/9Nrnki/jz1GoExwSa1+I0npDSTRp0EzYlo4DsTBRVi3qWurFhsX71g6CaxFfH7nElHF+A=
last-modified: Thu, 14 Nov 2019 17:24:01 GMT
server: cloudflare
etag: W/"a1012cd27290947d9af72c0ea4236beb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=1209600, max-age=1209600
x-amz-version-id: q2McvAidvV50PdQS5eg2kQ60XsPr41Is
x-amz-cf-pop: FRA6-C1
cf-ray: 5649e8891aac2488-FRA
x-amz-cf-id: TQdogitqvhJFXp0eKmHJumwPl81qQ2L8cBWY0MggzjLldnzKU-__ZQ==

GET
H2 200 index.js Show response
www.cybereason.com/hs/hsstatic/HubspotToolsMenu/static-1.58/js/ 9 KB
3 KB 27ms
26ms Script
application/javascript 2606:4700::6811:86b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybereason.com/hs/hsstatic/HubspotToolsMenu/static-1.58/js/index.js
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:86b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cedae155229da805bc3f9b63a2123e5dce5fa27749e4f1fecbb99dcc7214331d

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
via: 1.1 443f1433224715dbc774145b9ac2efe4.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 865570
cf-ray: 5649e88878c02488-FRA
x-cache: Hit from cloudfront
status: 200
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Mon, 03 Feb 2020 20:58:15 GMT
server: cloudflare
etag: W/"a5078af0466b0d0cade577c336e332c7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: yIwJZSIABtpsv4d3cGf7VK3JzBO5akhT
cache-control: s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-cf-pop: IAD89-C2
content-type: application/javascript; charset=utf-8
x-amz-cf-id: sKuh9AhUz_4ZeFhaDn7vld0HUSwdUrCkp6Kj9xHZJLrcytcf9nWQ6A==

GET
H2 200 project.js Show response
www.cybereason.com/hs/hsstatic/cos-i18n/static-1.10/bundles/ 1 KB
751 B 23ms
23ms Script
application/javascript 2606:4700::6811:86b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybereason.com/hs/hsstatic/cos-i18n/static-1.10/bundles/project.js
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:86b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab449241b50123673e76dbcd70f869ae11d26920f0ce1670fdfd266308058179

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
via: 1.1 b3e6aa6408d9b27acff39fa80612846a.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 8038000
cf-ray: 5649e88878e02488-FRA
x-cache: Hit from cloudfront
status: 200
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Wed, 13 Sep 2017 02:51:30 GMT
server: cloudflare
etag: W/"0011aaf4067b097bcbfd9dc99a4b94c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: p6iak7Gl9Xyg7crK_8XyTwctOBvKD1DL
cache-control: s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-cf-pop: IAD79-C2
content-type: application/javascript; charset=utf-8
x-amz-cf-id: lLi1CcBmx-Xi6FkLEYHd3WlIecrpOBbSH03-q6iXq3O7SpgZHkNKEw==

GET
H2 200 v2.js Show response
www.cybereason.com/_hcms/forms/ 420 KB
107 KB 37ms
37ms Script
application/javascript 2606:4700::6811:86b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybereason.com/_hcms/forms/v2.js
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:86b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca83bf6c4611e07ea8b93893694e16957cd66082de76afb1ee564fba6f055750

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
via: 1.1 d4b41c13595dcfd327649d8cdea72ce8.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 15926
cf-ray: 5649e88899482488-FRA
x-cache: Hit from cloudfront
status: 200
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Tue, 11 Feb 2020 04:34:02 GMT
server: cloudflare
etag: W/"01f4b8448e5b99e492b97afdd1268a74"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: gCHbnfLfRD6TgIiY4HAm19.GmuNmLHpw
cache-control: s-maxage=86400, max-age=0
access-control-allow-credentials: false
x-amz-cf-pop: IAD89-C3
content-type: application/javascript; charset=utf-8
x-amz-cf-id: s-JXCEjZrqC6hJbykzij5I-XYuKWKS55hV1EYTpOhNFX-RT7LSA4XQ==

GET
H2 200 module_6216123918_Related_Posts_-_Blog_Post.min.js Show response
www.cybereason.com/hs-fs/hub/3354902/hub_generated/module_assets/6216123918/1579617220947/ 611 B
541 B 23ms
23ms Script
application/javascript 2606:4700::6811:86b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybereason.com/hs-fs/hub/3354902/hub_generated/module_assets/6216123918/1579617220947/module_6216123918_Related_Posts_-_Blog_Post.min.js
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:86b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2832d2ff340e31dfb8300ecaf6967737af72f2c8981c895443abc7c6eaeb6993

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
content-encoding: br
cf-cache-status: HIT
age: 1219
cf-ray: 5649e888a9542488-FRA
status: 200
x-amz-request-id: ABB000F4501A5E03
x-amz-id-2: 3NDxRLMieR/mgmkTt2Wehct0/B5k1lqJDi3ti6t5IbM4OOwzSYswQMDiTi0e2Qa3v/WgaSzmNQY=
last-modified: Tue, 21 Jan 2020 14:33:41 GMT
server: cloudflare
etag: W/"ca4367b687b17634cfcc1f04939ca9ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: kIGMZJ40wT8KiikGb4IC.HOF4sniO7JK
cache-control: s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
content-type: application/javascript; charset=utf-8

GET
H2 200 3354902.js Show response
www.cybereason.com/hs/scriptloader/ 1 KB
609 B 81ms
78ms Script
application/javascript 2606:4700::6811:86b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybereason.com/hs/scriptloader/3354902.js
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:86b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07b9727b9e876ddfd4451c2fb844f7fa27061911652a3ea9985b14e5f40abc3f

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 1246
x-trace: 2BC4F6BD969A569A349ADF58EE97BF1FFF0A023C25000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
status: 200
cache-control: public, max-age=60
access-control-allow-credentials: false
cf-ray: 5649e8891aad2488-FRA
expires: Thu, 13 Feb 2020 21:11:31 GMT

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 6 KB
3 KB 83ms
28ms Script
application/x-javascript 23.210.250.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.250.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-44.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 8bd397636ecd49c36d687ad591807ea5ee621b1e11888657827902a5003fc4bb

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 13 Feb 2020 21:31:17 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Jan 2020 07:28:40 GMT
Server: AkamaiNetStorage
ETag: "522e4451790939ca385c10f4b474de63:1578382119.826889"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2617
Expires: Thu, 13 Feb 2020 21:51:17 GMT

GET
H/1.1 200
OK 58e26bc626b13471520000d9.js Show response
tag.marinsm.com/serve/ 38 KB
10 KB 100ms
28ms Script
text/javascript 151.101.112.65
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.marinsm.com/serve/58e26bc626b13471520000d9.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.65 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

154991194443aaeb774be577ea462c94fb6375d3926af0e00b6896581000a593

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 13 Feb 2020 21:31:17 GMT
Via: 1.1 vegur, 1.1 varnish
X-Content-Type-Options: nosniff
Age: 1505
X-Cache: HIT
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 9671
X-Served-By: cache-hhn4044-HHN
Server: Cowboy
X-Timer: S1581629477.369634,VS0,VE0
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=1800
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 126 KB
30 KB 9ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
content-length: 30466
x-xss-protection: 0
pragma: public
x-fb-debug: Nv+c/tdcWIzlIgHCEsCcfMYIPEIwoGka9o6p0OkXooqq7C85wORqwI0FpkVI+LyJHTOMH0C9Rk2230ksvlB16Q==
x-fb-trip-id: 1850256238
date: Thu, 13 Feb 2020 21:31:17 GMT, Thu, 13 Feb 2020 21:31:17 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sf14g.js Show response
t.sf14g.com/ 37 KB
37 KB 354ms
109ms Script
application/javascript 54.173.179.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sf14g.com/sf14g.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.173.179.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-173-179-199.compute-1.amazonaws.com

Software

Kestrel /

Resource Hash

86ecafc33ecb5976760d6b5f13a2874525e3f4bfa8b12a0e14d6c98ae9e727cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
last-modified: Tue, 16 Oct 2018 18:33:02 GMT
server: Kestrel
etag: "1d4657eab9c909b"
strict-transport-security: max-age=2592000
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 37787

GET
H2 200 hotjar-704918.js Show response
static.hotjar.com/c/ 8 KB
3 KB 22ms
18ms Script
application/javascript 147.75.100.69
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-704918.js?sv=6

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.100.69 Central, Hong Kong, ASN54825 (PACKET, US),

Reverse DNS

pkt-ams-k2-shared-ingress16

Software

Resource Hash

d4cfb414d9335152d3611b88bafb313cb8d8006c82392b4d05e9deec76f7e854

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 13 Feb 2020 21:31:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript
section-io-tag: hotjar
age: 280
status: 200
access-control-max-age: 600
section-io-cache: Hit
content-length: 2430
x-cache-hit: 1
x-frame-options: SAMEORIGIN
etag: W/8d47aa464b69860a9a6e86095cafa481
vary: Accept-Encoding
section-io-origin-status: 304
access-control-allow-origin: *
cache-control: max-age=60
section-io-origin-time-seconds: 0.089
accept-ranges: bytes
section-io-id: 861691bf2264aee8955d6b8f9261ce51
section-origin-responded: true

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/934771702/ 3 KB
1 KB 23ms
20ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/934771702/?random=1581629477260&cv=9&fst=1581629477260&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fnew-cyber-espionage-campaigns-targeting-palestinians-part-one%3Futm_campaign%3DCyber%2520Espionage%2520Targeting%2520Palestinians%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ%26_hsmi%3D83340888%26utm_source%3Dhs_email%26utm_content%3D83340888%26hsCtaTracking%3Dce96f475-92ca-48c9-b490-ad91d33d17de%257Ce3fe8794-40ee-420c-9000-851caf84ce79&tiba=New%20Cyber%20Espionage%20Campaigns%20Targeting%20Palestinians%20-%20Part%201%3A%20The%20Spark%20Campaign&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

