www.guardicore.com Open in urlscan Pro
35.235.124.140 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.co/oHdkaebuMi
Effective URL:
https://www.guardicore.com/labs/smb-worm-indexsinas/
Submission: On July 05 via api (July 5th 2021, 1:24:48 pm UTC) from US

Summary HTTP 252 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 34 IPs in 4 countries across 29 domains to perform 252 HTTP transactions. The main IP is 35.235.124.140, located in Los Angeles, United States and belongs to GOOGLE, US. The main domain is www.guardicore.com.
TLS certificate: Issued by Gandi Standard SSL CA 2 on May 3rd 2020. Valid for: 2 years.

This is the only time www.guardicore.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1 1	67.199.248.12 67.199.248.12	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
96	35.235.124.140 35.235.124.140	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
54	2606:4700:e0:... 2606:4700:e0::ac40:6527	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	104.111.233.140 104.111.233.140	16625 (AKAMAI-AS) (AKAMAI-AS)
6	35.174.150.168 35.174.150.168	14618 (AMAZON-AES) (AMAZON-AES)
20	13.225.87.2 13.225.87.2	16509 (AMAZON-02) (AMAZON-02)
2	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
1	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:6c0... 2a02:26f0:6c00:2b0::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2	13.225.87.62 13.225.87.62	16509 (AMAZON-02) (AMAZON-02)
6	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
4	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9b	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
3 3	2620:119:50e1... 2620:119:50e1:101::6cae:b25	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
2	13.224.193.38 13.224.193.38	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	13.224.193.12 13.224.193.12	16509 (AMAZON-02) (AMAZON-02)
4	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:e14e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.197.34.29 34.197.34.29	14618 (AMAZON-AES) (AMAZON-AES)
3	13.224.193.49 13.224.193.49	16509 (AMAZON-02) (AMAZON-02)
2	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:1b:... 2a04:4e42:1b::622	54113 (FASTLY) (FASTLY)
252	34

3 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.199.248.12 (United States) 1 redirects

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)

buff.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

96 35.235.124.140 (Los Angeles, United States)

ASN15169 (GOOGLE, US)
PTR: 140.124.235.35.bc.googleusercontent.com

www.guardicore.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

54 2606:4700:e0::ac40:6527 (United States)

ASN13335 (CLOUDFLARENET, US)

gate.rapidsec.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 104.111.233.140 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-233-140.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.174.150.168 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: pi0-lba1-3-ue1.aws.pardot.com

go.guardicore.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pi.pardot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 13.225.87.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-2.fra2.r.cloudfront.net

whimsical.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.48 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:2b0::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.87.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-62.fra2.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:119:50e1:101::6cae:b25 (San Jose, United States) 3 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.193.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-38.fra2.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.193.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-12.fra2.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e14e (United States)

ASN13335 (CLOUDFLARENET, US)

fast.fonts.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.197.34.29 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

track.gaconnector.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.193.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-49.fra2.r.cloudfront.net

beacon-v2.helpscout.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::622 (United States)

ASN54113 (FASTLY, US)

fast.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
100	guardicore.com www.guardicore.com go.guardicore.com	2 MB
54	rapidsec.net gate.rapidsec.net	26 KB
20	whimsical.com whimsical.com	2 MB
14	6sc.co j.6sc.co c.6sc.co b.6sc.co	18 KB
6	linkedin.com 4 redirects px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	3 KB
6	bing.com bat.bing.com	19 KB
6	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	124 KB
4	facebook.com www.facebook.com	547 B
4	google.de www.google.de	298 B
4	google.com www.google.com	298 B
4	doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	2 KB
4	facebook.net connect.facebook.net	197 KB
3	helpscout.net beacon-v2.helpscout.net	264 KB
3	google-analytics.com www.google-analytics.com	19 KB
3	googletagmanager.com www.googletagmanager.com	157 KB
3	t.co t.co	1016 B
2	twitter.com analytics.twitter.com	818 B
2	pardot.com pi.pardot.com	5 KB
2	ads-twitter.com static.ads-twitter.com	4 KB
2	googleadservices.com www.googleadservices.com	28 KB
2	licdn.com snap.licdn.com	5 KB
2	gravatar.com secure.gravatar.com	3 KB
1	wistia.com fast.wistia.com	104 KB
1	gaconnector.com track.gaconnector.com	3 KB
1	fonts.net fast.fonts.net	408 B
1	cloudflare.com cdnjs.cloudflare.com	19 KB
1	w.org s.w.org	987 B
1	googleapis.com fonts.googleapis.com	997 B
1	buff.ly 1 redirects buff.ly	247 B
252	29

	Domain	Requested by
96	www.guardicore.com	t.co www.guardicore.com
54	gate.rapidsec.net	www.guardicore.com www.googletagmanager.com t.co j.6sc.co www.google-analytics.com connect.facebook.net static.hotjar.com www.googleadservices.com bat.bing.com static.ads-twitter.com
20	whimsical.com	www.guardicore.com whimsical.com cdnjs.cloudflare.com
12	b.6sc.co	www.guardicore.com
6	bat.bing.com	www.googletagmanager.com bat.bing.com www.guardicore.com
4	www.facebook.com	www.guardicore.com connect.facebook.net
4	www.google.de	www.guardicore.com
4	www.google.com	www.guardicore.com
4	connect.facebook.net	t.co connect.facebook.net
4	go.guardicore.com	www.guardicore.com go.guardicore.com pi.pardot.com
3	beacon-v2.helpscout.net	whimsical.com beacon-v2.helpscout.net
3	px.ads.linkedin.com	3 redirects
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.guardicore.com
3	www.googletagmanager.com	www.guardicore.com go.guardicore.com
3	t.co	www.guardicore.com
2	analytics.twitter.com	static.ads-twitter.com
2	pi.pardot.com	go.guardicore.com pi.pardot.com
2	vars.hotjar.com	static.hotjar.com
2	googleads.g.doubleclick.net	www.googleadservices.com
2	script.hotjar.com	static.hotjar.com
2	px4.ads.linkedin.com	www.guardicore.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	static.ads-twitter.com	www.googletagmanager.com
2	static.hotjar.com	www.googletagmanager.com
2	www.googleadservices.com	www.googletagmanager.com
2	snap.licdn.com	www.googletagmanager.com
2	secure.gravatar.com	www.guardicore.com
1	fast.wistia.com	pi.pardot.com
1	track.gaconnector.com	go.guardicore.com
1	fast.fonts.net	t.co
1	cdnjs.cloudflare.com	whimsical.com
1	www.linkedin.com	1 redirects
1	c.6sc.co	j.6sc.co
1	s.w.org	www.guardicore.com
1	j.6sc.co	www.guardicore.com
1	fonts.googleapis.com	www.guardicore.com
1	buff.ly	1 redirects
252	37

This site contains links to these domains. Also see Links.

Domain
es.guardicore.com
pt.guardicore.com
de.guardicore.com
guardicore.allbound.com
threatintelligence.guardicore.com
en.wikipedia.org
github.com
www.binarydefense.com
www.privacyanddatasecurityinsight.com
www.linkedin.com
twitter.com
www.facebook.com
www.youtube.com
customers.guardicore.com

Subject Issuer	Validity	Valid
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.guardicore.com Gandi Standard SSL CA 2	`2020-05-03` - `2022-05-09`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2021-06-07` - `2021-08-30`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-28` - `2022-06-27`	a year	crt.sh
*.6sc.co DigiCert SHA2 Secure Server CA	`2021-03-09` - `2022-03-16`	a year	crt.sh
go.guardicore.com R3	`2021-06-26` - `2021-09-24`	3 months	crt.sh
whimsical.com Amazon	`2021-03-19` - `2022-04-17`	a year	crt.sh
*.gravatar.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-14` - `2022-11-16`	2 years	crt.sh
*.w.org Sectigo RSA Domain Validation Secure Server CA	`2019-12-19` - `2021-12-18`	2 years	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-04-30` - `2022-05-11`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-04-12` - `2021-10-12`	6 months	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-06-07` - `2021-08-30`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-04-15` - `2021-10-15`	6 months	crt.sh
*.google.com GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
*.gaconnector.com Sectigo RSA Domain Validation Secure Server CA	`2019-08-06` - `2021-08-05`	2 years	crt.sh
*.helpscout.net Amazon	`2021-04-25` - `2022-05-24`	a year	crt.sh
pi.pardot.com DigiCert SHA2 Secure Server CA	`2020-12-05` - `2021-12-04`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
fast.wistia.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.guardicore.com/labs/smb-worm-indexsinas/
Frame ID: FC2677042C0119ED2F8EE911FB40B6E6
Requests: 198 HTTP requests in this frame

Frame: https://go.guardicore.com/l/503441/2019-11-13/29ntk8
Frame ID: 81F35EDA9ED31E95B9224DEE3399DF29
Requests: 27 HTTP requests in this frame

Frame: https://whimsical.com/embed/JB41vmcC4ixUuR5dsrXKpe
Frame ID: 67B969A375BB0D58E84FA4974E3EDD08
Requests: 25 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: 84B1EB7A47BA7487875F67653A78E85A
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: 9357F31A4C20CF57BA67F5ACA098B1EE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://t.co/oHdkaebuMi Page URL
https://buff.ly/3xdLtFr HTTP 301
https://www.guardicore.com/labs/smb-worm-indexsinas/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

252
Requests

100 %
HTTPS

57 %
IPv6

29
Domains

37
Subdomains

34
IPs

4
Countries

4927 kB
Transfer

15608 kB
Size

16
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://es.guardicore.com/
Title: Español

Search URL Search Domain Scan URL

URL: https://pt.guardicore.com/
Title: Português

Search URL Search Domain Scan URL

URL: https://de.guardicore.com/
Title: Deutsch

Search URL Search Domain Scan URL

URL: https://guardicore.allbound.com/
Title: Partner Login

Search URL Search Domain Scan URL

URL: https://threatintelligence.guardicore.com/
Title: Cyber Threat Intelligence

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/EternalBlue
Title: EternalBlue

Search URL Search Domain Scan URL

URL: https://github.com/guardicore/labs_campaigns/tree/master/Indexsinas
Title: repository

Search URL Search Domain Scan URL

URL: https://www.binarydefense.com/gh0stcringeformerly-cirenegrat/
Title: Gh0stCringe

Search URL Search Domain Scan URL

URL: https://github.com/kingron/s
Title: s

Search URL Search Domain Scan URL

URL: https://www.privacyanddatasecurityinsight.com/files/2021/06/Memo-What-We-Urge-You-To-Do-To-Protect-Against-The-Threat-of-Ransomware.pdf
Title: open letter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/guardicore
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/guardicore
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/guardicore/
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCxu1wG7IO4tfW9HFqV08YOw/featured
Title: Youtube

Search URL Search Domain Scan URL

URL: https://customers.guardicore.com/
Title: CUSTOMER PORTAL

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.co/oHdkaebuMi Page URL
https://buff.ly/3xdLtFr HTTP 301
https://www.guardicore.com/labs/smb-worm-indexsinas/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 149