89fc1cfc903d00918cacbcd575a3bd4ca4f824d0f8b95148b328760ceb5326ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Thu, 13 Feb 2020 21:31:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1297
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 l
use.typekit.net/af/343335/00000000000000003b9b0ad0/27/ 16 KB
16 KB 76ms
25ms Font
application/font-woff2 95.100.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/343335/00000000000000003b9b0ad0/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/vyv2ljd.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-67-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 2e96bf761583273e370136ed0b934a38ad1e08b386accb37277252b37b9c9961

Request headers

Referer: https://www.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/1581622811976/combined-css-e55ddf6f2bf7e283892d58214e13b194.css
Origin: https://www.cybereason.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
server: nginx
access-control-allow-origin: *
etag: "eedb93b5a9ba82f97df21a2548066c304a8baad8"
content-type: application/font-woff2
status: 200
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 16112

GET
H2 200 l
use.typekit.net/af/4b34d2/00000000000000003b9b0acf/27/ 16 KB
16 KB 127ms
77ms Font
application/font-woff2 95.100.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/4b34d2/00000000000000003b9b0acf/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/vyv2ljd.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-67-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 7219936e6e56b9932b2f1dd06cfff09b655a729bb17d0aa6d757e14184512384

Request headers

Referer: https://www.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/1581622811976/combined-css-e55ddf6f2bf7e283892d58214e13b194.css
Origin: https://www.cybereason.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
server: nginx
access-control-allow-origin: *
etag: "2d91046573f0e4458e7737f18f00bb9c13388e11"
content-type: application/font-woff2
status: 200
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 16252

GET
H2 200 l
use.typekit.net/af/cb6232/00000000000000003b9b0ad8/27/ 15 KB
15 KB 130ms
80ms Font
application/font-woff2 95.100.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/cb6232/00000000000000003b9b0ad8/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/vyv2ljd.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-67-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9607506688417bb09b8d6c29362c2fe29bc1b047b793cccddfce876d927fa57b

Request headers

Referer: https://www.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/1581622811976/combined-css-e55ddf6f2bf7e283892d58214e13b194.css
Origin: https://www.cybereason.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
server: nginx
access-control-allow-origin: *
etag: "865da7d2ecc4da3cb6bd5574f01738cfc5c8bb11"
content-type: application/font-woff2
status: 200
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 15448

GET
H2 200 l
use.typekit.net/af/abc1c3/00000000000000003b9b0ac9/27/ 16 KB
16 KB 116ms
66ms Font
application/font-woff2 95.100.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/abc1c3/00000000000000003b9b0ac9/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/vyv2ljd.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-67-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 359197d1e7ab63fe678db88914f31f1f9f6a37bd182e0de565fc7a68302a1f50

Request headers

Referer: https://www.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/1581622811976/combined-css-e55ddf6f2bf7e283892d58214e13b194.css
Origin: https://www.cybereason.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
server: nginx
access-control-allow-origin: *
etag: "8c3ee2b4e977df4e0f73e1b985c24fba9611fc49"
content-type: application/font-woff2
status: 200
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 16652

GET
H2 200 l
use.typekit.net/af/62203f/00000000000000003b9b0ac8/27/ 17 KB
17 KB 99ms
49ms Font
application/font-woff2 95.100.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/62203f/00000000000000003b9b0ac8/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/vyv2ljd.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-67-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 66b4fac9494bbeda177f4637fa3e7423fc8ef54b11a6875e68cdf3e472293b2a

Request headers

Referer: https://www.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/1581622811976/combined-css-e55ddf6f2bf7e283892d58214e13b194.css
Origin: https://www.cybereason.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
server: nginx
access-control-allow-origin: *
etag: "7b5be73a29b093f7ae3c099f5a521c9274f6db28"
content-type: application/font-woff2
status: 200
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 17148

GET
H2 200 l
use.typekit.net/af/19a2f0/00000000000000003b9b0ac7/27/ 16 KB
16 KB 92ms
42ms Font
application/font-woff2 95.100.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/19a2f0/00000000000000003b9b0ac7/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/vyv2ljd.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-67-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 97829f8a6f2a471117ed06d0b06a81d543b091a262192369c531380779148c5c

Request headers

Referer: https://www.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/1581622811976/combined-css-e55ddf6f2bf7e283892d58214e13b194.css
Origin: https://www.cybereason.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
server: nginx
access-control-allow-origin: *
etag: "b9e1ecdf0fe601a7e9dfc362b400290203e7b31c"
content-type: application/font-woff2
status: 200
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 16456

GET
H2 200 l
use.typekit.net/af/cfbead/0000000000000000000146b3/27/ 23 KB
23 KB 120ms
71ms Font
application/font-woff2 95.100.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/cfbead/0000000000000000000146b3/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/vyv2ljd.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-67-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 365a7ca6f52df29efedfdac2e08a9d0f03e4e2122dd9a49803bf8dacd58480fc

Request headers

Referer: https://www.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/1581622811976/combined-css-e55ddf6f2bf7e283892d58214e13b194.css
Origin: https://www.cybereason.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
server: nginx
access-control-allow-origin: *
etag: "122498e3424e674610da39fb441d661549879239"
content-type: application/font-woff2
status: 200
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 23248

GET
H2 200 l
use.typekit.net/af/f50d41/00000000000000003b9b2c84/27/ 15 KB
15 KB 111ms
62ms Font
application/font-woff2 95.100.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/f50d41/00000000000000003b9b2c84/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/vyv2ljd.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-67-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 765097740b7490e6ab6a2d8624199ab7b147e8c6cec064b6cce257750fdb1985

Request headers

Referer: https://www.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/1581622811976/combined-css-e55ddf6f2bf7e283892d58214e13b194.css
Origin: https://www.cybereason.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
server: nginx
access-control-allow-origin: *
etag: "13c2813ff67959226aaa4eccfcdd1399bd756b8d"
content-type: application/font-woff2
status: 200
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 15336

GET
H2 200 palestine-attacks-blog-image.png
www.cybereason.com/hubfs/ 300 KB
301 KB 60ms
60ms Image
image/webp 2606:4700::6811:86b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hubfs/palestine-attacks-blog-image.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:86b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1a477f109765bbbe6cb0309757132363ef39f765cfd7b2208f97b6fba27e801

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
via: 1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-meta-cache-tag: F-25684088497,P-3354902,FLS-ALL
age: 105539
cf-polished: origFmt=png, origSize=545456
edge-cache-tag: F-25684088497,P-3354902,FLS-ALL
status: 200
content-disposition: inline; filename="palestine-attacks-blog-image.webp"
x-hs-cf-lambda: us-east-1.setCacheTagHeaders 53
x-amz-request-id: 43AEE02AF2EA62E6
x-amz-id-2: pjWDMo5vgTT3lnZSOSb9t+PN+lJh4zAztBe/2BmNFluIsWLBQKkM+MIiwrrDhQV2WRVmZ6sGwe8=
x-cache: Miss from cloudfront
accept-ranges: bytes
last-modified: Tue, 11 Feb 2020 20:29:28 GMT
server: cloudflare
etag: "8c6c97de358e1a8d8fadc0baa4304284"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: M6eATrxw0ZKXpoKM6loQBB.KDqctNVJY
x-amz-cf-pop: FRA6-C1
content-length: 307388
cf-ray: 5649e8892abe2488-FRA
x-amz-cf-id: QTluMSGU6qWZW0O1yFAuS348ok-zpRx_cgoCT4I8GGhE3vcXoR1slg==
cf-bgj: imgq:85

GET
H2 200 CR_Owl_Web_Mono@3x.png
www.cybereason.com/hubfs/ 8 KB
8 KB 48ms
48ms Image
image/webp 2606:4700::6811:86b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hubfs/CR_Owl_Web_Mono@3x.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:86b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cbf6e27293c523afe11d21dad446397ed4ad9c7da2a537cdd986ff3b1b4cbef

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
via: 1.1 16dc09493f48bbc1fd2cdd6e175a94f7.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-meta-cache-tag: F-9105202110,P-3354902,FLS-ALL
age: 172317
cf-polished: origFmt=png, origSize=33164
edge-cache-tag: F-9105202110,P-3354902,FLS-ALL
status: 200
content-disposition: inline; filename="CR_Owl_Web_Mono@3x.webp"
x-hs-cf-lambda: us-east-1.setCacheTagHeaders 53
x-amz-request-id: 601BE468E9D7FF3E
x-amz-id-2: UWHupab5BE49JLMVbyHesiw1LJAxXROcM6bfVhOUMNepC1PjuaAUU5D2cQIUi56ZKFrWveV1KfA=
x-cache: Miss from cloudfront
accept-ranges: bytes
last-modified: Wed, 24 Apr 2019 17:39:57 GMT
server: cloudflare
etag: "b659bda1fc8f2df36acf622c9d9331c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: iyRnBn_O0GUZbIH3l_mSf75s_.btUs_c
x-amz-cf-pop: FRA53-C1
content-length: 7772
cf-ray: 5649e8892ac12488-FRA
x-amz-cf-id: gk2L29pwJyOSE1HhxL6lgwmUVA_AP06KoRl6YST76JEVaPMryPdujw==
cf-bgj: imgq:85

GET
H2 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 15ms
14ms Font
application/octet-stream 2606:4700::6811:4004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://www.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/1581622811976/combined-css-e55ddf6f2bf7e283892d58214e13b194.css
Origin: https://www.cybereason.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
cf-cache-status: HIT
age: 1291652
cf-ray: 5649e8892af0c2c2-FRA
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
alt-svc: h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 77160
last-modified: Thu, 17 May 2018 09:19:53 GMT
server: cloudflare
etag: "5afd4939-12d68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
expires: Tue, 02 Feb 2021 21:31:17 GMT
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
served-in-seconds: 0.001

GET
H2 200 DINNextLTPro-MediumCond.woff
cdn2.hubspot.net/hubfs/3354902/Cybereason%20Files/fonts/ 50 KB
51 KB 45ms
28ms Font
application/font-woff 2606:4700::6811:f1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hubfs/3354902/Cybereason%20Files/fonts/DINNextLTPro-MediumCond.woff
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b293e4c10e7df359f78a8c4f0b5106f2bfa3d8b6de7e43441724849c3734d38

Request headers

Referer: https://www.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/1581622811976/combined-css-e55ddf6f2bf7e283892d58214e13b194.css
Origin: https://www.cybereason.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
via: 1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-meta-cache-tag: F-5348526345,P-3354902,FLS-ALL
age: 565710
edge-cache-tag: F-5348526345,P-3354902,FLS-ALL
status: 200
x-cache: Miss from cloudfront
x-hs-cf-lambda: us-east-1.setCacheTagHeaders 53
content-encoding: gzip
content-type: application/font-woff
x-amz-request-id: 3F77C923BF538303
x-amz-id-2: Y3kovo0va6/7AteAjhWmrCL5/wxbGgftn3Ge/g+04CmfLcs7Ww/llUZNVlT/T7CdiujtKoVa914=
last-modified: Sun, 08 Oct 2017 14:12:38 GMT
server: cloudflare
etag: W/"169de8bbeb4aa5db5f87b95f2ab95714"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
x-amz-version-id: sGlGR.53wqPoExj8Omwf.6WtxL86SIC7
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-cf-pop: FRA6-C1
cf-ray: 5649e8894c4b16f2-FRA
x-amz-cf-id: 9YVw4vdWYhdheY5jgBmPqeymecqm40o1yzSLsgwJnns6G6iFRkjhsA==

GET
H2 200 -F63fjptAgt5VM-kVkqdyU8n1i8q0g.ttf
fonts.gstatic.com/s/ibmplexmono/v5/ 36 KB
18 KB 7ms
6ms Font
font/ttf 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexmono/v5/-F63fjptAgt5VM-kVkqdyU8n1i8q0g.ttf

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

128cfa4458d1c804e935930664e96ff59b16139513d6492b6ee031916862246e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/1581622811976/combined-css-e55ddf6f2bf7e283892d58214e13b194.css
Origin: https://www.cybereason.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 16:31:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 795601
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18109
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 02:44:46 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Feb 2021 16:31:16 GMT

GET
H2 200 0caba5f8-036c-4fa7-83d6-166a0180e075 Show response
www.cybereason.com/_hcms/forms/embed/v3/form/3354902/ 18 KB
4 KB 186ms
186ms Script
application/javascript 2606:4700::6811:86b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cybereason.com/_hcms/forms/embed/v3/form/3354902/0caba5f8-036c-4fa7-83d6-166a0180e075?callback=hs_reqwest_0&hutk=

Requested by

Host: www.cybereason.com
URL: https://www.cybereason.com/_hcms/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:86b4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8bf7ca718d378c72ec46085fd1bcd7b61dc12db464bb581472d0ea1616f4b2ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
server: cloudflare
x-trace: 2B504C6C882CFB266188D52B980DFBE9C9CF87A4C8000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
status: 200
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
content-disposition: attachment; filename=no-rfd.txt
cf-ray: 5649e889ecb22488-FRA

GET
H2 200 all.js Show response
connect.facebook.net/en_GB/ 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/all.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

02b86c87e92c9fbcdc2060100f9659673220ec9029302ac9c1551bc8bcd1635b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: u0XTDMVCOxBghm+kpHc5Ow==
status: 200
date: Thu, 13 Feb 2020 21:31:17 GMT, Thu, 13 Feb 2020 21:31:17 GMT
expires: Thu, 13 Feb 2020 21:51:15 GMT
alt-svc: h3-24=":443"; ma=3600
content-length: 1778
x-fb-debug: 5Z52QlqxYeIfMUpgUgoqgi5V94jrHm7JUGIrUY4snU/Z3waFbGv1zygq3HFqXYZu8B4ICxAd/GCoxoOMqDE67A==
x-fb-trip-id: 1850256238
x-fb-content-md5: dc661f8c7d56c8123fe74cf098c5a799
etag: "c914ff5cceb6d9509fb532375a7c47ab"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 90ms
31ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1a4dee2269258e980cfbc6965cca52520d51b0cf399cef6218e123c7620cafdc

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
content-encoding: gzip
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 29101
x-served-by: cache-iad2145-IAD, cache-fra19124-FRA
last-modified: Wed, 05 Feb 2020 23:55:53 GMT
etag: "d6438f3ded1a231e0c47db28e12b2834+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=1800
accept-ranges: bytes
tw-cdn: FT

GET
H2 200 bitbucket-blog-image.png
www.cybereason.com/hubfs/ 187 KB
188 KB 20ms
20ms Image
image/webp 2606:4700::6811:86b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hubfs/bitbucket-blog-image.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/hs/hsstatic/jquery-libs/static-1.4/jquery/jquery-1.11.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:86b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8428fc44304ff2164bf98b92e6b567c3b0553463cb2b9733fcbf1580901fb0d7

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-meta-cache-tag: F-25194305921,P-3354902,FLS-ALL
age: 160886
cf-polished: origFmt=png, origSize=319438
edge-cache-tag: F-25194305921,P-3354902,FLS-ALL
status: 200
content-disposition: inline; filename="bitbucket-blog-image.webp"
x-hs-cf-lambda: us-east-1.setCacheTagHeaders 53
x-amz-request-id: 7F650F6A6745D274
x-amz-id-2: /KheaSHD/L3SNgpdv7lycLsxqtbdSSO/z+nK/kJTgf1JqnRciqTwwB6FQorSR4OjCeLC3qy/DXM=
x-cache: Miss from cloudfront
accept-ranges: bytes
last-modified: Mon, 03 Feb 2020 18:49:36 GMT
server: cloudflare
etag: "c016a4b5f3d7bd43229225d0ea458c81"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: WW1NyU5d8L.zyzSl_b1s4j7tQAewb7yU
x-amz-cf-pop: FRA50-C1
content-length: 191352
cf-ray: 5649e88a0cfe2488-FRA
x-amz-cf-id: S4REHsOqwLQdBnKZ2UWSE-WSNKpozVvZMTC1lzvxs8deBVavgpkZEw==
cf-bgj: imgq:85

GET
H2 200 l
use.typekit.net/af/f2e356/00000000000000003b9b0ef5/27/ 35 KB
35 KB 30ms
30ms Font
application/font-woff2 95.100.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/f2e356/00000000000000003b9b0ef5/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/hs/hsstatic/jquery-libs/static-1.4/jquery/jquery-1.11.2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-67-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9af256cb88b39b1a3b6e36b50a7d7f3215db54331371bb53ed698450672ddcc8

Request headers

Referer: https://www.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/1581622811976/combined-css-e55ddf6f2bf7e283892d58214e13b194.css
Origin: https://www.cybereason.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
server: nginx
access-control-allow-origin: *
etag: "a0f0ee5943ccfb765480534c9add4201dba5a006"
content-type: application/font-woff2
status: 200
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 35932

GET
H2 200 cybereason-arrow.woff2
www.cybereason.com/hubfs/Fonts/ 2 KB
3 KB 21ms
21ms Font
application/font-woff2 2606:4700::6811:86b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybereason.com/hubfs/Fonts/cybereason-arrow.woff2
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/hs/hsstatic/jquery-libs/static-1.4/jquery/jquery-1.11.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:86b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcaf54bc46707931d5bcfd93e5b1ac50a518dabb1748fb5155353b392f11c2f8

Request headers

Referer: https://www.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/1581622811976/combined-css-e55ddf6f2bf7e283892d58214e13b194.css
Origin: https://www.cybereason.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
via: 1.1 8e04f5d6c745b231c10fce7c2aa9c70f.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-meta-cache-tag: F-20974772751,FD-5167100825,P-3354902,FLS-ALL
age: 7198
edge-cache-tag: F-20974772751,FD-5167100825,P-3354902,FLS-ALL
status: 200
x-cache: Miss from cloudfront
x-hs-cf-lambda: us-east-1.setCacheTagHeaders 52
x-amz-request-id: 7AA65B772FFDB9FB
x-amz-id-2: oRrsvZtc+qntzAnupOeXWbSyaEJBo0wWMORVoXqoLNRceNlaTWSicQJISIA6hWpRZ1hMuniiTzI=
accept-ranges: bytes
last-modified: Tue, 12 Nov 2019 18:05:03 GMT
server: cloudflare
etag: "28fb154fbabe25f37ef8bd98ec057a51"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: s-maxage=1209600, max-age=1209600
x-amz-version-id: nxxFbRZiJ0l5.6jBTiMaZGgmevb8x6Rg
x-amz-cf-pop: FRA6-C1
content-length: 2200
cf-ray: 5649e88a0d032488-FRA
x-amz-cf-id: ejYCVDdKCsgWR6scMPzU5-_k31LolU8cLNc9YVoHTmy6D8w_UWILUg==

GET
H2 200 -F6qfjptAgt5VM-kVkqdyU8n3twJwlBFhw.ttf
fonts.gstatic.com/s/ibmplexmono/v5/ 37 KB
18 KB 7ms
7ms Font
font/ttf 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexmono/v5/-F6qfjptAgt5VM-kVkqdyU8n3twJwlBFhw.ttf

Requested by

Host: www.cybereason.com
URL: https://www.cybereason.com/hs/hsstatic/jquery-libs/static-1.4/jquery/jquery-1.11.2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b66955d2f6a8fab43675c6a02f74f5d3914d07121b12396bc9308dbb00d78fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/1581622811976/combined-css-e55ddf6f2bf7e283892d58214e13b194.css
Origin: https://www.cybereason.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 01 Feb 2020 09:57:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1078420
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18509
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:39:51 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 31 Jan 2021 09:57:37 GMT

GET
H2 200 modules.a6ee02de5873aa236440.js Show response
script.hotjar.com/ 401 KB
70 KB 20ms
19ms Script
application/javascript 147.75.102.203
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.hotjar.com/modules.a6ee02de5873aa236440.js
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-704918.js?sv=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.102.203 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS: pkt-ams-k2-shared-ingress3
Software: /
Resource Hash: 58d77ce036eb42499cd5b4d8518fb35778bce4975275c4aa676d3347e6996df9