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=265698&time=1625491469419&url=https%3A%2F%2Fwww.guardicore.com%2Flabs%2Fsmb-worm-indexsinas%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D265698%26time%3D1625491469419%26url%3Dhttps%253A%252F%252Fwww.guardicore.com%252Flabs%252Fsmb-worm-indexsinas%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=265698&time=1625491469419&url=https%3A%2F%2Fwww.guardicore.com%2Flabs%2Fsmb-worm-indexsinas%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=265698&time=1625491469419&url=https%3A%2F%2Fwww.guardicore.com%2Flabs%2Fsmb-worm-indexsinas%2F&liSync=true&e_ipv6=AQIX9d_qB47tZgAAAXp213jipSQaTr5Pjdk1l_yZtIsKVRddOY8jfM40tmyV6xgMp340RqAA

Request Chain 211

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=265698&time=1625491470602&url=https%3A%2F%2Fwww.guardicore.com%2F HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=265698&time=1625491470602&url=https%3A%2F%2Fwww.guardicore.com%2F&e_ipv6=AQKta80CfUVYkQAAAXp213l3l9xc3zcBJczGjY0l_70jW16BKfDGsyIpmrnZQFGQF0LVPXEz

252 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 oHdkaebuMi Show response
t.co/ 224 B
491 B 134ms
119ms Document
text/html 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://t.co/oHdkaebuMi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

8ceba365f48b90d9f44b80d2323be5ed8cb3d6bc9a8601c2b555523aa84f8878

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Request headers

:method: GET
:authority: t.co
:scheme: https
:path: /oHdkaebuMi
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:26 GMT
vary: Origin
server: tsa_o
expires: Mon, 05 Jul 2021 13:29:27 GMT
set-cookie: muc=7be13ece-a692-41d1-9ace-6adb859efe4e; Max-Age=63072000; Expires=Wed, 05 Jul 2023 13:24:27 GMT; Domain=t.co; Secure; SameSite=None
content-type: text/html; charset=utf-8
cache-control: private,max-age=300
content-length: 175
content-encoding: gzip
x-xss-protection: 0
strict-transport-security: max-age=0
x-connection-hash: 316300f2c085cc5d29a9bda369cbcd20ed4f766085aa3f8bc45f557a3bef7183

GET
H2

200

Primary Request / Show response
www.guardicore.com/labs/smb-worm-indexsinas/
Redirect Chain

https://buff.ly/3xdLtFr
https://www.guardicore.com/labs/smb-worm-indexsinas/

174 KB
31 KB

806ms
308ms

Document
text/html

35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.guardicore.com/labs/smb-worm-indexsinas/

Requested by

Host: t.co
URL: https://t.co/oHdkaebuMi

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),

Reverse DNS

140.124.235.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

0f5e95fc50f76666b87f3662e462236b80049d5e111bb083c409791e5d65101e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.guardicore.com
:scheme: https
:path: /labs/smb-worm-indexsinas/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://t.co/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://t.co/oHdkaebuMi

Response headers

server: nginx
date: Mon, 05 Jul 2021 13:24:27 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
link: <https://www.guardicore.com/wp-json/>; rel="https://api.w.org/" <https://www.guardicore.com/wp-json/wp/v2/labs/62704>; rel="alternate"; type="application/json" <https://www.guardicore.com/?p=62704>; rel=shortlink
strict-transport-security: max-age=31536000; includeSubDomains; preload
permissions-policy: geolocation=();midi=();notifications=();push=();sync-xhr=();microphone=();camera=();magnetometer=();gyroscope=();speaker=(self);vibrate=();fullscreen=(self);payment=();
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests
content-security-policy-report-only: frame-ancestors 'none'; default-src 'none'; script-src 'self' 'report-sample' 'unsafe-inline'; style-src 'self' 'report-sample' 'unsafe-inline'; object-src 'none'; frame-src infectionmonkey.optimizeme.online; child-src 'none'; img-src 'self'; font-src 'self' *.gstatic.com; connect-src *.guardicore.com *.optimizeme.online; manifest-src 'none'; base-uri 'self'; form-action 'none'; media-src 'none'; prefetch-src 'none'; worker-src 'none'; report-uri https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report
x-kinsta-cache: HIT
content-encoding: gzip
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf5b8e8aa094e10b593a2ea19ac55a294f

Redirect headers

cache-control: private, max-age=90
content-security-policy: referrer always;
content-type: text/html; charset=utf-8
date: Mon, 05 Jul 2021 13:24:27 GMT
location: https://www.guardicore.com/labs/smb-worm-indexsinas/
referrer-policy: unsafe-url
server: nginx
set-cookie: _bit=l65dor-a841663c61e4fee6dc-001; Domain=buff.ly; Expires=Sat, 01 Jan 2022 13:24:27 GMT
content-length: 139

GET
H2 200 Graphik-Regular.woff2
www.guardicore.com/wp-content/uploads/ 38 KB
38 KB 159ms
159ms Font
application/font-woff2 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/uploads/Graphik-Regular.woff2
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: eb43b657e2bb320b9ef4581e4c7167c3f93a1a19b00fea14f4395deff2d82fa7

Request headers

:path: /wp-content/uploads/Graphik-Regular.woff2
pragma: no-cache
origin: https://www.guardicore.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.guardicore.com
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
last-modified: Sun, 21 Mar 2021 22:58:07 GMT
server: nginx
etag: "6057cf7f-97a8"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 38824
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMff5484aabf7dd80fe34562f2fe274446e
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 select2.min.css
www.guardicore.com/wp-content/plugins/modern-events-calendar-lite/assets/packages/select2/ 15 KB
2 KB 161ms
160ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/modern-events-calendar-lite/assets/packages/select2/select2.min.css?ver=5.20.6
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: c2a282dd6dac10a3fbf469b4e67f489608777854e6d157bf11233dfbaa16851e

Request headers

:path: /wp-content/plugins/modern-events-calendar-lite/assets/packages/select2/select2.min.css?ver=5.20.6
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Mon, 28 Jun 2021 17:47:47 GMT
server: nginx
etag: W/"60da0b43-3a77"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMfbd41bd1f3fa6d120c17b420d722ff98b
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 iconfonts.css
www.guardicore.com/wp-content/plugins/modern-events-calendar-lite/assets/css/ 41 KB
8 KB 306ms
303ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/modern-events-calendar-lite/assets/css/iconfonts.css?ver=b5e5bcb39b7f9f3feb0d0ea77dd35c89
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 72331d11d428c3ee2a07f27f50de5d46ee2dfed73a188788110271edce7972ff

Request headers

:path: /wp-content/plugins/modern-events-calendar-lite/assets/css/iconfonts.css?ver=b5e5bcb39b7f9f3feb0d0ea77dd35c89
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Mon, 28 Jun 2021 17:47:46 GMT
server: nginx
etag: W/"60da0b42-a250"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf2b3df8ff3a53fca88a87f4fc735d3633
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 frontend.min.css
www.guardicore.com/wp-content/plugins/modern-events-calendar-lite/assets/css/ 371 KB
60 KB 308ms
305ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/modern-events-calendar-lite/assets/css/frontend.min.css?ver=5.20.6
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 88453621e7720bf12afcf1abb01eec2dfd56cc8de16ed8b85937e90a1b1fc9b2

Request headers

:path: /wp-content/plugins/modern-events-calendar-lite/assets/css/frontend.min.css?ver=5.20.6
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Mon, 28 Jun 2021 17:47:46 GMT
server: nginx
etag: W/"60da0b42-5ca83"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMfd41fe023fce6a36adf535cab6975458d
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tooltip.css
www.guardicore.com/wp-content/plugins/modern-events-calendar-lite/assets/packages/tooltip/ 6 KB
1 KB 306ms
302ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/modern-events-calendar-lite/assets/packages/tooltip/tooltip.css?ver=b5e5bcb39b7f9f3feb0d0ea77dd35c89
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 41ce2509fa9959868717986010e16b6334885fd46bc64d0d3c745a73ed3c41e4

Request headers

:path: /wp-content/plugins/modern-events-calendar-lite/assets/packages/tooltip/tooltip.css?ver=b5e5bcb39b7f9f3feb0d0ea77dd35c89
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Mon, 28 Jun 2021 17:47:47 GMT
server: nginx
etag: W/"60da0b43-195f"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf68931ba006bd4bcb1129806e7437380f
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tooltipster-sideTip-shadow.min.css
www.guardicore.com/wp-content/plugins/modern-events-calendar-lite/assets/packages/tooltip/ 2 KB
636 B 307ms
303ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/modern-events-calendar-lite/assets/packages/tooltip/tooltipster-sideTip-shadow.min.css?ver=b5e5bcb39b7f9f3feb0d0ea77dd35c89
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 970fb3515835fc779193ba0f88531ff29972b3c9cd76aba2fb1222fb97beeab6

Request headers

:path: /wp-content/plugins/modern-events-calendar-lite/assets/packages/tooltip/tooltipster-sideTip-shadow.min.css?ver=b5e5bcb39b7f9f3feb0d0ea77dd35c89
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Mon, 28 Jun 2021 17:47:47 GMT
server: nginx
etag: W/"60da0b43-694"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf5772a1c55d5a906dd37e76f3d8e8b93e
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 featherlight.css
www.guardicore.com/wp-content/plugins/modern-events-calendar-lite/assets/packages/featherlight/ 4 KB
2 KB 307ms
303ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/modern-events-calendar-lite/assets/packages/featherlight/featherlight.css?ver=b5e5bcb39b7f9f3feb0d0ea77dd35c89
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3bb51227d2ff534e4834ff3137f722a77dc2a8a9c6f1fda503116c0d7f9f7b47

Request headers

:path: /wp-content/plugins/modern-events-calendar-lite/assets/packages/featherlight/featherlight.css?ver=b5e5bcb39b7f9f3feb0d0ea77dd35c89
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Mon, 28 Jun 2021 17:47:47 GMT
server: nginx
etag: W/"60da0b43-fce"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf9f6ce19281cf254cf70a67a4a653fede
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 11 KB
997 B 18ms
12ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat%3A400%2C700%7CRoboto%3A100%2C300%2C400%2C700&ver=b5e5bcb39b7f9f3feb0d0ea77dd35c89

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6b52123640de6d13a94ebf0b28b2621535de362b536e775e84ac17362153293d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 05 Jul 2021 12:20:48 GMT
server: ESF
date: Mon, 05 Jul 2021 13:24:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 05 Jul 2021 13:24:28 GMT

GET
H2 200 lity.min.css
www.guardicore.com/wp-content/plugins/modern-events-calendar-lite/assets/packages/lity/ 3 KB
1 KB 308ms
301ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/modern-events-calendar-lite/assets/packages/lity/lity.min.css?ver=b5e5bcb39b7f9f3feb0d0ea77dd35c89
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 19fb1c3c4a52d399f2b32a80c3fa35d97dde81f33e20bb7da6d95d4087c49ed6

Request headers

:path: /wp-content/plugins/modern-events-calendar-lite/assets/packages/lity/lity.min.css?ver=b5e5bcb39b7f9f3feb0d0ea77dd35c89
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Mon, 28 Jun 2021 17:47:47 GMT
server: nginx
etag: W/"60da0b43-d8d"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMff78072d383151ddaeab315094649f3e1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.min.css
www.guardicore.com/wp-includes/css/dist/block-library/ 57 KB
9 KB 308ms
302ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-includes/css/dist/block-library/style.min.css?ver=b5e5bcb39b7f9f3feb0d0ea77dd35c89
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Request headers