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
content-encoding: br
content-type: application/javascript
age: 26824
status: 200
section-io-cache: Hit
content-length: 71483
last-modified: Thu, 13 Feb 2020 14:00:36 GMT
etag: "a29cc766b3eae227e61b1b428741bb6c"
vary: Accept-Encoding
section-io-origin-status: 200
access-control-allow-origin: *
cache-control: max-age=31536000
section-io-origin-time-seconds: 0.023
accept-ranges: bytes
section-io-id: 87f9f89628d5eee718dd4f781d4bb937
section-origin-responded: true

GET
H2 200 /
www.google.com/pagead/1p-user-list/934771702/ 42 B
272 B 25ms
25ms Image
image/gif 2a00:1450:4001:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/934771702/?random=1581629477260&cv=9&fst=1581627600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fnew-cyber-espionage-campaigns-targeting-palestinians-part-one%3Futm_campaign%3DCyber%2520Espionage%2520Targeting%2520Palestinians%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ%26_hsmi%3D83340888%26utm_source%3Dhs_email%26utm_content%3D83340888%26hsCtaTracking%3Dce96f475-92ca-48c9-b490-ad91d33d17de%257Ce3fe8794-40ee-420c-9000-851caf84ce79&tiba=New%20Cyber%20Espionage%20Campaigns%20Targeting%20Palestinians%20-%20Part%201%3A%20The%20Spark%20Campaign&fmt=3&is_vtc=1&random=3503861745&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 13 Feb 2020 21:31:17 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/934771702/ 42 B
110 B 29ms
28ms Image
image/gif 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/934771702/?random=1581629477260&cv=9&fst=1581627600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fnew-cyber-espionage-campaigns-targeting-palestinians-part-one%3Futm_campaign%3DCyber%2520Espionage%2520Targeting%2520Palestinians%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ%26_hsmi%3D83340888%26utm_source%3Dhs_email%26utm_content%3D83340888%26hsCtaTracking%3Dce96f475-92ca-48c9-b490-ad91d33d17de%257Ce3fe8794-40ee-420c-9000-851caf84ce79&tiba=New%20Cyber%20Espionage%20Campaigns%20Targeting%20Palestinians%20-%20Part%201%3A%20The%20Spark%20Campaign&fmt=3&is_vtc=1&random=3503861745&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 13 Feb 2020 21:31:17 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 116645602292181 Show response
connect.facebook.net/signals/config/ 447 KB
112 KB 62ms
61ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/116645602292181?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

00f6d73623ef09e0702d94f138622bf8cf6789e6b458f170f0012238e5e89dc2

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: In1SowIuK3U5e/eeWCcOtsDDQsM4ABzUxUoXHzMPjIa6R43JkgYbSybYiLoQEA1Vw8X2tnHat5YdSvhiJfMIhQ==
x-fb-trip-id: 1850256238
date: Thu, 13 Feb 2020 21:31:17 GMT, Thu, 13 Feb 2020 21:31:17 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sm.22.html
static.addtoany.com/menu/ Frame 91AF 0
0 46ms
45ms Document
text/html 2606:4700:10::6814:6e27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/sm.22.html

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:6e27 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: static.addtoany.com
:scheme: https
:path: /menu/sm.22.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79

Response headers

status: 200
date: Thu, 13 Feb 2020 21:31:17 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=db36d93a259d225f7d1c0eb5fa2797c741581629477; expires=Sat, 14-Mar-20 21:31:17 GMT; path=/; domain=.addtoany.com; HttpOnly; SameSite=Lax; Secure
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
last-modified: Thu, 03 Oct 2019 06:59:00 GMT
etag: W/"70f-593fc1ec1791b"
cache-control: max-age=315360000, immutable
age: 563267
vary: Accept-Encoding
via: e5s
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 5649e88adb29d719-FRA
content-encoding: br

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 4 KB
2 KB 15ms
14ms Script
application/javascript 2606:4700::6811:70b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/hs/scriptloader/3354902.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:70b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbc6e6e201648a797a1a70459fb94149e8245fcac93a066963cbb08cb7f08ae3

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
via: 1.1 f7a968b55c3516da72549b98f99704a4.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 117
x-cache: Hit from cloudfront
status: 200
x-amz-replication-status: COMPLETED
content-encoding: gzip
x-amz-version-id: wLHxFQo4.UHGjY7LpiTI8YXD7oOxmPVx
last-modified: Mon, 10 Feb 2020 05:54:42 GMT
server: cloudflare
etag: W/"a3c820f15fc2d32ccf32bcded41dc23b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=600
x-amz-cf-pop: IAD89-C3
cf-ray: 5649e88aea11e003-FRA
x-amz-cf-id: 9nzB_YIZxkadXgQqtLRs_J_tg_5vY3jbtJrAJXuvzba9kR-SSPzVyg==

GET
H2 200 3354902.js Show response
js.hs-analytics.net/analytics/1581628200000/ 76 KB
26 KB 16ms
16ms Script
text/javascript 2606:4700::6811:44b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1581628200000/3354902.js
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/hs/scriptloader/3354902.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:44b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb89b9243e1a24adb734a4863b878f581594972d6e920261683844fb3fc8c12c

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 247
status: 200
x-amz-request-id: 1824F2B9565C10D8
x-amz-id-2: n/SWg+Hb5M3YxMoHlgwzbHp3jOXxn1STwRErrmqPOKXKMHP94Ne8vmcdTP5NjlZMsU/mgvUEGa0=
last-modified: Tue, 21 Jan 2020 15:45:12 GMT
server: cloudflare
etag: W/"b2c0d0695f5b6b12170758de1bc10726"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=300, public
access-control-allow-credentials: false
x-amz-version-id: null
cf-ray: 5649e88ae97b0eaf-FRA
expires: Thu, 13 Feb 2020 21:32:10 GMT

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 377 KB
61 KB 35ms
16ms Script
application/javascript 2606:4700::6811:e8cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/hs/scriptloader/3354902.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:e8cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4dfaff2f5d6e94657e0f881332caa67965b9cf78bd3b56767d48eaf23647633d

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Origin: https://www.cybereason.com
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
via: 1.1 c307613fe3146dad6950808dc74f82f6.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 24330
x-cache: Hit from cloudfront
status: 200
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
content-encoding: br
content-type: application/javascript; charset=utf-8
last-modified: Tue, 11 Feb 2020 02:42:32 GMT
server: cloudflare
etag: W/"5a4b3524feb30251503c1dd69d357e81"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
x-amz-version-id: 8UWSQh6JvjVvPe4AFvrC5AfctgtqAmWA
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-amz-cf-pop: IAD89-C2
cf-ray: 5649e88b09a3d6fd-FRA
x-amz-cf-id: rPojH5EG3AmTvAg7TW9efp_Z-v7x1l7HMtaK-WXqurJJ2PkdXO4Uqg==

GET
H/1.1 200
OK pixel
tr.outbrain.com/ 43 B
333 B 386ms
98ms Image
image/gif 70.42.32.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.outbrain.com/pixel?marketerId=0027b8e5e3241bf8cc1be75fc37da5a0b4&obApiVersion=1.1&obtpVersion=1.1.8&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fnew-cyber-espionage-campaigns-targeting-palestinians-part-one%3Futm_campaign%3DCyber%2520Espionage%2520Targeting%2520Palestinians%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ%26_hsmi%3D83340888%26utm_source%3Dhs_email%26utm_content%3D83340888%26hsCtaTracking%3Dce96f475-92ca-48c9-b490-ad91d33d17de%257Ce3fe8794-40ee-420c-9000-851caf84ce79&optOut=false&bust=0017354287471440966

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains;

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 13 Feb 2020 21:31:17 GMT
content-encoding: gzip
Strict-Transport-Security: max-age=0; includeSubDomains;
Content-Type: image/gif;
Cache-Control: no-cache
Connection: close
X-TraceId: 20937412b960ad209049b6263810ea7e
Content-Length: 60

GET
H/1.1 200
OK pixel
amplifypixel.outbrain.com/ 43 B
314 B 414ms
103ms Image
image/gif 64.202.112.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://amplifypixel.outbrain.com/pixel?mid=0027b8e5e3241bf8cc1be75fc37da5a0b4&dl=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fnew-cyber-espionage-campaigns-targeting-palestinians-part-one%3Futm_campaign%3DCyber%2520Espionage%2520Targeting%2520Palestinians%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ%26_hsmi%3D83340888%26utm_source%3Dhs_email%26utm_content%3D83340888%26hsCtaTracking%3Dce96f475-92ca-48c9-b490-ad91d33d17de%257Ce3fe8794-40ee-420c-9000-851caf84ce79&bust=04576040641608885

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

64.202.112.95 , United States, ASN22075 (AS-OUTBRAIN, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains;

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 13 Feb 2020 21:31:17 GMT
Cache-Control: no-cache
X-TraceId: d03603a235ad8e8e24dfc67b7cbb4a9f
content-encoding: gzip
Content-Length: 60
Strict-Transport-Security: max-age=0; includeSubDomains;
Content-Type: image/gif;

GET
H2 200 p.gif
p.typekit.net/ 35 B
201 B 27ms
25ms Image
image/gif 95.100.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.typekit.net/p.gif?
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-67-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
last-modified: Mon, 04 Feb 2019 21:28:53 GMT
server: nginx
access-control-allow-origin: *
etag: "5c58ae95-23"
content-type: image/gif
status: 200
cache-control: max-age=604800
accept-ranges: bytes
content-length: 35
expires: Mon, 19 Aug 2019 11:43:27 GMT

GET
H2 200 p.gif
p.typekit.net/ 35 B
201 B 26ms
24ms Image
image/gif 95.100.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.typekit.net/p.gif?s=1&k=vyv2ljd&ht=tk&h=www.cybereason.com&f=32224.32226.32227.32228.32230.32231.10875.32265&a=657783&js=1.19.2&app=typekit&e=js&_=1581629477583
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-67-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
last-modified: Mon, 04 Feb 2019 21:28:53 GMT
server: nginx
access-control-allow-origin: *
etag: "5c58ae95-23"
content-type: image/gif
status: 200
cache-control: max-age=604800
accept-ranges: bytes
content-length: 35
expires: Mon, 19 Aug 2019 11:43:27 GMT