:path: /wp-includes/css/dist/block-library/style.min.css?ver=b5e5bcb39b7f9f3feb0d0ea77dd35c89
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Fri, 16 Apr 2021 00:17:18 GMT
server: nginx
etag: W/"6078d78e-e33b"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf2437a788d1298dc40bd078f0935fff70
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 frontend.css
www.guardicore.com/wp-content/plugins/jet-engine/assets/css/ 49 KB
7 KB 310ms
304ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/jet-engine/assets/css/frontend.css?ver=2.8.5
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 205e4853afd7ec80018e17064a0f71965ff0007e19babf0b88b0625843ea8e6b

Request headers

:path: /wp-content/plugins/jet-engine/assets/css/frontend.css?ver=2.8.5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Mon, 21 Jun 2021 16:24:06 GMT
server: nginx
etag: W/"60d0bd26-c314"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMfc605ca97426c06cc7b8c520c38a6f0ea
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.min.css
www.guardicore.com/wp-content/themes/hello-elementor/ 6 KB
3 KB 308ms
301ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/themes/hello-elementor/style.min.css?ver=2.3.1
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5ddb2729aaae248b99bc553da916346ac6a8d144b7b1afde0ddcdf0eeda1589c

Request headers

:path: /wp-content/themes/hello-elementor/style.min.css?ver=2.3.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Sun, 21 Mar 2021 23:05:38 GMT
server: nginx
etag: W/"6057d142-19e6"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMfc735ca93ace62cd393725515eb878d5c
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 theme.min.css
www.guardicore.com/wp-content/themes/hello-elementor/ 5 KB
2 KB 308ms
301ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/themes/hello-elementor/theme.min.css?ver=2.3.1
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: cf6787a72f1d1013b60c768f8e6db80fd19249cdea059b86253980177ee1a0c9

Request headers

:path: /wp-content/themes/hello-elementor/theme.min.css?ver=2.3.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Sun, 21 Mar 2021 23:05:38 GMT
server: nginx
etag: W/"6057d142-151b"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf55a1484df1a944a46c7d363c41962fea
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 all.min.css
www.guardicore.com/wp-content/plugins/jet-menu/assets/public/lib/font-awesome/css/ 56 KB
12 KB 310ms
304ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/jet-menu/assets/public/lib/font-awesome/css/all.min.css?ver=5.12.0
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: c9b46437d7418e1712daaad6d73fa17c2c6afb5681770c90339c25428415b7fd

Request headers

:path: /wp-content/plugins/jet-menu/assets/public/lib/font-awesome/css/all.min.css?ver=5.12.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Sun, 21 Mar 2021 22:44:30 GMT
server: nginx
etag: W/"6057cc4e-df5c"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf7700d4e55c2b32ca78a1656a9c438d68
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 v4-shims.min.css
www.guardicore.com/wp-content/plugins/jet-menu/assets/public/lib/font-awesome/css/ 26 KB
4 KB 309ms
302ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/jet-menu/assets/public/lib/font-awesome/css/v4-shims.min.css?ver=5.12.0
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4b8b06e8edfab1dd4475c13ee021e4f582b075677a9018e2f0ba56cc3fc2f0b6

Request headers

:path: /wp-content/plugins/jet-menu/assets/public/lib/font-awesome/css/v4-shims.min.css?ver=5.12.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Sun, 21 Mar 2021 22:44:30 GMT
server: nginx
etag: W/"6057cc4e-684e"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf2237f47df594b776df248b9a5cb55d86
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 public.css
www.guardicore.com/wp-content/plugins/jet-menu/assets/public/css/ 30 KB
4 KB 310ms
304ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/jet-menu/assets/public/css/public.css?ver=2.0.9
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 29324a862ffba034fcc79da865e521ad3cb4bdfaf4acec27fd0c3d917fd960da

Request headers

:path: /wp-content/plugins/jet-menu/assets/public/css/public.css?ver=2.0.9
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Sun, 21 Mar 2021 22:43:36 GMT
server: nginx
etag: W/"6057cc18-773e"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMfdb20255d5af8b23cafc5928a9d13edc7
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jet-menu-general.css
www.guardicore.com/wp-content/uploads/jet-menu/ 731 B
504 B 453ms
447ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/uploads/jet-menu/jet-menu-general.css?ver=1623674327
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0018646720dd7fb919bd39bba73942b95a725590f3eca1dde849e088028b2b90

Request headers

:path: /wp-content/uploads/jet-menu/jet-menu-general.css?ver=1623674327
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Mon, 14 Jun 2021 12:38:47 GMT
server: nginx
etag: W/"60c74dd7-2db"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMfd27e66017f544108bc6e2c055d77eee1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jet-blocks.css
www.guardicore.com/wp-content/plugins/jet-blocks/assets/css/ 40 KB
5 KB 454ms
447ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/jet-blocks/assets/css/jet-blocks.css?ver=1.2.8
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: ce04afdc3d195c9c5b1f7ab1a0c639f027a366ea68f673666b0b0add1d376dae

Request headers

:path: /wp-content/plugins/jet-blocks/assets/css/jet-blocks.css?ver=1.2.8
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Sun, 21 Mar 2021 22:43:24 GMT
server: nginx
etag: W/"6057cc0c-9f00"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf094ba08f0ca7aad2aeedaaf1d301008a
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jet-elements.css
www.guardicore.com/wp-content/plugins/jet-elements/assets/css/ 234 KB
23 KB 454ms
447ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/jet-elements/assets/css/jet-elements.css?ver=2.5.8
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: d4cfd8082109b47b94a9af2888657a68860315ad99736d4c9b0c49fb0152b68b

Request headers

:path: /wp-content/plugins/jet-elements/assets/css/jet-elements.css?ver=2.5.8
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Mon, 28 Jun 2021 17:47:43 GMT
server: nginx
etag: W/"60da0b3f-3a86d"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf5b5b45847f8934fbdc91eb4bef78eb7c
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jet-elements-skin.css
www.guardicore.com/wp-content/plugins/jet-elements/assets/css/ 17 KB
3 KB 454ms
448ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/jet-elements/assets/css/jet-elements-skin.css?ver=2.5.8
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4aecb207b56cac3dfc7a264fdf05de9a1322885f1daa182167eab999570e384a

Request headers

:path: /wp-content/plugins/jet-elements/assets/css/jet-elements-skin.css?ver=2.5.8
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Mon, 28 Jun 2021 17:47:43 GMT
server: nginx
etag: W/"60da0b3f-43e6"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf197e07947acc73d09cec2a94691fe758
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 elementor-icons.min.css
www.guardicore.com/wp-content/plugins/elementor/assets/lib/eicons/css/ 17 KB
4 KB 454ms
448ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.11.0
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e36eaa6e7cebbd4138dfb008ee3d53ab8195f45953b0f4f27d0d8156ab059021

Request headers

:path: /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.11.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Mon, 21 Jun 2021 16:24:03 GMT
server: nginx
etag: W/"60d0bd23-4350"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf30e06bb5ffa3860d587ca7782f47b1f5
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 animations.min.css
www.guardicore.com/wp-content/plugins/elementor/assets/lib/animations/ 18 KB
3 KB 454ms
448ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.2.5
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c

Request headers

:path: /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.2.5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Mon, 21 Jun 2021 16:24:03 GMT
server: nginx
etag: W/"60d0bd23-4824"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf8070deb8e4e691f80d031d565d1cd10c
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 frontend-legacy.min.css
www.guardicore.com/wp-content/plugins/elementor/assets/css/ 4 KB
832 B 454ms
448ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.2.5
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1e5aeaa58ab4c2345953f77e07fbc20578326076a259ed702eea64e077fde675

Request headers

:path: /wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.2.5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Mon, 21 Jun 2021 16:24:03 GMT
server: nginx
etag: W/"60d0bd23-f0e"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMfa853d54be88acd0d51a4679f16c86466
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 frontend.min.css
www.guardicore.com/wp-content/plugins/elementor/assets/css/ 115 KB
17 KB 455ms
449ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.2.5
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3f9c38934fc41ee2a85f1a6e1ad59e96f7f1e73b9b4e653394708715d5ab32c5

Request headers

:path: /wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.2.5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Mon, 21 Jun 2021 16:24:03 GMT
server: nginx
etag: W/"60d0bd23-1cc44"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf42942a9ad155ccfc8599da8bbcb313f4
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 post-55514.css
www.guardicore.com/wp-content/uploads/elementor/css/ 4 KB
1 KB 455ms
450ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/uploads/elementor/css/post-55514.css?ver=1624902517
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: cda985523c372cef46674a191a25e985efb7639934d701b2f50f341a7326dfa7

Request headers

:path: /wp-content/uploads/elementor/css/post-55514.css?ver=1624902517
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Mon, 28 Jun 2021 17:48:37 GMT
server: nginx
etag: W/"60da0b75-117a"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf268ba813c0d63551fb0c3828f1cc1033
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 frontend.min.css
www.guardicore.com/wp-content/plugins/elementor-pro/assets/css/ 237 KB
27 KB 454ms
449ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.3.1
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: ceaa8c47e55f50794d42966a696f0f35149ffd1560c46eecbca911d6b48d9371

Request headers

:path: /wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.3.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Mon, 28 Jun 2021 17:47:40 GMT
server: nginx
etag: W/"60da0b3c-3b299"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf51e5cf01841518b949e3e7afe3ae2347
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jet-search.css
www.guardicore.com/wp-content/plugins/jet-search/assets/css/ 19 KB
4 KB 454ms
449ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/jet-search/assets/css/jet-search.css?ver=2.1.12
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3a911565c50d12c7eddff1a62d2a410dbf4199e642d74628966126a9d9faaaec

Request headers

:path: /wp-content/plugins/jet-search/assets/css/jet-search.css?ver=2.1.12
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Mon, 21 Jun 2021 16:24:08 GMT
server: nginx
etag: W/"60d0bd28-4a4e"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMfecc2e84258bd94cd53018c270e57b5ee
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jet-tricks-frontend.css
www.guardicore.com/wp-content/plugins/jet-tricks/assets/css/ 26 KB
3 KB 455ms
449ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/jet-tricks/assets/css/jet-tricks-frontend.css?ver=1.3.7
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 47ae8f0c316caf1b0820b3fc47281e73ee11896b90cd172022965474bb5eaa21

Request headers

:path: /wp-content/plugins/jet-tricks/assets/css/jet-tricks-frontend.css?ver=1.3.7
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Tue, 25 May 2021 15:22:22 GMT
server: nginx
etag: W/"60ad162e-68a7"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf3d4cb58cce1742a1e6332292e2ca69c1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 global.css
www.guardicore.com/wp-content/uploads/elementor/css/ 111 KB
7 KB 455ms
450ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/uploads/elementor/css/global.css?ver=1624902517
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: c4a56c561bd003b2bfa260025204e2d68174e30f78a7d17556f892f1844c43f3

Request headers

:path: /wp-content/uploads/elementor/css/global.css?ver=1624902517
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Mon, 28 Jun 2021 17:48:37 GMT
server: nginx
etag: W/"60da0b75-1ba4b"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf4be51919693eb5ca0ec8cd3d918213a6
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 post-62704.css
www.guardicore.com/wp-content/uploads/elementor/css/ 3 KB
892 B 455ms
450ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/uploads/elementor/css/post-62704.css?ver=1625055721
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 730865a3662dc048745e9d47ba1204827d6de6602367aeedaf425c49c1827cc4

Request headers

:path: /wp-content/uploads/elementor/css/post-62704.css?ver=1625055721
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Wed, 30 Jun 2021 12:23:53 GMT
server: nginx
etag: W/"60dc6259-d1a"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMfd047931bd6a077422debe21cab5bdf27
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 post-118.css
www.guardicore.com/wp-content/uploads/elementor/css/ 19 KB
3 KB 455ms
450ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/uploads/elementor/css/post-118.css?ver=1625100267
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0cdce53dc078014ad2af66256afb166fddb4db77945fa4113ad3007459e3aa06

Request headers

:path: /wp-content/uploads/elementor/css/post-118.css?ver=1625100267
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Thu, 01 Jul 2021 00:44:27 GMT
server: nginx
etag: W/"60dd0feb-4d95"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf167c0826c7eb3ed8b8dce52ba0a95cbc
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 post-167.css
www.guardicore.com/wp-content/uploads/elementor/css/ 3 KB
969 B 455ms
450ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/uploads/elementor/css/post-167.css?ver=1624902517
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3e10b7ee8ea3952cb3da15f41abe49fb69db8a01cc191179591c4c250d3d3391

Request headers

:path: /wp-content/uploads/elementor/css/post-167.css?ver=1624902517
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Mon, 28 Jun 2021 17:48:37 GMT
server: nginx
etag: W/"60da0b75-d71"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf739c2078afba3886b27d99a5f5949014
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 post-38059.css
www.guardicore.com/wp-content/uploads/elementor/css/ 9 KB
2 KB 455ms
450ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/uploads/elementor/css/post-38059.css?ver=1624902518
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 661ecc75f2bc78cea2b6407201598bcac2c92c852aa77131c55254557c68e53c

Request headers

:path: /wp-content/uploads/elementor/css/post-38059.css?ver=1624902518
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Mon, 28 Jun 2021 17:48:38 GMT
server: nginx
etag: W/"60da0b76-230c"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMffde4e0d556258320e8c05813229f8acb
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 post-60370.css
www.guardicore.com/wp-content/uploads/elementor/css/ 3 KB
1 KB 455ms
450ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/uploads/elementor/css/post-60370.css?ver=1624902518
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 641f4e0a0380efe7b30ff0cd45dc2d02edeeb1988f3a96fddee0eca86d288164

Request headers

:path: /wp-content/uploads/elementor/css/post-60370.css?ver=1624902518
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Mon, 28 Jun 2021 17:48:38 GMT
server: nginx
etag: W/"60da0b76-df2"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMfb1e74efbf20e73d153368ccab7b2bc9f
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
www.guardicore.com/wp-content/themes/hello-theme-child-master/ 623 B
651 B 455ms
451ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/themes/hello-theme-child-master/style.css?ver=1.0.0
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: aa4b003bb85142c7ff8d4fa84ba07f5a8c070cd2a504af3d406731884bd44fec

Request headers

:path: /wp-content/themes/hello-theme-child-master/style.css?ver=1.0.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Sun, 21 Mar 2021 23:05:38 GMT
server: nginx
etag: W/"6057d142-26f"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf381e7b13d41d5de3c59d524a3e8a5fbe
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fontawesome.min.css
www.guardicore.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 57 KB
13 KB 455ms
451ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.1
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: f8d00356859998784bda26e1d14f2d981515921b96ded50d5d6f6f0e75bac15c

Request headers

:path: /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Mon, 21 Jun 2021 16:24:03 GMT
server: nginx
etag: W/"60d0bd23-e238"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf91447c4d44025b689d15cf2ca614ceca
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 solid.min.css
www.guardicore.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 669 B
602 B 455ms
451ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.1
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1ada5259a5ac61a7d68315f7efa6b98d61d2d0478df0545869c880afeaa67dcd

Request headers

:path: /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Mon, 21 Jun 2021 16:24:03 GMT
server: nginx
etag: W/"60d0bd23-29d"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMfee748ee1ec1395ab364b05561b689f03
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 brands.min.css
www.guardicore.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 675 B
600 B 455ms
451ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.1
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 71008cf308a9bb2a3a3ddaa973f816c0d3a11db5cc9e7bdd5498089423019b3e

Request headers

:path: /wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Mon, 21 Jun 2021 16:24:03 GMT
server: nginx
etag: W/"60d0bd23-2a3"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf1a1b08f6bdd3e26183dfa22257547231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
www.guardicore.com/wp-includes/js/jquery/ 87 KB
31 KB 456ms
452ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

:path: /wp-includes/js/jquery/jquery.min.js?ver=3.5.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Sun, 21 Mar 2021 22:42:24 GMT
server: nginx
etag: W/"6057cbd0-15d98"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf8910a2c2eb2e78186b5c545428e1b514
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-migrate.min.js Show response
www.guardicore.com/wp-includes/js/jquery/ 11 KB
4 KB 456ms
452ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

:path: /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Sun, 21 Mar 2021 22:42:24 GMT
server: nginx
etag: W/"6057cbd0-2bd8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMfbfac3608f8d9ce0b1a47404bb14199d5
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 frontend.js Show response
www.guardicore.com/wp-content/plugins/modern-events-calendar-lite/assets/js/ 215 KB
26 KB 456ms
452ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/modern-events-calendar-lite/assets/js/frontend.js?ver=5.20.6
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: ea33b0ef01fbc24a9f2a3f6c858425fe2a19712e029eae43641ac3bfbc59c0e3

Request headers

:path: /wp-content/plugins/modern-events-calendar-lite/assets/js/frontend.js?ver=5.20.6
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Mon, 28 Jun 2021 17:47:47 GMT
server: nginx
etag: W/"60da0b43-35b4d"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf9d6e09a58f5fc923d5e410f32d5b190e
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 events.js Show response
www.guardicore.com/wp-content/plugins/modern-events-calendar-lite/assets/js/ 26 KB
4 KB 456ms
452ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/modern-events-calendar-lite/assets/js/events.js?ver=5.20.6
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 23711380d4aa9cb1d400ed80287482643d79b55ec2398da742d9804b8a12f216

Request headers

:path: /wp-content/plugins/modern-events-calendar-lite/assets/js/events.js?ver=5.20.6
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Mon, 28 Jun 2021 17:47:47 GMT
server: nginx
etag: W/"60da0b43-6652"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf614ef95a624862844dd4345b676d8669
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 91 KB
36 KB 31ms
30ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-53878132-1

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6fdfb97b7fe44ab4013707e8e7aae1f88da2fb7ad090a460b1be6130d937724a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37014
x-xss-protection: 0
last-modified: Mon, 05 Jul 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 05 Jul 2021 13:24:28 GMT

GET
H2 200 frontend.min.css
www.guardicore.com/wp-content/plugins/elementor-pro/assets/css/ 237 KB
27 KB 455ms
451ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/elementor-pro/assets/css/frontend.min.css
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: ceaa8c47e55f50794d42966a696f0f35149ffd1560c46eecbca911d6b48d9371

Request headers

:path: /wp-content/plugins/elementor-pro/assets/css/frontend.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Mon, 28 Jun 2021 17:47:40 GMT
server: nginx
etag: W/"60da0b3c-3b299"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf465730dbaae7548ce0dc4a775bf38ec0
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 post-131.css
www.guardicore.com/wp-content/uploads/elementor/css/ 65 KB
6 KB 450ms
447ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/uploads/elementor/css/post-131.css
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: af71cb6decf2066c163b45f4b8b5283f9fa4043a5de26bcea4b11597afa4e090

Request headers

:path: /wp-content/uploads/elementor/css/post-131.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Tue, 29 Jun 2021 15:29:58 GMT
server: nginx
etag: W/"60db3c76-1034d"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf49d115ab702ca88ed92fd95c575ffd02
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jet-elements.css
www.guardicore.com/wp-content/plugins/jet-elements/assets/css/ 234 KB
23 KB 451ms
448ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/jet-elements/assets/css/jet-elements.css
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: d4cfd8082109b47b94a9af2888657a68860315ad99736d4c9b0c49fb0152b68b

Request headers

:path: /wp-content/plugins/jet-elements/assets/css/jet-elements.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Mon, 28 Jun 2021 17:47:43 GMT
server: nginx
etag: W/"60da0b3f-3a86d"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMfe1733efb35206daa00ea4a44891e8d00
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 post-118.css
www.guardicore.com/wp-content/uploads/elementor/css/ 19 KB
3 KB 455ms
452ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/uploads/elementor/css/post-118.css
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0cdce53dc078014ad2af66256afb166fddb4db77945fa4113ad3007459e3aa06

Request headers

:path: /wp-content/uploads/elementor/css/post-118.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Thu, 01 Jul 2021 00:44:27 GMT
server: nginx
etag: W/"60dd0feb-4d95"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf1dc21c44fa5697bbc73f76cb2a5b195c
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-emoji-release.min.js Show response
www.guardicore.com/wp-includes/js/ 14 KB
5 KB 157ms
157ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-includes/js/wp-emoji-release.min.js?ver=b5e5bcb39b7f9f3feb0d0ea77dd35c89
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=b5e5bcb39b7f9f3feb0d0ea77dd35c89
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Sun, 21 Mar 2021 22:42:24 GMT
server: nginx
etag: W/"6057cbd0-3795"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMfe4dfd7a4e9b320b2ce6cdaa9182c76b9
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
826 B 146ms
111ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ycx6qEKbN7KGOVSzufMI3j9DziXRfm2O48U5XJDhWtx5kcW0VzJhU67IMen%2BnqfTtl9g0A%2F0D7XxhAB9c3ydq5N4nY9STFlzrQ7Rth1bQG27pOQabX4n5FlUDoGnP13By2k6TwkdoB2jPs4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0e9ecbd81d729-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H2 200 post-30085.css
www.guardicore.com/wp-content/uploads/elementor/css/ 11 KB
1 KB 429ms
415ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/uploads/elementor/css/post-30085.css?ver=1625153783
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 13cbc75f4ec4fe7e354dff7e326e148da49f8a71b9bccd3f17605eba779a3f0d

Request headers

:path: /wp-content/uploads/elementor/css/post-30085.css?ver=1625153783
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Thu, 01 Jul 2021 15:36:23 GMT
server: nginx
etag: W/"60dde0f7-2d28"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf03aba71c2133a04c268db80c3d81c301
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 post-53226.css
www.guardicore.com/wp-content/uploads/elementor/css/ 3 KB
965 B 428ms
415ms Stylesheet
text/css 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/uploads/elementor/css/post-53226.css?ver=1624902518
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: f770bc714b92d45af98259cc48f5b8033e6993147da9c35b70e7b845d379df25

Request headers

:path: /wp-content/uploads/elementor/css/post-53226.css?ver=1624902518
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Mon, 28 Jun 2021 17:48:38 GMT
server: nginx
etag: W/"60da0b76-a3f"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf5ed2cfee17256d8b5a2b8614983c85fd
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 core.min.js Show response
www.guardicore.com/wp-includes/js/jquery/ui/ 20 KB
7 KB 428ms
415ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-includes/js/jquery/ui/core.min.js?ver=1.12.1
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e