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 0D5F 0
0 19ms
19ms Document
text/html 147.75.102.13
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-704918.js?sv=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.102.13 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS: pkt-ams-k2-shared-ingress1
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79

Response headers

status: 200
date: Thu, 13 Feb 2020 21:31:17 GMT
content-type: text/html
content-length: 851
last-modified: Wed, 29 Jan 2020 12:33:12 GMT
etag: "d594f1d4c3e5dbd6b556c60d34e0daea"
cache-control: max-age=31536000
content-encoding: br
section-io-origin-status: 200
section-io-origin-time-seconds: 0.093
section-origin-responded: true
age: 1328099
vary: Accept-Encoding
section-io-cache: Hit
accept-ranges: bytes
section-io-id: 71bad350c9d14d684426465ebde7681e

GET
H2 200 icons.29.svg.js Show response
static.addtoany.com/menu/svg/ 78 KB
33 KB 21ms
20ms Script
application/javascript 2606:4700:10::6814:6e27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons.29.svg.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:6e27 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e30f848c353b8ab801c18d2109527cb32a27f145262dccb3cd4db9f309cc53bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT
via: e5s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 563268
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
last-modified: Mon, 31 Dec 2018 23:29:11 GMT
server: cloudflare
etag: W/"13937-57e59c7b88bd6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000, immutable
cf-ray: 5649e88b0b8dd719-FRA
cf-bgj: minify

GET
H/1.1

200
OK

tagjs Show response
pixel-geo.prfct.co/
Redirect Chain

https://pixel-geo.prfct.co/tagjs?a_id=71641&source=js_tag
https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=71641&source=js_tag

107 B
436 B

41ms
41ms

Script
text/javascript

34.252.172.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=71641&source=js_tag
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.172.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-172-232.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 793fc397fef7e49522e43e020655cf3647b690848c0a2da1669912083a7f1680

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 107
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

Location: https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=71641&source=js_tag
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2 200 all.js Show response
connect.facebook.net/en_GB/ 187 KB
56 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/all.js?hash=a672ff47694cc4606e784f9a3e1ef3a1&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/all.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f5b15208f9098694aa890d01ca4c1282e404b05c42412710712f9f275bbf3d18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Origin: https://www.cybereason.com
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: y2vaUM4Ph8sxHEdS6H+BeQ==
status: 200
date: Thu, 13 Feb 2020 21:31:17 GMT, Thu, 13 Feb 2020 21:31:17 GMT
expires: Fri, 12 Feb 2021 20:07:43 GMT
alt-svc: h3-24=":443"; ma=3600
content-length: 56929
x-fb-debug: OeaqmDSTGbNJvCloNhELrZtQ5WqHdHrVm2tN5KxXCRG9qIiICHKpOtlnTx01tcu4v79QsFtycj6K78nzt09nXw==
x-fb-trip-id: 1850256238
x-fb-content-md5: 2c83a352ef5b64fc8be919ad843406a1
etag: "f698ddb96ba5ea4080b9ada2f173a930"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 widget_iframe.7303c29a8108bca4ac5c9ef008ed8164.html
platform.twitter.com/widgets/ Frame 3ABA 0
0 27ms
27ms Document
text/html 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.7303c29a8108bca4ac5c9ef008ed8164.html?origin=https%3A%2F%2Fwww.cybereason.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: platform.twitter.com
:scheme: https
:path: /widgets/widget_iframe.7303c29a8108bca4ac5c9ef008ed8164.html?origin=https%3A%2F%2Fwww.cybereason.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79

Response headers

status: 200
last-modified: Wed, 05 Feb 2020 23:46:01 GMT
cache-control: public, max-age=315360000
content-type: text/html; charset=utf-8
etag: "9fa476ae827f556d5b037fe43632370d+gzip"
content-encoding: gzip
access-control-allow-methods: GET
access-control-allow-origin: *
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
accept-ranges: bytes
date: Thu, 13 Feb 2020 21:31:17 GMT
x-served-by: cache-iad2132-IAD, cache-fra19124-FRA
x-cache: HIT, HIT
vary: Accept-Encoding
tw-cdn: FT
content-length: 5825

POST
H/1.1 204
No Content / Show response
performance.typekit.net/ 0
144 B 452ms
108ms XHR
text/plain 34.193.108.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://performance.typekit.net/
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/vyv2ljd.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.108.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-108-147.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Origin: https://www.cybereason.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 13 Feb 2020 21:31:18 GMT
Cache-Control: private
Connection: keep-alive

POST
H/1.1 204
No Content / Show response
performance.typekit.net/ 0
144 B 458ms
111ms XHR
text/plain 34.193.108.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://performance.typekit.net/
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/vyv2ljd.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.108.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-108-147.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Origin: https://www.cybereason.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 13 Feb 2020 21:31:18 GMT
Cache-Control: private
Connection: keep-alive

GET
H2 200 /
www.facebook.com/tr/ 44 B
254 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=116645602292181&ev=PageView&dl=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fnew-cyber-espionage-campaigns-targeting-palestinians-part-one%3Futm_campaign%3DCyber%2520Espionage%2520Targeting%2520Palestinians%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ%26_hsmi%3D83340888%26utm_source%3Dhs_email%26utm_content%3D83340888%26hsCtaTracking%3Dce96f475-92ca-48c9-b490-ad91d33d17de%257Ce3fe8794-40ee-420c-9000-851caf84ce79&rl=&if=false&ts=1581629477740&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1581629477739.1406885537&it=1581629477566&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 13 Feb 2020 21:31:17 GMT, Thu, 13 Feb 2020 21:31:17 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Thu, 13 Feb 2020 21:31:17 GMT

GET
H2

200

adsct
analytics.twitter.com/i/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=twtr
https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_X0TRcl28GvO0U0aTN

43 B
555 B

185ms
136ms

Image
image/gif

104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_X0TRcl28GvO0U0aTN

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 13 Feb 2020 21:31:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
content-length: 65
x-xss-protection: 0
x-response-time: 112
pragma: no-cache
last-modified: Thu, 13 Feb 2020 21:31:18 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: e94533e0f2052ac27394dbc1d02a9a23
x-transaction: 0022663c001a2b70
expires: Tue, 31 Mar 1981 05:00:00 GMT

Redirect headers

Location: https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_X0TRcl28GvO0U0aTN
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H/1.1

200
OK

cb
pixel.prfct.co/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=yah
https://ads.yahoo.com/cms/v1?nwid=10001073209&eid=pa_X0TRcl28GvO0U0aTN&sigv=1&esig=2~ff5336774371fb5fb977638680d8d463488769dd
https://pixel.prfct.co/cb?partnerId=yah&xid=E0&eid=pa_X0TRcl28GvO0U0aTN

43 B
460 B

451ms
109ms

Image
image/gif

34.206.200.99
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.prfct.co/cb?partnerId=yah&xid=E0&eid=pa_X0TRcl28GvO0U0aTN
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.200.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-200-99.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

date: Thu, 13 Feb 2020 21:31:17 GMT
referrer-policy: no-referrer-when-downgrade
server: ATS
age: 2
location: https://pixel.prfct.co/cb?partnerId=yah&xid=E0&eid=pa_X0TRcl28GvO0U0aTN
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
status: 302
x-content-type-options: nosniff
content-length: 0
x-xss-protection: 1; mode=block

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=opx
https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_X0TRcl28GvO0U0aTN
https://us-u.openx.net/w/1.0/sd?cc=1&id=537114372&val=pa_X0TRcl28GvO0U0aTN

43 B
183 B

35ms
34ms

Image
image/gif

34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537114372&val=pa_X0TRcl28GvO0U0aTN
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.174.5 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Feb 2020 21:31:18 GMT
via: 1.1 google
server: OXGW/16.174.5
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Thu, 13 Feb 2020 21:31:18 GMT
via: 1.1 google
server: OXGW/16.174.5
location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537114372&val=pa_X0TRcl28GvO0U0aTN
p3p: CP="CUR ADM OUR NOR STA NID"
status: 302
alt-svc: clear
content-length: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=rbcn
https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_X0TRcl28GvO0U0aTN

0
239 B

116ms
30ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_X0TRcl28GvO0U0aTN
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: image/gif
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 611afce88997db6fdd35eb213e662871
Expires: 0

Redirect headers

Location: https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_X0TRcl28GvO0U0aTN
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H/1.1

200
OK

cb
pixel-geo.prfct.co/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=goo
https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfWDBUUmNsMjhHdk8wVTBhVE4
https://pixel-geo.prfct.co/cb?partnerId=goo

43 B
365 B

43ms
41ms

Image
image/gif

34.252.172.232
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-geo.prfct.co/cb?partnerId=goo
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.172.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-172-232.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

pragma: no-cache
date: Thu, 13 Feb 2020 21:31:18 GMT
server: HTTP server (unknown)
location: https://pixel-geo.prfct.co/cb?partnerId=goo
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 240
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
pixel-geo.prfct.co/seg/ 43 B
365 B 203ms
121ms Image
image/gif 34.252.172.232
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-geo.prfct.co/seg/?add=8257847&source=js_tag&a_id=71641
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.172.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-172-232.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?t=2&add=8257847
https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D8257847

43 B
1 KB

30ms
29ms

Image
image/gif

37.252.173.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D8257847

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 13 Feb 2020 21:31:19 GMT
AN-X-Request-Uuid: 8979688a-5611-42e1-8049-18bcb061ee84
Content-Type: image/gif
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 95.174.67.85; 95.174.67.85; 537.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.228:80
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 13 Feb 2020 21:31:19 GMT
AN-X-Request-Uuid: cffb8fe6-56bd-4061-a474-42976f91a402
Content-Type: text/html; charset=utf-8
Server: nginx/1.13.4
Location: https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D8257847
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 95.174.67.85; 95.174.67.85; 537.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.117:80
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

tracking.png
tracking.leadlander.com/
Redirect Chain

https://tracking.leadlander.com/api/tracking?accountId=27717&page=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fnew-cyber-espionage-campaigns-targeting-palestinians-part-one%3Futm_campaign%3DCyber%2520...
https://tracking.leadlander.com/tracking.png