Request headers

:path: /wp-includes/js/jquery/ui/core.min.js?ver=1.12.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Fri, 16 Apr 2021 00:17:18 GMT
server: nginx
etag: W/"6078d78e-5133"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf3c71921806811e3caaa3b0e10e548fcd
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 datepicker.min.js Show response
www.guardicore.com/wp-includes/js/jquery/ui/ 35 KB
11 KB 428ms
416ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.12.1
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 60e04dcb9483e44801771aab65df07bfa3fabbaf9a4386fd05f568d0e4d8710d

Request headers

:path: /wp-includes/js/jquery/ui/datepicker.min.js?ver=1.12.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Fri, 16 Apr 2021 00:17:18 GMT
server: nginx
etag: W/"6078d78e-8d34"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf06bc73f1efb2c44edc7c6b673fb5f397
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.typewatch.js Show response
www.guardicore.com/wp-content/plugins/modern-events-calendar-lite/assets/js/ 3 KB
2 KB 428ms
416ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/modern-events-calendar-lite/assets/js/jquery.typewatch.js?ver=5.20.6
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 28aa95a989d5e46ee060bb0d443fcd699d31db7320673379fad857f77fc776a8

Request headers

:path: /wp-content/plugins/modern-events-calendar-lite/assets/js/jquery.typewatch.js?ver=5.20.6
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Mon, 28 Jun 2021 17:47:47 GMT
server: nginx
etag: W/"60da0b43-bc5"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf6136113fa86f4bc57940bc46f519b7dc
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 featherlight.js Show response
www.guardicore.com/wp-content/plugins/modern-events-calendar-lite/assets/packages/featherlight/ 30 KB
9 KB 428ms
416ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/modern-events-calendar-lite/assets/packages/featherlight/featherlight.js?ver=5.20.6
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 87a4d24f8fb09eae43f4e07568e22c9f714ad5a86296516dd3721d7328922d71

Request headers

:path: /wp-content/plugins/modern-events-calendar-lite/assets/packages/featherlight/featherlight.js?ver=5.20.6
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Mon, 28 Jun 2021 17:47:47 GMT
server: nginx
etag: W/"60da0b43-785b"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf6752d633379cffd627159b693d9e5b9c
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 select2.full.min.js Show response
www.guardicore.com/wp-content/plugins/modern-events-calendar-lite/assets/packages/select2/ 77 KB
22 KB 428ms
417ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/modern-events-calendar-lite/assets/packages/select2/select2.full.min.js?ver=5.20.6
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: fe5f91e8750420e8c460358e4ddf588f781c252c2426741e59132f238d6e6203

Request headers

:path: /wp-content/plugins/modern-events-calendar-lite/assets/packages/select2/select2.full.min.js?ver=5.20.6
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Mon, 28 Jun 2021 17:47:47 GMT
server: nginx
etag: W/"60da0b43-132dd"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMfc2bc1a8c3f6207b370c854aa9e9a2746
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tooltip.js Show response
www.guardicore.com/wp-content/plugins/modern-events-calendar-lite/assets/packages/tooltip/ 39 KB
10 KB 426ms
416ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/modern-events-calendar-lite/assets/packages/tooltip/tooltip.js?ver=5.20.6
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: b763b49b4a8f7afccef98cc8a40f450a31d6c69150d30acb3438d81331222d41

Request headers

:path: /wp-content/plugins/modern-events-calendar-lite/assets/packages/tooltip/tooltip.js?ver=5.20.6
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Mon, 28 Jun 2021 17:47:47 GMT
server: nginx
etag: W/"60da0b43-9bdd"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf8e1004b10e6d3d17e2948ce4d84cb772
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 lity.min.js Show response
www.guardicore.com/wp-content/plugins/modern-events-calendar-lite/assets/packages/lity/ 6 KB
3 KB 427ms
417ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/modern-events-calendar-lite/assets/packages/lity/lity.min.js?ver=5.20.6
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3b1ae6cec7f06d999f0695e08022868275f74821104092579bc1a848db0f34de

Request headers

:path: /wp-content/plugins/modern-events-calendar-lite/assets/packages/lity/lity.min.js?ver=5.20.6
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Mon, 28 Jun 2021 17:47:47 GMT
server: nginx
etag: W/"60da0b43-188f"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf888c29bd79597b8d6a7e3b297e249d82
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 colorbrightness.min.js Show response
www.guardicore.com/wp-content/plugins/modern-events-calendar-lite/assets/packages/colorbrightness/ 942 B
852 B 426ms
416ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/modern-events-calendar-lite/assets/packages/colorbrightness/colorbrightness.min.js?ver=5.20.6
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1396662705b0c8e4aece9ae751982e526b27e9e1271276d3bc02168d3491361e

Request headers

:path: /wp-content/plugins/modern-events-calendar-lite/assets/packages/colorbrightness/colorbrightness.min.js?ver=5.20.6
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Mon, 28 Jun 2021 17:47:47 GMT
server: nginx
etag: W/"60da0b43-3ae"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf774f9e2ec2ae59f8b2e8a3f78db89c9a
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 owl.carousel.min.js Show response
www.guardicore.com/wp-content/plugins/modern-events-calendar-lite/assets/packages/owl-carousel/ 107 KB
21 KB 427ms
417ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/modern-events-calendar-lite/assets/packages/owl-carousel/owl.carousel.min.js?ver=5.20.6
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2253d28cf7e038400244b19b4fe87d90240a0388e16f0a145deeff4eaf47b14a

Request headers

:path: /wp-content/plugins/modern-events-calendar-lite/assets/packages/owl-carousel/owl.carousel.min.js?ver=5.20.6
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Mon, 28 Jun 2021 17:47:47 GMT
server: nginx
etag: W/"60da0b43-1ad6a"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMfe55942cc8ab69ff940752c6a4269ff2f
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vue.min.js Show response
www.guardicore.com/wp-content/plugins/jet-menu/assets/public/js/ 91 KB
34 KB 427ms
417ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/jet-menu/assets/public/js/vue.min.js?ver=2.6.11
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9e0156dd49c03744e79bbea60eebbbb94b5811c1b71b91f5fb38a8270dedfbaf

Request headers

:path: /wp-content/plugins/jet-menu/assets/public/js/vue.min.js?ver=2.6.11
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Sun, 21 Mar 2021 22:43:36 GMT
server: nginx
etag: W/"6057cc18-16de6"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMff374b9edd63861fec28a89c1d9d06161
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jet-menu-public-script.js Show response
www.guardicore.com/wp-content/plugins/jet-menu/assets/public/js/ 43 KB
10 KB 426ms
417ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/jet-menu/assets/public/js/jet-menu-public-script.js?ver=2.0.9
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 238665a4e9c6f3e6fd4c936f560856580b5f30d2aaf8e508d07a2f56a0516fc1

Request headers

:path: /wp-content/plugins/jet-menu/assets/public/js/jet-menu-public-script.js?ver=2.0.9
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Sun, 21 Mar 2021 22:43:36 GMT
server: nginx
etag: W/"6057cc18-ab29"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf4a408b6a68b774cce24c3ab3b7138ed9
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-embed.min.js Show response
www.guardicore.com/wp-includes/js/ 1 KB
1 KB 426ms
417ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-includes/js/wp-embed.min.js?ver=b5e5bcb39b7f9f3feb0d0ea77dd35c89
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path: /wp-includes/js/wp-embed.min.js?ver=b5e5bcb39b7f9f3feb0d0ea77dd35c89
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Sun, 21 Mar 2021 22:42:24 GMT
server: nginx
etag: W/"6057cbd0-592"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf749886ec0994be23c6712779522f89ea
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 imagesloaded.min.js Show response
www.guardicore.com/wp-includes/js/ 5 KB
2 KB 426ms
417ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

:path: /wp-includes/js/imagesloaded.min.js?ver=4.1.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Sun, 21 Mar 2021 22:42:24 GMT
server: nginx
etag: W/"6057cbd0-15fd"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf3f094f769b073361c9a279295e074129
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 webpack-pro.runtime.min.js Show response
www.guardicore.com/wp-content/plugins/elementor-pro/assets/js/ 5 KB
3 KB 426ms
418ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.3.1
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 52adbaf8b7004e3e0ef2b06be5492748eeef0bdfbc2d91b4aa3aa7ddd7028703

Request headers

:path: /wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.3.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Mon, 28 Jun 2021 17:47:40 GMT
server: nginx
etag: W/"60da0b3c-1556"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf0234e3edb2f9144a9481f36a71284c5d
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 webpack.runtime.min.js Show response
www.guardicore.com/wp-content/plugins/elementor/assets/js/ 5 KB
2 KB 425ms
418ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.2.5
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: b5641645c15c48b3ff5ce52e718563e1d04d18492e552eb126862768327e2855

Request headers

:path: /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.2.5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Mon, 21 Jun 2021 16:24:03 GMT
server: nginx
etag: W/"60d0bd23-12a1"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMff7e02aaf805a2876bafa714fa03c6b68
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 frontend-modules.min.js Show response
www.guardicore.com/wp-content/plugins/elementor/assets/js/ 63 KB
22 KB 425ms
418ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.2.5
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: d8e1bb6afaee4a9709470e6bc6712a4288aab63eff4a430e75935d0095648bb6

Request headers

:path: /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.2.5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Mon, 21 Jun 2021 16:24:03 GMT
server: nginx
etag: W/"60d0bd23-fd92"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMff11b74089aab1aa6ed8895ed9a08890e
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.sticky.min.js Show response
www.guardicore.com/wp-content/plugins/elementor-pro/assets/lib/sticky/ 6 KB
2 KB 425ms
418ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.3.1
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: a48dea362116d7516a2cf97066a32758d353760ee02dbf900ddff86b02a16473

Request headers

:path: /wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.3.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Mon, 28 Jun 2021 17:47:40 GMT
server: nginx
etag: W/"60da0b3c-19c3"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMfd5dd5b5c8260fa6241d78ea3083e31c2
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 frontend.min.js Show response
www.guardicore.com/wp-content/plugins/elementor-pro/assets/js/ 58 KB
16 KB 425ms
418ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.3.1
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 785c1179e9138a30fccbcd502d81ad2920049a12fd3d83fae433052e9be4c62f

Request headers

:path: /wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.3.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Mon, 28 Jun 2021 17:47:40 GMT
server: nginx
etag: W/"60da0b3c-e60d"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf1f3e8b9fc0de9507be5dd95c4135b41f
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 waypoints.min.js Show response
www.guardicore.com/wp-content/plugins/elementor/assets/lib/waypoints/ 12 KB
3 KB 425ms
419ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0

Request headers

:path: /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Mon, 21 Jun 2021 16:24:03 GMT
server: nginx
etag: W/"60d0bd23-2fa6"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf7b84686be03b0d06cfa0fa17b02ed413
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 swiper.min.js Show response
www.guardicore.com/wp-content/plugins/elementor/assets/lib/swiper/ 136 KB
35 KB 425ms
419ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804

Request headers

:path: /wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Mon, 21 Jun 2021 16:24:03 GMT
server: nginx
etag: W/"60d0bd23-21f91"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf1201b4ea3dfb2a7ecc9b968f5dcbf909
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 share-link.min.js Show response
www.guardicore.com/wp-content/plugins/elementor/assets/lib/share-link/ 3 KB
1 KB 425ms
419ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.2.5
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4a7ee62eb33f3bbb66c2151e5cac6bf4904e28302efc36128f3e3ccae6fde580

Request headers

:path: /wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.2.5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Mon, 21 Jun 2021 16:24:03 GMT
server: nginx
etag: W/"60d0bd23-a12"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMfa53e18eba37a6f5036aaa47e660d302f
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 dialog.min.js Show response
www.guardicore.com/wp-content/plugins/elementor/assets/lib/dialog/ 11 KB
4 KB 425ms
419ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.8.1
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2989e0b9e836cb9de3274d641ec6a58c2052f039e790ddd59b22303930bfdeeb

Request headers

:path: /wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.8.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Mon, 21 Jun 2021 16:24:03 GMT
server: nginx
etag: W/"60d0bd23-2a6f"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMfbee9ea3c5c3fec5a5e4d19080d759635
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 frontend.min.js Show response
www.guardicore.com/wp-content/plugins/elementor/assets/js/ 66 KB
20 KB 425ms
420ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.2.5
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 17f076500dca787c42b1dd6238ce50a0752771eafd040e8512c713a7ec947c65

Request headers

:path: /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.2.5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Mon, 21 Jun 2021 16:24:03 GMT
server: nginx
etag: W/"60d0bd23-1086a"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf4eab3509279864b6460acef12e12f016
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 preloaded-elements-handlers.min.js Show response
www.guardicore.com/wp-content/plugins/elementor-pro/assets/js/ 160 KB
39 KB 425ms
420ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/elementor-pro/assets/js/preloaded-elements-handlers.min.js?ver=3.3.1
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 897ebbdf379aeb2c751275f083d298f15b094902c6bd6a66405ffb0604c64124

Request headers

:path: /wp-content/plugins/elementor-pro/assets/js/preloaded-elements-handlers.min.js?ver=3.3.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Mon, 28 Jun 2021 17:47:40 GMT
server: nginx
etag: W/"60da0b3c-27e8a"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf84a5bbaa5346ffc1946b599353a8ecbb
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jet-blocks.min.js Show response
www.guardicore.com/wp-content/plugins/jet-blocks/assets/js/ 17 KB
6 KB 425ms
420ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/jet-blocks/assets/js/jet-blocks.min.js?ver=1.2.8
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 32724c08701fcb0bb65c489c06718dca25268bc15b53bf0df19f89fbf8dd2676

Request headers

:path: /wp-content/plugins/jet-blocks/assets/js/jet-blocks.min.js?ver=1.2.8
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Sun, 21 Mar 2021 22:43:24 GMT
server: nginx
etag: W/"6057cc0c-450b"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf86b83717d1bf2e248fafa6e42671b48c
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jet-elements.min.js Show response
www.guardicore.com/wp-content/plugins/jet-elements/assets/js/ 63 KB
22 KB 425ms
420ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/jet-elements/assets/js/jet-elements.min.js?ver=2.5.8
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4604fb3649c76594567706713285dd8be0c3538a2c3b0edfd49d74c9f5147972

Request headers

:path: /wp-content/plugins/jet-elements/assets/js/jet-elements.min.js?ver=2.5.8
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Mon, 28 Jun 2021 17:47:43 GMT
server: nginx
etag: W/"60da0b3f-fdc0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMfeed25eeb659dba86edc1e1832687f1d5
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jet-menu-widgets-scripts.js Show response
www.guardicore.com/wp-content/plugins/jet-menu/assets/public/js/ 11 KB
4 KB 425ms
421ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/jet-menu/assets/public/js/jet-menu-widgets-scripts.js?ver=2.0.9
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: f3a7ddd6363de195ad182e5e26cdc0addd8ad09e6deba53fcd22831f9cb28803

Request headers

:path: /wp-content/plugins/jet-menu/assets/public/js/jet-menu-widgets-scripts.js?ver=2.0.9
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Sun, 21 Mar 2021 22:43:36 GMT
server: nginx
etag: W/"6057cc18-2c61"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMfd7a3a9ffcd8c5ace5db17d9810c491f3
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 popperjs.js Show response
www.guardicore.com/wp-content/plugins/jet-tricks/assets/js/lib/tippy/ 18 KB
7 KB 425ms
421ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/jet-tricks/assets/js/lib/tippy/popperjs.js?ver=2.5.2
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: dd1617feba063690e3bf1621308e1af67c6cabcdb2602e5a1df3a14b02b94d05

Request headers

:path: /wp-content/plugins/jet-tricks/assets/js/lib/tippy/popperjs.js?ver=2.5.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Tue, 25 May 2021 15:22:22 GMT
server: nginx
etag: W/"60ad162e-487a"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMfa87f7265b3075ade162f00eca7dab0b9
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tippy-bundle.js Show response
www.guardicore.com/wp-content/plugins/jet-tricks/assets/js/lib/tippy/ 76 KB
19 KB 425ms
421ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/jet-tricks/assets/js/lib/tippy/tippy-bundle.js?ver=6.3.1
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: ea8db732b0c05833c674be800e81bf8dc72919a00feafde206c1f6001d1c6bcf

Request headers

:path: /wp-content/plugins/jet-tricks/assets/js/lib/tippy/tippy-bundle.js?ver=6.3.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Tue, 25 May 2021 15:22:22 GMT
server: nginx
etag: W/"60ad162e-13099"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf346e05118fe1c8c98d7c95cff9c6d4dc
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jet-tricks-frontend.js Show response
www.guardicore.com/wp-content/plugins/jet-tricks/assets/js/ 21 KB
5 KB 425ms
421ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/jet-tricks/assets/js/jet-tricks-frontend.js?ver=1.3.7
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 552816c0181f22f4dc11728b99d077587e09299d57ecc9539a95233ba59d2b51

Request headers

:path: /wp-content/plugins/jet-tricks/assets/js/jet-tricks-frontend.js?ver=1.3.7
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Tue, 25 May 2021 15:22:22 GMT
server: nginx
etag: W/"60ad162e-5499"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf2dd420c1cb58351543650a67d8a8d79e
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 preloaded-modules.min.js Show response
www.guardicore.com/wp-content/plugins/elementor/assets/js/ 57 KB
17 KB 425ms
421ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.2.5
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: d882dbd828af87ed3434862bf608a2dee6d347817ae547421c9b2051ce29a905

Request headers

:path: /wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.2.5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Mon, 21 Jun 2021 16:24:03 GMT
server: nginx
etag: W/"60d0bd23-e2e0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMfeb5e42e3dd819942867a5c3f1004579f
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 underscore.min.js Show response
www.guardicore.com/wp-includes/js/ 16 KB
6 KB 565ms
561ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-includes/js/underscore.min.js?ver=1.8.3
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6cd0d6897b3d4779f7d88ce72531f22fbf75851b195fb14e6f3f23d051b3d1e9

Request headers

:path: /wp-includes/js/underscore.min.js?ver=1.8.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Fri, 16 Apr 2021 00:17:18 GMT
server: nginx
etag: W/"6078d78e-3ead"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMfa06ed95cdbe490dcb066b97254588b5d
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-util.min.js Show response
www.guardicore.com/wp-includes/js/ 1 KB
892 B 565ms
562ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-includes/js/wp-util.min.js?ver=b5e5bcb39b7f9f3feb0d0ea77dd35c89
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6d7c73e67cbb5215d633ce9ad65f0c0377004621fce62982568024178ac4b589

Request headers

:path: /wp-includes/js/wp-util.min.js?ver=b5e5bcb39b7f9f3feb0d0ea77dd35c89
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Sun, 21 Mar 2021 22:42:24 GMT
server: nginx
etag: W/"6057cbd0-435"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMfcbd9ef04b404187a6f05eb0fb527777b
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jet-search.js Show response
www.guardicore.com/wp-content/plugins/jet-search/assets/js/ 13 KB
3 KB 565ms
562ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/jet-search/assets/js/jet-search.js?ver=2.1.12
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: ef5778f747401ce5abeaa4accff79fa721b062dd375572c06e185e9f49130746

Request headers

:path: /wp-content/plugins/jet-search/assets/js/jet-search.js?ver=2.1.12
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Mon, 21 Jun 2021 16:24:08 GMT
server: nginx
etag: W/"60d0bd28-33e2"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMfc5acf035c5fd44ccacc6447d32aa21a0
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 frontend.js Show response
www.guardicore.com/wp-content/plugins/jet-engine/assets/js/ 37 KB
8 KB 565ms
562ms Script
application/javascript 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/jet-engine/assets/js/frontend.js?ver=2.8.5
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 23ad59d8614ad388eb5341dd0b4db738694d4eb9d18ddf4bd057e18f665c0f1a

Request headers

:path: /wp-content/plugins/jet-engine/assets/js/frontend.js?ver=2.8.5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Mon, 21 Jun 2021 16:24:06 GMT
server: nginx
etag: W/"60d0bd26-9547"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf258d979107a19518212e41c3a24b92c4
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
466 B 413ms
112ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:24:29 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=RatIl3pn08K%2F5DzJ5KASdGGU4H2D7kBZP0dujYrq%2Bx1kz8Ddkq23rcRx%2FAOm%2BcW3LWI3CBTjHNQL2dkrpU9m8vY7BHEe%2BVpoGhP4j%2B7Htgz%2F3Up49dlRvdBNqgIsFL3DhnUdmUQWm96ayf0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0e9f21955d729-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H/1.1 200
OK 6si.min.js Show response
j.6sc.co/ 23 KB
8 KB 473ms
7ms Script
application/javascript 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

da1b60970149580c709bbc357622d24e7029d658e852e74ef1d861ffb22ad219

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 05 Jul 2021 13:24:29 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 7764
Pragma: no-cache
Last-Modified: Wed, 17 Mar 2021 01:04:50 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "605155b2-5d6b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: application/javascript
Access-Control-Allow-Origin
Cache-Control: private, no-cache, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Mon, 05 Jul 2021 13:24:29 GMT

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
434 B 684ms
383ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:24:29 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=feUgAHAsOzFTkdPpc5odntaXCDpw2v6X6PJ9rDc6%2BHLEO3cSlRGxsVaknWE63P50mO0oqZ24fcJTppNUNULXKdfKibPJnd4KxhXbfFea02OFt14nQdTR0LkSoDvzp40kVaYsY7v%2F7WWSdrY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0e9f21956d729-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
437 B 689ms
389ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:24:29 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=XzLQsI8Te6ImauEhPkCdt60jaqhWfqdFRVtIoKy4IPhD%2BSRw1JJOxD3kFrswKlD%2B1QG4STtT3vtvWhEeCBz9lHpWAKQF2W%2BXKyTSEpjuCAAjS5s4DAR6B2GYL9D9FsrUJyt7CKiioaDsdkQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0e9f21958d729-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 219 KB
61 KB 41ms
41ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WDRGX6B

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1c6e8d172c625037f0bef75c2efd2932f818236edd250baab7ab9c045a038886

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61972
x-xss-protection: 0
last-modified: Mon, 05 Jul 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 05 Jul 2021 13:24:28 GMT