68 B
347 B

113ms
113ms

Image
image/png

52.21.56.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tracking.leadlander.com/tracking.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.21.56.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-56-60.compute-1.amazonaws.com

Software

Kestrel /

Resource Hash

69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 13 Feb 2020 21:31:17 GMT
Last-Modified: Wed, 26 Sep 2018 16:48:51 GMT
Server: Kestrel
ETag: "1d455b8cd761bc4"
Strict-Transport-Security: max-age=2592000
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68

Redirect headers

Location: /tracking.png
Date: Thu, 13 Feb 2020 21:31:17 GMT
Server: Kestrel
Connection: keep-alive
Content-Length: 0
Strict-Transport-Security: max-age=2592000

GET
H2 200 /
www.facebook.com/tr/ 44 B
152 B 8ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=116645602292181&ev=Microdata&dl=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fnew-cyber-espionage-campaigns-targeting-palestinians-part-one%3Futm_campaign%3DCyber%2520Espionage%2520Targeting%2520Palestinians%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ%26_hsmi%3D83340888%26utm_source%3Dhs_email%26utm_content%3D83340888%26hsCtaTracking%3Dce96f475-92ca-48c9-b490-ad91d33d17de%257Ce3fe8794-40ee-420c-9000-851caf84ce79&rl=&if=false&ts=1581629478249&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22New%20Cyber%20Espionage%20Campaigns%20Targeting%20Palestinians%20-%20Part%201%3A%20The%20Spark%20Campaign%22%2C%22meta%3Adescription%22%3A%22Cybereason%27s%20Nocturnus%20team%20has%20been%20tracking%20recent%20espionage%20campaigns%20specifically%20directed%20at%20entities%20and%20individuals%20in%20the%20Palestinian%20territories.%20%22%7D&cd[OpenGraph]=%7B%22og%3Adescription%22%3A%22Cybereason%27s%20Nocturnus%20team%20has%20been%20tracking%20recent%20espionage%20campaigns%20specifically%20directed%20at%20entities%20and%20individuals%20in%20the%20Palestinian%20territories.%20%22%2C%22og%3Atitle%22%3A%22New%20Cyber%20Espionage%20Campaigns%20Targeting%20Palestinians%20-%20Part%201%3A%20The%20Spark%20Campaign%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.cybereason.com%2Fhubfs%2Fpalestine-attacks-blog-image.png%23keepProtocol%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fnew-cyber-espionage-campaigns-targeting-palestinians-part-one%22%2C%22og%3Atype%22%3A%22article%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.1.1581629477739.1406885537&it=1581629477566&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 13 Feb 2020 21:31:18 GMT, Thu, 13 Feb 2020 21:31:18 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Thu, 13 Feb 2020 21:31:18 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 3466
date: Thu, 13 Feb 2020 20:33:32 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18174
expires: Thu, 13 Feb 2020 22:33:32 GMT

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/ 23 B
286 B 108ms
107ms XHR
application/json 2606:4700::6811:cccc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/json?portalId=3354902

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cccc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f621a831fe6b7b75cd96e10eb4c80311fff6a3948e4905d12a22032d5ec59b48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Origin: https://www.cybereason.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 13 Feb 2020 21:31:18 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 23
server: cloudflare
x-trace: 2BAB881878EE3ADAE429C668941288D3BA4530376E000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.cybereason.com
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 5649e890b99ddfe3-FRA
access-control-allow-headers: *

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
232 B 23ms
23ms Image
image/gif 2606:4700::6810:fd05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2430194794&v=1.1&a=3354902&pi=25537919171&ct=blog-post&ccu=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fnew-cyber-espionage-campaigns-targeting-palestinians-part-one&cpi=25537919171&cgi=5272851739&lpi=25537919171&lvi=25537919171&lvc=en&pu=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fnew-cyber-espionage-campaigns-targeting-palestinians-part-one%3Futm_campaign%3DCyber%2520Espionage%2520Targeting%2520Palestinians%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ%26_hsmi%3D83340888%26utm_source%3Dhs_email%26utm_content%3D83340888%26hsCtaTracking%3Dce96f475-92ca-48c9-b490-ad91d33d17de%257Ce3fe8794-40ee-420c-9000-851caf84ce79&t=New+Cyber+Espionage+Campaigns+Targeting+Palestinians+-+Part+1%3A+The+Spark+Campaign&cts=1581629478510&vi=cfafcca952263bedb7fb49358897ad6c&nc=true&u=85683782.cfafcca952263bedb7fb49358897ad6c.1581629478507.1581629478507.1581629478507.1&b=85683782.1.1581629478507&pt=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:fd05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 13 Feb 2020 21:31:18 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI CUR ADM OUR NOR STA NID"
status: 200
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 5649e890bfa50ebb-FRA
content-type: image/gif
content-length: 45
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
104 B 29ms
29ms Image
image/gif 2606:4700::6810:fd05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=17&fi=0caba5f8-036c-4fa7-83d6-166a0180e075&fci=9ff710f6-1ad1-4b54-b27c-f4947035d5bc&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2430194794&v=1.1&a=3354902&pi=25537919171&ct=blog-post&ccu=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fnew-cyber-espionage-campaigns-targeting-palestinians-part-one&cpi=25537919171&cgi=5272851739&lpi=25537919171&lvi=25537919171&lvc=en&pu=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fnew-cyber-espionage-campaigns-targeting-palestinians-part-one%3Futm_campaign%3DCyber%2520Espionage%2520Targeting%2520Palestinians%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ%26_hsmi%3D83340888%26utm_source%3Dhs_email%26utm_content%3D83340888%26hsCtaTracking%3Dce96f475-92ca-48c9-b490-ad91d33d17de%257Ce3fe8794-40ee-420c-9000-851caf84ce79&t=New+Cyber+Espionage+Campaigns+Targeting+Palestinians+-+Part+1%3A+The+Spark+Campaign&cts=1581629478512&vi=cfafcca952263bedb7fb49358897ad6c&nc=true&u=85683782.cfafcca952263bedb7fb49358897ad6c.1581629478507.1581629478507.1581629478507.1&b=85683782.1.1581629478507&pt=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:fd05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 13 Feb 2020 21:31:18 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI CUR ADM OUR NOR STA NID"
status: 200
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 5649e890bfa70ebb-FRA
content-type: image/gif
content-length: 45
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
104 B 29ms
28ms Image
image/gif 2606:4700::6810:fd05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=0caba5f8-036c-4fa7-83d6-166a0180e075&fci=9ff710f6-1ad1-4b54-b27c-f4947035d5bc&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2430194794&v=1.1&a=3354902&pi=25537919171&ct=blog-post&ccu=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fnew-cyber-espionage-campaigns-targeting-palestinians-part-one&cpi=25537919171&cgi=5272851739&lpi=25537919171&lvi=25537919171&lvc=en&pu=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fnew-cyber-espionage-campaigns-targeting-palestinians-part-one%3Futm_campaign%3DCyber%2520Espionage%2520Targeting%2520Palestinians%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ%26_hsmi%3D83340888%26utm_source%3Dhs_email%26utm_content%3D83340888%26hsCtaTracking%3Dce96f475-92ca-48c9-b490-ad91d33d17de%257Ce3fe8794-40ee-420c-9000-851caf84ce79&t=New+Cyber+Espionage+Campaigns+Targeting+Palestinians+-+Part+1%3A+The+Spark+Campaign&cts=1581629478513&vi=cfafcca952263bedb7fb49358897ad6c&nc=true&u=85683782.cfafcca952263bedb7fb49358897ad6c.1581629478507.1581629478507.1581629478507.1&b=85683782.1.1581629478507&pt=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:fd05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 13 Feb 2020 21:31:18 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI CUR ADM OUR NOR STA NID"
status: 200
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 5649e890bfa90ebb-FRA
content-type: image/gif
content-length: 45
x-robots-tag: none

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 2 KB
1 KB 138ms
120ms XHR
application/json 2606:4700::6810:f905
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=3354902&utk=cfafcca952263bedb7fb49358897ad6c&__hstc=85683782.cfafcca952263bedb7fb49358897ad6c.1581629478507.1581629478507.1581629478507.1&__hssc=85683782.1.1581629478507&contentId=25537919171&currentUrl=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fnew-cyber-espionage-campaigns-targeting-palestinians-part-one%3Futm_campaign%3DCyber%2520Espionage%2520Targeting%2520Palestinians%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ%26_hsmi%3D83340888%26utm_source%3Dhs_email%26utm_content%3D83340888%26hsCtaTracking%3Dce96f475-92ca-48c9-b490-ad91d33d17de%257Ce3fe8794-40ee-420c-9000-851caf84ce79

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f905 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

671228117f22a0f974d35160950a6afe47c8bb1bcb8c9da006bb7f8ba684221b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Origin: https://www.cybereason.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 13 Feb 2020 21:31:18 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-ray: 5649e890fdaebf05-FRA
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.cybereason.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1473289618&t=pageview&_s=1&dl=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fnew-cyber-espionage-campaigns-targeting-palestinians-part-one%3Futm_c...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-56367941-1&cid=988405954.1581629479&jid=1268935784&_gid=605716661.1581629479&gjid=292777754&_v=j81&z=1621612673
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-56367941-1&cid=988405954.1581629479&jid=1268935784&_v=j81&z=1621612673
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-56367941-1&cid=988405954.1581629479&jid=1268935784&_v=j81&z=1621612673&slf_rd=1&random=4125991142

42 B
109 B

25ms
25ms

Image
image/gif

2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-56367941-1&cid=988405954.1581629479&jid=1268935784&_v=j81&z=1621612673&slf_rd=1&random=4125991142

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Feb 2020 21:31:18 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 Feb 2020 21:31:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-56367941-1&cid=988405954.1581629479&jid=1268935784&_v=j81&z=1621612673&slf_rd=1&random=4125991142
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a02:26f0:6c00:296::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:296::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 13 Feb 2020 21:31:18 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Oct 2019 16:41:31 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=42002
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1576

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=994281&url=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fnew-cyber-espionage-campaigns-targeting-palestinians-part-one%3Futm_campaign%3DCyber%2520Espi...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D994281%26url%3Dhttps%253A%252F%252Fwww.cybereason.com%252Fblog%252Fnew-cyber-espi...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=994281&url=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fnew-cyber-espionage-campaigns-targeting-palestinians-part-one%3Futm_campaign%3DCyber%2520Espi...