GET
H/1.0 200
OK Cookie set 29ntk8 Show response
go.guardicore.com/l/503441/2019-11-13/ Frame 81F3 7 KB
3 KB 603ms
323ms Document
text/html 35.174.150.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go.guardicore.com/l/503441/2019-11-13/29ntk8
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: HTTP/1.0
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.174.150.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pi0-lba1-3-ue1.aws.pardot.com
Software: PardotServer /
Resource Hash: f6ea484d6d98cf40416aa534105ecefa98b468463f86f63321d4ff473f266ebe

Request headers

Host: go.guardicore.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.guardicore.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.guardicore.com/

Response headers

Date: Mon, 05 Jul 2021 13:24:29 GMT
Set-Cookie: pardot=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0 visitor_id503441=427873014; expires=Wed, 24-Aug-2022 13:24:29 GMT; Max-Age=35856000; path=/; secure; SameSite=None visitor_id503441-hash=554ffdde6da78c89ce9862794705e27b148c38d19b349650a56429c63fddd3d8504f4a208589304e8e88a1f47ed9740eacc29532; expires=Wed, 24-Aug-2022 13:24:29 GMT; Max-Age=35856000; path=/; secure; SameSite=None
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
X-Pardot-Rsp: 16/124/146
P3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2381
Content-Type: text/html; charset=utf-8
X-Pardot-Route: cb482e8713caadba289bc279c1db8a1d
Server: PardotServer
X-Pardot-LB: a083ac6fc1531fb089982e922db67d20
Connection: keep-alive

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
443 B 421ms
120ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:24:29 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=0Kcxnav2r3SyGqCRfAtKlCqVJ%2FfutFOXipkXAV05%2BD68PBn1vAR2nyd9hc62mf%2BRUvT3CWPn5VO4G3loaioCyBL96deC%2FUhZv%2FK%2BI987KJ4CJyPqAB2BVViRjVTCqPGVVG%2FmiJwlVO9DhZ4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0e9f22971d729-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
438 B 422ms
121ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:24:29 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=kYrnCJhgpWjhgF%2B%2BvewJmKupbTXkqf57JFdLz2XstFo1kLFgNtU81vUCupPjY8wLw0U3awmPEpKQ8sElv%2BbQy7bQ1l%2Bk6z9C06NEhw2PTZcKS7VI7c5ch23tIQxkqVjr44M1Ol3KXg62CeM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0e9f22975d729-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H2 200 Indexsinas-Labs-Blog-Header-1920x450px.jpg
www.guardicore.com/wp-content/uploads/ 142 KB
142 KB 157ms
157ms Image
image/jpeg 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guardicore.com/wp-content/uploads/Indexsinas-Labs-Blog-Header-1920x450px.jpg
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: a5be724742b18d242a2532bded133564f8d8327b2ff622c4073f8a213cc67b16

Request headers

:path: /wp-content/uploads/Indexsinas-Labs-Blog-Header-1920x450px.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
last-modified: Tue, 29 Jun 2021 12:15:22 GMT
server: nginx
etag: "60db0eda-236fb"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 145147
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMfbdef32f0169bf48fe9f16e86af669131
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Vector-5.svg
www.guardicore.com/wp-content/uploads/ 539 B
619 B 156ms
156ms Image
image/svg+xml 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guardicore.com/wp-content/uploads/Vector-5.svg
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 55d372262d6c1aca75034d99cb49419689270ff74765adf77ed15ded9ece52fe

Request headers

:path: /wp-content/uploads/Vector-5.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
content-encoding: gzip
last-modified: Sun, 21 Mar 2021 23:02:59 GMT
server: nginx
etag: W/"6057d0a3-21b"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMffc0923615dfa42fdbfa21d4ea7a4a84e
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Graphik-Semibold.woff2
www.guardicore.com/wp-content/uploads/ 42 KB
42 KB 157ms
157ms Font
application/font-woff2 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/uploads/Graphik-Semibold.woff2
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/wp-content/uploads/elementor/css/post-55514.css?ver=1624902517
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 88c7b96dcdb3c0c4d52f8dcfdc11b012497f5f4d2c31bcdd9ac429050d60c4a1

Request headers

:path: /wp-content/uploads/Graphik-Semibold.woff2
pragma: no-cache
origin: https://www.guardicore.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.guardicore.com
referer: https://www.guardicore.com/wp-content/uploads/elementor/css/post-55514.css?ver=1624902517
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.guardicore.com
Referer: https://www.guardicore.com/wp-content/uploads/elementor/css/post-55514.css?ver=1624902517
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
last-modified: Sun, 21 Mar 2021 22:48:32 GMT
server: nginx
etag: "6057cd40-a608"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 42504
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf4fcb57eb5b7daf2ecec9aca98c9a862e
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fa-solid-900.woff2
www.guardicore.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 78 KB
79 KB 157ms
157ms Font
application/font-woff2 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7

Request headers

:path: /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
pragma: no-cache
origin: https://www.guardicore.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.guardicore.com
referer: https://www.guardicore.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.guardicore.com
Referer: https://www.guardicore.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
last-modified: Mon, 21 Jun 2021 16:24:03 GMT
server: nginx
etag: "60d0bd23-139ac"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 80300
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMfed8c7decb9f792b3800645d5691afdaf
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Graphik-Bold.woff2
www.guardicore.com/wp-content/uploads/ 41 KB
42 KB 159ms
158ms Font
application/font-woff2 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/uploads/Graphik-Bold.woff2
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/wp-content/uploads/elementor/css/post-55514.css?ver=1624902517
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5e13437dee929c20638ff3b3be2c584b73ecdf3188cdaa5215a498b855240789

Request headers

:path: /wp-content/uploads/Graphik-Bold.woff2
pragma: no-cache
origin: https://www.guardicore.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.guardicore.com
referer: https://www.guardicore.com/wp-content/uploads/elementor/css/post-55514.css?ver=1624902517
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.guardicore.com
Referer: https://www.guardicore.com/wp-content/uploads/elementor/css/post-55514.css?ver=1624902517
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
last-modified: Sun, 21 Mar 2021 22:55:21 GMT
server: nginx
etag: "6057ced9-a578"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 42360
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMfd24138e8e90cd1fd9ef5a11fc7f60de3
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fa-brands-400.woff2
www.guardicore.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 77 KB
77 KB 158ms
157ms Font
application/font-woff2 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guardicore.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba

Request headers

:path: /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
pragma: no-cache
origin: https://www.guardicore.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.guardicore.com
referer: https://www.guardicore.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.guardicore.com
Referer: https://www.guardicore.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:28 GMT
last-modified: Mon, 21 Jun 2021 16:24:03 GMT
server: nginx
etag: "60d0bd23-1327c"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 78460
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf43fa16e2c98de72bb8a51867f56b038b
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 JB41vmcC4ixUuR5dsrXKpe Show response
whimsical.com/embed/ Frame 67B9 12 KB
5 KB 419ms
386ms Document
text/html 13.225.87.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://whimsical.com/embed/JB41vmcC4ixUuR5dsrXKpe

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.87.2 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-87-2.fra2.r.cloudfront.net

Software

Resource Hash

288960b7f569d9400fcee66853782b5c32613018935c0571e411237ba32b861f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: whimsical.com
:scheme: https
:path: /embed/JB41vmcC4ixUuR5dsrXKpe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.guardicore.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.guardicore.com/

Response headers

content-type: text/html
date: Mon, 05 Jul 2021 13:24:29 GMT
vary: Accept-Encoding
set-cookie: AWSALB=hjwTv5gaqDeWE4di++ZOJQSkIErVu6DTMRaC4fk0gcH/bn/emP0K8hpnsF3WN5d20NBW9+RjXIVOtBQQU/QBu3Zzog87p6/0W4TnQzOlrqW0qxfYnFMkbOERyNQG; Expires=Mon, 12 Jul 2021 13:24:29 GMT; Path=/ AWSALBCORS=hjwTv5gaqDeWE4di++ZOJQSkIErVu6DTMRaC4fk0gcH/bn/emP0K8hpnsF3WN5d20NBW9+RjXIVOtBQQU/QBu3Zzog87p6/0W4TnQzOlrqW0qxfYnFMkbOERyNQG; Expires=Mon, 12 Jul 2021 13:24:29 GMT; Path=/; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: interest-cohort=()
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: hJyhaSOd1XkPtBhci0pZt1uOOxjv8FTHkVPJHR8iDtpK-2X6jeLDzw==

GET
H2 200 Guardicore-Logo-2C-Purple-White-RGB-1024x411.png
www.guardicore.com/wp-content/uploads/ 29 KB
29 KB 158ms
156ms Image
image/png 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guardicore.com/wp-content/uploads/Guardicore-Logo-2C-Purple-White-RGB-1024x411.png
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3c905981a0c3eb45cb3aa610f847bc3fc70a126acff5fc79c9d4d78dea3ee7ce

Request headers

:path: /wp-content/uploads/Guardicore-Logo-2C-Purple-White-RGB-1024x411.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:29 GMT
last-modified: Mon, 07 Jun 2021 21:05:46 GMT
server: nginx
etag: "60be8a2a-7317"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 29463
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf4222cce8129cfa2ff84218e2d13eb3a8
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
442 B 694ms
394ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:24:29 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=mmMQQUB8EPOgdGtwEAuEpiDoMwJ%2FFdXhcNSbc%2F1PY%2BZRLTkeCqbe3tVMH0XqzvzKYfVTXCNqmj1qDCCE2CFx%2BcLBTYaMYWvx8kZxl48hdhOLHWZdiPXec2y10G8nU9xiU1LxBfE%2BDw0HPkI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0e9f2fb16d729-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H2 200 f95ee8c4fc857b3c70e477ed7fe99ca2
secure.gravatar.com/avatar/ 1 KB
2 KB 336ms
5ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/f95ee8c4fc857b3c70e477ed7fe99ca2?s=96&d=mm&r=g
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 67f565f25c1bb8ae629cfca60c71766232073a0c905e0387e45895657b4ae3e7

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 05 Jul 2021 13:24:29 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="f95ee8c4fc857b3c70e477ed7fe99ca2.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/f95ee8c4fc857b3c70e477ed7fe99ca2?s=96&d=mm&r=g>; rel="canonical"
content-length: 1528
expires: Mon, 05 Jul 2021 13:29:29 GMT

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
442 B 409ms
109ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:24:29 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=6VreD%2FmabVgY1tIIid5tkuWXsaATMbS%2BDzs%2F2LpmfvyIFNkF%2B2uojYRCIWcBNhRZ4pMK%2F6CwUqwlOE%2BZZRKUC7t9ockS0RXfRau7luU50IMaOa7pUbd3bu9JJDhyacTLY2%2FozaXWSOYgALQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0e9f2fb18d729-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H2 200 c6df2c91220bf7941cbdc4fb85156241
secure.gravatar.com/avatar/ 1 KB
2 KB 335ms
5ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/c6df2c91220bf7941cbdc4fb85156241?s=96&d=mm&r=g
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 148b35f5e5d3dd37d6fc44caa577d6b478b0a62bb1200439d1f77e21f9c88c64

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 05 Jul 2021 13:24:29 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="c6df2c91220bf7941cbdc4fb85156241.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/c6df2c91220bf7941cbdc4fb85156241?s=96&d=mm&r=g>; rel="canonical"
content-length: 1528
expires: Mon, 05 Jul 2021 13:29:29 GMT