0
58 B

121ms
121ms

Image
application/javascript

2a05:f500:10:101::b93f:9105
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=994281&url=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fnew-cyber-espionage-campaigns-targeting-palestinians-part-one%3Futm_campaign%3DCyber%2520Espionage%2520Targeting%2520Palestinians%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ%26_hsmi%3D83340888%26utm_source%3Dhs_email%26utm_content%3D83340888%26hsCtaTracking%3Dce96f475-92ca-48c9-b490-ad91d33d17de%257Ce3fe8794-40ee-420c-9000-851caf84ce79&time=1581629478627&liSync=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:10:101::b93f:9105 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 13 Feb 2020 21:31:18 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
status: 200
x-li-proto: http/2
x-li-pop: prod-efr5
content-type: application/javascript
content-length: 0
x-li-uuid: ufdLmqET8xWQhxUQWysAAA==

Redirect headers

date: Thu, 13 Feb 2020 21:31:18 GMT
x-content-type-options: nosniff
linkedin-action: 1
status: 302
strict-transport-security: max-age=2592000
content-length: 0
x-li-uuid: T8fzk6ET8xVgXlau+SoAAA==
server: Play
pragma: no-cache
x-li-pop: prod-efr5
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options: sameorigin
x-li-fabric: prod-lva1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=994281&url=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fnew-cyber-espionage-campaigns-targeting-palestinians-part-one%3Futm_campaign%3DCyber%2520Espionage%2520Targeting%2520Palestinians%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ%26_hsmi%3D83340888%26utm_source%3Dhs_email%26utm_content%3D83340888%26hsCtaTracking%3Dce96f475-92ca-48c9-b490-ad91d33d17de%257Ce3fe8794-40ee-420c-9000-851caf84ce79&time=1581629478627&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/insight.min.js platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
104 B 24ms
24ms Image
image/gif 2606:4700::6810:fd05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=16&fi=a325ca4c-77be-436f-b080-20ec8bd3654a&lfi=152417&ft=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2430194794&v=1.1&a=3354902&pi=25537919171&ct=blog-post&ccu=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fnew-cyber-espionage-campaigns-targeting-palestinians-part-one&cpi=25537919171&cgi=5272851739&lpi=25537919171&lvi=25537919171&lvc=en&pu=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fnew-cyber-espionage-campaigns-targeting-palestinians-part-one%3Futm_campaign%3DCyber%2520Espionage%2520Targeting%2520Palestinians%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ%26_hsmi%3D83340888%26utm_source%3Dhs_email%26utm_content%3D83340888%26hsCtaTracking%3Dce96f475-92ca-48c9-b490-ad91d33d17de%257Ce3fe8794-40ee-420c-9000-851caf84ce79&t=New+Cyber+Espionage+Campaigns+Targeting+Palestinians+-+Part+1%3A+The+Spark+Campaign&cts=1581629478679&vi=cfafcca952263bedb7fb49358897ad6c&nc=true&u=85683782.cfafcca952263bedb7fb49358897ad6c.1581629478507.1581629478507.1581629478507.1&b=85683782.1.1581629478507&pt=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:fd05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 13 Feb 2020 21:31:18 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI CUR ADM OUR NOR STA NID"
status: 200
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 5649e891ca3a0ebb-FRA
content-type: image/gif
content-length: 45
x-robots-tag: none

POST
H2 200 perf Show response
www.cybereason.com/_hcms/ 2 B
387 B 129ms
129ms XHR
text/plain 2606:4700::6811:86b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybereason.com/_hcms/perf
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:86b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79
Origin: https://www.cybereason.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/json

Response headers

cf-ray: 5649e8a358ef2488-FRA
date: Thu, 13 Feb 2020 21:31:21 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-trace: 2BAB1BCB84BD46030F68334E2BF10C69EBC2A460A2000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
status: 200
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: none
content-length: 2

Verdicts & Comments Add Verdict or Comment

143 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.cybereason.com/	1970-01-19 07:20:31	Name: __hssc Value: 85683782.1.1581629478507
.cybereason.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.cybereason.com/	1970-01-19 16:42:05	Name: hubspotutk Value: cfafcca952263bedb7fb49358897ad6c
.cybereason.com/	1970-01-19 16:42:05	Name: __hstc Value: 85683782.cfafcca952263bedb7fb49358897ad6c.1581629478507.1581629478507.1581629478507.1

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://hi.cybereason.com/e2t/c/W2FJL5x1myNG8TwLX41qnyql0/W2HvXk_5VTDQwW8bBtLw6KZMWF0/5/f18dQhb0S1Wc7BfGH_W12NnsW5STPBFW2wqBV43wygw1N5J28kx_ZyTRW30rM1y85k9HPW3yNWR95MJ5cTW4k6wVm1srSMlW37zG_55YTG-TW86-t5g8gycK4W2ZYBYX8QjqKPW4sBWnw4Fl0pLW7QndN_3v9tB3W7ZTDPM4JWsRjW17Lf_p2NkqPWW5x4RZt1kHgfZW2wJGL96y2wxgW3fXzrz8XPYbbW1230TB2Wlmn1W7sHkp34ZYM5GW1PN3Nm5B3Xl5W1hMnPx5grcn_W7q5Jps1-yJCFW3Rl1dL6G9hxYW90NMT_6tyvMsW55md-817xv9RW6mj3mm7--HN-W231Zf_1YgBxqVcfpCS4XT02fVVLgHJ18WRSWW2fDCDg49Vk-NW854GGB4t5D6MW6PjWkn6MfNYfVChrGW1Sr_NwW1xNcv97txXpRW7jVJ4T5BTJN-W4HgQSZ7s6pt8W9fm1sZ1dXr3jW3JKZTX2dZGv1W2BDsD016B5MqW4Yr73l1QCxWLW4qlv_B2c41VzW5Km1F01J03yJW2-b0L38GNG0vW4CwMKv1G0fwRV9pg3V36T4j7W1KP61K3k0gtJW7h1XFr2Z3R2fW8jCs083YgGC7W3_40YZ1FcszWVZWyGN512lPkW18CGxb4dJDpFVBfK_h6Xn06gN45q_Jnn-fz8W8sTK0t7XydxjVNC8vY6lnd_lW8vsYDS3l1CX9W5Q4HQm3SRbc1W85n9Q44t93f6W2ygjny6bTCDJW7whtw248lprKW60T63S7VzBKyW4zDTtX9c92FrW7KS-6s8HH46cW9lCbd329xJ2QW4qK1cB90tJsGN2_YS34zry6Pf7Wy_JK03(Line 13) Message: toS
console-api	log	URL: https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one?utm_campaign=Cyber%20Espionage%20Targeting%20Palestinians&utm_medium=email&_hsenc=p2ANqtz-8RUa5pH8G1n6N2CAKaF34cZT0OVL9LpYce4AsCm8hQRLVlZTlcHKQ4PbgnoyU9S637j5spstU_mCSe037hQEMc8VnRTQ&_hsmi=83340888&utm_source=hs_email&utm_content=83340888&hsCtaTracking=ce96f475-92ca-48c9-b490-ad91d33d17de%7Ce3fe8794-40ee-420c-9000-851caf84ce79(Line 161) Message: Read time success

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.yahoo.com
amplify.outbrain.com
amplifypixel.outbrain.com
analytics.twitter.com
api.hubapi.com
cdn.rawgit.com
cdn2.hubspot.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
cta-image-cms2.hubspot.com
fonts.gstatic.com
forms.hubspot.com
googleads.g.doubleclick.net
hi.cybereason.com
js.hs-analytics.net
js.hsadspixel.net
js.hsleadflows.net
p.typekit.net
performance.typekit.net
pixel-geo.prfct.co
pixel.prfct.co
pixel.rubiconproject.com
platform.linkedin.com
platform.twitter.com
px.ads.linkedin.com
script.hotjar.com
secure.adnxs.com
snap.licdn.com
static.addtoany.com
static.hotjar.com
stats.g.doubleclick.net
t.sf14g.com
tag.marinsm.com
tr.outbrain.com
track.hubspot.com
tracking.leadlander.com
us-u.openx.net
use.typekit.net
vars.hotjar.com
www.cybereason.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.linkedin.com
104.244.42.131
147.75.100.69
147.75.102.13
147.75.102.203
151.101.112.65
151.101.12.157
151.139.237.11
172.217.23.130
216.58.207.34
23.210.250.44
2606:4700:10::6814:6e27
2606:4700::6810:f905
2606:4700::6810:fd05
2606:4700::6811:4004
2606:4700::6811:44b0
2606:4700::6811:70b0
2606:4700::6811:86b4
2606:4700::6811:88b4
2606:4700::6811:cccc
2606:4700::6811:e8cc
2606:4700::6811:f1cc
2a00:1288:f03d:1fa::4000
2a00:1450:4001:808::2002
2a00:1450:4001:80b::200e
2a00:1450:4001:815::2003
2a00:1450:4001:820::2003
2a00:1450:4001:820::2004
2a00:1450:400c:c00::9d
2a02:26f0:6c00:296::25ea
2a02:26f0:6c00:2bf::25eb
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a05:f500:10:101::b93f:9101
2a05:f500:10:101::b93f:9105
34.193.108.147
34.206.200.99
34.252.172.232
34.95.120.147
37.252.173.38
52.21.56.60
54.173.179.199
64.202.112.95
69.173.144.165
70.42.32.31
95.100.67.47
0005cf2627e9e54179f90c78bbf355fccafb3907c4ae9e699bc09c4a57d75bf6
008a6b447b38fe87dac9127b3e47c83f89df61e8ac7285a7e86051ee89e99af9
00f6d73623ef09e0702d94f138622bf8cf6789e6b458f170f0012238e5e89dc2
02b86c87e92c9fbcdc2060100f9659673220ec9029302ac9c1551bc8bcd1635b
07b9727b9e876ddfd4451c2fb844f7fa27061911652a3ea9985b14e5f40abc3f
0d111c83d2520fd8d1ec059493162072af6e97b725aa4b56eb846f09a01f8e9c
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
128cfa4458d1c804e935930664e96ff59b16139513d6492b6ee031916862246e
154991194443aaeb774be577ea462c94fb6375d3926af0e00b6896581000a593
173db45379b49d9271f8638f9f80936b5e74671a2bbb8376e394090ae9db931e
1a4dee2269258e980cfbc6965cca52520d51b0cf399cef6218e123c7620cafdc
1a6e3510af52bd4c550e719eef6ae49cfd1ff4be530c8240b4c8233a2860747d
1ad79a56c42c69c4e830593af7421ddbac8a0606457e6e1909bf854bc06b37e9
1ca28f8a79a5360bcf85ba9ea86068db7f6ed8301f8a2585e0edb7fe25e903a7
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
2432844517e2dd99a05c54b57aac9aac78553489b6111ace7c3d97b826af19ec
26fa2ba123efa3364c194ae18055734ad310789537c1eb2e605aebbf7599956d
2832d2ff340e31dfb8300ecaf6967737af72f2c8981c895443abc7c6eaeb6993
2a576cd1375a7005f4b2f60f24cc9856c6067a15d07dbab0edf09e0d44ca8ff2
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2cbf6e27293c523afe11d21dad446397ed4ad9c7da2a537cdd986ff3b1b4cbef
2e96bf761583273e370136ed0b934a38ad1e08b386accb37277252b37b9c9961
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
312c7a4e3e547301e162c0bf3a7788cf8d52caf2668fbafc01351c9185b97ce4
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
359197d1e7ab63fe678db88914f31f1f9f6a37bd182e0de565fc7a68302a1f50
365a7ca6f52df29efedfdac2e08a9d0f03e4e2122dd9a49803bf8dacd58480fc
3bc80135916185e92f44b5ef3841b12a77c2319ad5b7cb406775bd371a97152b
3fc1bd4c0666cad8d8af42cf8f26c59bc5535b3d907b4db560c7db627e1e5253
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
45a229d8ccd90ad1ae8896f5ba6089185bf455a59dd882e495371caae7b792da
46474002c6d62e77768766489c209b0ba80707d4d7e788e12eeeda6add14ce80
496f753f7e96c1427cf6e11d9c5f822a5f1f46b3c54b7429df9a195fa8362884
4b293e4c10e7df359f78a8c4f0b5106f2bfa3d8b6de7e43441724849c3734d38
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d37d0311412e4f435e69f22b2d4b6e5a00d93b13f333a0eb262156359271d0f
4dfaff2f5d6e94657e0f881332caa67965b9cf78bd3b56767d48eaf23647633d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5199e0f25a98dd7b6b491196c24bb9e0a060dd7793c6d31d4243db14c6925e6c
52f856a029de565af77bb835d656aa0d8906e2cc6f5e20b0e2f24b4c4d2e71ea
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
58d77ce036eb42499cd5b4d8518fb35778bce4975275c4aa676d3347e6996df9
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5ebbf16975e8957d1e3b765a49226e95711b30af5852c253906c2f171325949b
5fdc62b86bb13c8c4776c372bf18e06356fed78dc785c2bb7f361be072453056
64b3a0505df97efe5e5fc6797bd62f9f9bbc7786f64453524fcb750dfb806230
6561b2dd1e1b0f9b2f678dfd01a29e1174ec8ac628405a546e42b717a2d3388b
66b4fac9494bbeda177f4637fa3e7423fc8ef54b11a6875e68cdf3e472293b2a
671228117f22a0f974d35160950a6afe47c8bb1bcb8c9da006bb7f8ba684221b
6872a6c9c2a917ceeb92fefd3ef73cee7402a56689e1dbddf743b0aaa9e654c8
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
6ada0c4eaa697a93621e450310b90732e6547fd6c8339d4d73a949ea67130aff
6b66955d2f6a8fab43675c6a02f74f5d3914d07121b12396bc9308dbb00d78fe
6e26fd168997ef8e32fb67cb993020aeead8c554c34c745605dbe313b45addfb
708473df9d677f0e044fc2a64ab129a769f1f20734bbcbf7089f176a1b320dbf
70d52338fe73e62ffcfa568e9ea399ef0c88783883327b794eace9faa78febf8
7214a638288d8a9825f5d836eac45df9725b37e94ea12c89dbf2182376d606d9
7219936e6e56b9932b2f1dd06cfff09b655a729bb17d0aa6d757e14184512384
76384b3223d6e28aa3ae51c736e87c28533fde7da4898becc0fbee971fe9df27
765097740b7490e6ab6a2d8624199ab7b147e8c6cec064b6cce257750fdb1985
793fc397fef7e49522e43e020655cf3647b690848c0a2da1669912083a7f1680
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a5157ea032f2c5ec7a28fd56804a7046168188f1f5eac557f9a2a402ab3fa29
7eeabb79b5d8cb89def68bf696e346a7a418755694e786792e06feaa087db04d
8428fc44304ff2164bf98b92e6b567c3b0553463cb2b9733fcbf1580901fb0d7
86ecafc33ecb5976760d6b5f13a2874525e3f4bfa8b12a0e14d6c98ae9e727cd
89fc1cfc903d00918cacbcd575a3bd4ca4f824d0f8b95148b328760ceb5326ca
8b93897776342fd32649389db6380c01876c03b6b9b6ac5c5e8853530aca6e1d
8bd397636ecd49c36d687ad591807ea5ee621b1e11888657827902a5003fc4bb
8bf7ca718d378c72ec46085fd1bcd7b61dc12db464bb581472d0ea1616f4b2ea
922ac633a666a606910b428245f241d6467a79ced3879b6ed63f00def07f0111
9607506688417bb09b8d6c29362c2fe29bc1b047b793cccddfce876d927fa57b
97829f8a6f2a471117ed06d0b06a81d543b091a262192369c531380779148c5c
9a310a56bdcf42c4addf125bbe22aeddff32a257d3101d3347486c7ba044be2d
9a818cec96eeba25fc05e914ffa40ed7f8b2c53b4b4c33f75f3ff521f15b78b6
9af256cb88b39b1a3b6e36b50a7d7f3215db54331371bb53ed698450672ddcc8
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9baa573e4378873b7ac81ccb1d954ce9bb2b1a933947ad3012263ddc604d8505
9ecafab6d1fefff67569e003abe4ad03781f616120f68c4a00207f1c62ac7401
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1a477f109765bbbe6cb0309757132363ef39f765cfd7b2208f97b6fba27e801
a4aeba3c62a91ed236d5acdc5ea52f5e051801379d306817ad8f4c850e550d2a
aac17f4657bb755e2a22811d18ce321f796b0451678625f98222c7bbc6519231
ab449241b50123673e76dbcd70f869ae11d26920f0ce1670fdfd266308058179
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b1e43308ad37fba80d03dac9a497a96febac77a457711dab836dcf12efb80cef
b2caf2b50b9deeac31f6fc4a09ee5fc0fdd927d88f6a00837afe0a42a519e506
b329852f8f537591d001152e26a1b598ef4e4466fa10d859135843c307d5344e
b71a982dad86829660cef46a0467ecf81c34576eece4b297126a552902ef543c
bb89b9243e1a24adb734a4863b878f581594972d6e920261683844fb3fc8c12c
bbc46b8d765c072ee83b36a1d63edd7b06e472d2897f1a115ec0145d24502ea3
bcaf54bc46707931d5bcfd93e5b1ac50a518dabb1748fb5155353b392f11c2f8
ca83bf6c4611e07ea8b93893694e16957cd66082de76afb1ee564fba6f055750
caa333db2175837df41125b50f0c0169c55f919427ee2c6992e2566948e9e518
cbc6e6e201648a797a1a70459fb94149e8245fcac93a066963cbb08cb7f08ae3
cc9c929ac66be4caffcbed19daa29a2e3f4b4258207c46934dd472cddf90977c
cd7908a80313043ae934d5f599a062460c50f94370cee5dc092e0cb9b8d123ef
cedae155229da805bc3f9b63a2123e5dce5fa27749e4f1fecbb99dcc7214331d
d1b028c30b6b268b17673f369cc56a05c55ea6f23f9847538876dd160bfeb427
d4cfb414d9335152d3611b88bafb313cb8d8006c82392b4d05e9deec76f7e854
d61a36ebdc4403cb02d2b3cfb7ebfc547a91e753812a1730f5d46832d91107f9
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e30f848c353b8ab801c18d2109527cb32a27f145262dccb3cd4db9f309cc53bb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ec5ab03df13acd27d9b42841414e14128cc4e3c222ec31e5e139e6f7bfa8ac42
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5b15208f9098694aa890d01ca4c1282e404b05c42412710712f9f275bbf3d18
f621a831fe6b7b75cd96e10eb4c80311fff6a3948e4905d12a22032d5ec59b48
f6643ad3856db5a4b76ee71ca3af264d6dccc33eebd76aa7b83c78b620c280a6

www.cybereason.com Open in urlscan Pro 2606:4700::6811:86b4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

125 Requests

100 %HTTPS

53 %IPv6

32 Domains

47 Subdomains

42 IPs

8 Countries

2492 kBTransfer

5082 kBSize

4 Cookies

65 Outgoing links

Page URL History

Redirected requests

125 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.cybereason.com Open in urlscan Pro
2606:4700::6811:86b4 Public Scan

Screenshot
Live screenshot

Full Image

125
Requests

100 %
HTTPS

53 %
IPv6

32
Domains

47
Subdomains

42
IPs

8
Countries

2492 kB
Transfer

5082 kB
Size

4
Cookies

125 HTTP transactions
1 data transactions