GET
H2 200 indexsinas-graph-1024x704.png
www.guardicore.com/wp-content/uploads/ 90 KB
91 KB 158ms
157ms Image
image/png 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guardicore.com/wp-content/uploads/indexsinas-graph-1024x704.png
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: ee3bf73c6c9ad57355c0ea3d028c8578295c733d1386e9a884f12ee3fa87f0c2

Request headers

:path: /wp-content/uploads/indexsinas-graph-1024x704.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:29 GMT
last-modified: Tue, 29 Jun 2021 16:18:21 GMT
server: nginx
etag: "60db47cd-16957"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 92503
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf45c40e681c933a45bf0e2bfc7f08d0b1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 indexsinas-map-1024x640.png
www.guardicore.com/wp-content/uploads/ 169 KB
170 KB 158ms
157ms Image
image/png 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guardicore.com/wp-content/uploads/indexsinas-map-1024x640.png
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: be28a35c24df4d07890eb60a8dc916d76b648a012b33439a11df136d5b6bb3f6

Request headers

:path: /wp-content/uploads/indexsinas-map-1024x640.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:29 GMT
last-modified: Tue, 29 Jun 2021 16:19:39 GMT
server: nginx
etag: "60db481b-2a42b"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 173099
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMfb02b00c4fc7ac86d2f9d62257b7aaffd
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 im-op1-banner-1.png
www.guardicore.com/wp-content/uploads/ 63 KB
64 KB 159ms
158ms Image
image/png 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guardicore.com/wp-content/uploads/im-op1-banner-1.png
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1a74087f01c6bf2309a2f5d7ddb8c2309f5fac988dccd6a72e283ef5eb70a347

Request headers

:path: /wp-content/uploads/im-op1-banner-1.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:29 GMT
last-modified: Sun, 21 Mar 2021 23:00:01 GMT
server: nginx
etag: "6057cff1-fd20"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 64800
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf3a62cb7916d7b996fcb6a91e7e99f4f3
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 threat-intelligence-banner-1.png
www.guardicore.com/wp-content/uploads/ 21 KB
22 KB 158ms
157ms Image
image/png 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guardicore.com/wp-content/uploads/threat-intelligence-banner-1.png
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.124.235.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4b9a7bdede208dc634debc53edee3ab4c7412e97063bd350c4726fb7625b532f

Request headers

:path: /wp-content/uploads/threat-intelligence-banner-1.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:29 GMT
last-modified: Sun, 21 Mar 2021 23:02:01 GMT
server: nginx
etag: "6057d069-55e7"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 21991
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMf8e478288dbe6b883d756fcad78b9ee26
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
793 B 717ms
416ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/wp-content/plugins/jet-menu/assets/public/js/vue.min.js?ver=2.6.11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:24:29 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=mINjrVVsCCPtOkTwtfRzl%2B5qs5gtR1JQLeIbZUvL4HRx293J61W%2BOKLcHMSS%2FLj%2Fx743qoxZalmqIbLMyXqmhzQOHjcf7FGzlHeFmAgns7Ev0xbikAayzeSTLEcFthWEODQ2tZmD%2BFdIcPg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0e9f33b78d729-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H2 200 get-menu-items Show response
www.guardicore.com/wp-json/jet-menu-api/v1/ 11 KB
3 KB 357ms
357ms XHR
application/json 35.235.124.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.guardicore.com/wp-json/jet-menu-api/v1/get-menu-items?menu_id=246&dev=false&lang=false

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.235.124.140 Los Angeles, United States, ASN15169 (GOOGLE, US),

Reverse DNS

140.124.235.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

e1549773d59ab2805e4db4ea0475b33a0e0295702d0f15c12107fc60e2caa99a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
:path: /wp-json/jet-menu-api/v1/get-menu-items?menu_id=246&dev=false&lang=false
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: application/json, text/javascript, */*; q=0.01
cache-control: no-cache
:authority: www.guardicore.com
referer: https://www.guardicore.com/
:scheme: https
sec-fetch-site: same-origin
x-wp-nonce: 20df2d564c
:method: GET
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.guardicore.com/
X-Requested-With: XMLHttpRequest
X-WP-Nonce: 20df2d564c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:29 GMT
content-encoding: gzip
x-content-type-options: nosniff nosniff
content-security-policy-report-only: frame-ancestors 'none'; default-src 'none'; script-src 'self' 'report-sample' 'unsafe-inline'; style-src 'self' 'report-sample' 'unsafe-inline'; object-src 'none'; frame-src infectionmonkey.optimizeme.online; child-src 'none'; img-src 'self'; font-src 'self' *.gstatic.com; connect-src *.guardicore.com *.optimizeme.online; manifest-src 'none'; base-uri 'self'; form-action 'none'; media-src 'none'; prefetch-src 'none'; worker-src 'none'; report-uri https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-kinsta-cache: BYPASS
vary: Accept-Encoding Origin
x-xss-protection: 1; mode=block
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
referrer-policy: strict-origin
server: nginx
x-wp-nonce: 20df2d564c
x-frame-options: SAMEORIGIN
allow: GET
content-type: application/json; charset=UTF-8
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
permissions-policy: geolocation=();midi=();notifications=();push=();sync-xhr=();microphone=();camera=();magnetometer=();gyroscope=();speaker=(self);vibrate=();fullscreen=(self);payment=();
content-security-policy: upgrade-insecure-requests
x-robots-tag: noindex
link: <https://www.guardicore.com/wp-json/>; rel="https://api.w.org/"
x-edge-location-klb: 7T6a1sW2rXG586Q0acIULBMfed6e463c916936d0d7b8a9bf86fa7d01

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
443 B 706ms
405ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:24:29 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2B838oM1huBnhLuP%2BMxiAoxxL4uHaTTz3onS63F10I1NLlHDHZ%2BI%2BxSs0mjjKS4w2Wak2dQ5k5%2F9xUSOnWxyYm%2Bevm5kzLRcc3VvRzLL%2FHBy8kJYbbj8Lbc87r5BsSbYDo8SXkE0ZuSXNIiI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0e9f50ee1d729-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
462 B 452ms
152ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:24:29 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=3dp%2FXiNoCjfWSlydc6mH2%2BNLt%2FnRLsQK84y5YFAKAaOpHYUbw8i7RcizSeGLeXK4hqGlReTDRgLf%2F0nfHULrldqWaaALvLiDakhMhPW51ONcj9C3VWrRBkzbUoe8KAX5d%2Fuv0lpgLPpQY9U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0e9f50ee4d729-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
442 B 410ms
109ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:24:29 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=nX0ayG86WQsWkD6ay6PnhYxpUb6LPx2tUc%2BZzHdpK2hHYXj6%2B1sD%2BNgSX8OxMBWPfmp803KTnF30TmlnLWqN6I%2B%2Fzwu0eJRZYNQICzSR6YY6gOAxDmDVjsGba%2FsudhGttWCH0d7qo608vTU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0e9f51f1fd729-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H2 200 1f44b.svg
s.w.org/images/core/emoji/13.0.1/svg/ 2 KB
987 B 21ms
6ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/13.0.1/svg/1f44b.svg

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

1c8231e24838de4ad2d966d5cb48563a2a6e540a15848d337fa3c466d0730775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 05 Jul 2021 13:24:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 20 Oct 2020 16:13:30 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
440 B 720ms
419ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-53878132-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:24:30 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=VHrIgtCNZqfuaL%2FLGdwf8SOA3FjEBpLM04ipN5k8MjSsplFmzkJXRI0gZpyaSA%2FPc%2BJyzB8tAnuqAzlMOX8XnwtZGw61hPx0HvwVkLmimTpxCMvyIpPVvW9bx5LT6FYrNkIBzdGlISYJYFc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0e9f53f4dd729-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-53878132-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 5909
date: Mon, 05 Jul 2021 11:46:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Mon, 05 Jul 2021 13:46:00 GMT

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
461 B 671ms
370ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDRGX6B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:24:30 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=NSMUqUhSZgkyp%2FK0VWpzbYDBVBxyLKYUqcBeIogU8wd1gaPdCqs2U%2FIquZsDVx54%2BwGQChrmWMv8XJhUWCuwkblQh8ETO1mnM4qcATK2WoRAczD2kOogVeHB61s7WLqVr6lj5rJmqY23nIk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0e9f54f6ad729-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 25ms
8ms Script
application/x-javascript 2a02:26f0:6c00:2b0::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDRGX6B
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b0::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 6e6e6a03e72a528c28884b50bf296425667f38dd0aaf1dd17ce89199ffc85271

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 05 Jul 2021 13:24:29 GMT
Content-Encoding: gzip
Last-Modified: Tue, 15 Jun 2021 01:25:13 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=33807
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2079

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
438 B 416ms
116ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDRGX6B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:24:29 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=nThsJtUAnLBvcQ3FWtKi8bVo%2B47LsJh44NU9cve%2B4xjf1PkZQQ%2FkzRyhQosEuZGwVpDu11jV2b76k2qHw1Yg1qgchvKJSh%2BUB3jRjG9mKVzHw80djzzDZfcqY4ahxTNLBirpmdduUfwzF5k%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0e9f54f70d729-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
439 B 687ms
386ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDRGX6B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:24:30 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=BT1Z8b3v%2B2iwlJATbXHLW12b6ZnKS6A%2FItPYzjbmOTrz4TRfRocjcGeAuJEAxHZfcWUuP%2BMU6cwqYaHSmRqAF%2BYLyv7OO82P5MAj1aq1alSiGW5wxlAsKX2Q5VHfZaXSoIwcfbWCx0q4BX4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0e9f54f76d729-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 37ms
17ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDRGX6B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

92bd24374fb205c765a133d522acb2772693d2ccd486b7855e2447918de296a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14011
x-xss-protection: 0
server: cafe
etag: 1690124483490796579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 05 Jul 2021 13:24:29 GMT

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
435 B 420ms
119ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDRGX6B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:24:29 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=nYv2QMmqs262MUDw3VFoY0ZZsSmjejqVyJQJGv2d3fRWVF64Rm%2F0TARoZLgaZIPbQ4IBqqbdHQxWQAwW2nHGgqol8MZARDO5GDZboKoy1lb1X3FJlvPt0H2cAhee%2BelS1Fqc38P8rwVrpP8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0e9f54f7bd729-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H2 200 hotjar-956284.js Show response
static.hotjar.com/c/ 4 KB
2 KB 36ms
36ms Script
application/javascript 13.225.87.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-956284.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDRGX6B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.87.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-87-62.fra2.r.cloudfront.net

Software

Resource Hash

8022e9b8ff20c746eb0f1c29881c77b72e6a190a9fa7dbef7d3106ee473e60ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:29 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA2-C2
etag: W/f3cd1d15cc826431f6923bdb256d7d96
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
content-length: 1895
via: 1.1 a10d58b5ce965502cc34c5b27682fe23.cloudfront.net (CloudFront)
x-amz-cf-id: 5qb5cSXSdTLCQJAKXYXL00GXvK7zJiaMp-KuKcLdbxK-YEoALIV1Vg==

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
444 B 816ms
516ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDRGX6B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:24:30 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=rgAsMMQZ06AYd0XdHUxbYETxWrynslxh%2BdMy84AHCCihC%2F6APoqDgCQzH6fe%2BXK2mIOHoXBdBKJDbQ65AV%2BF3hpGNtm1Ckqw3ylzmrLqCACgPdlS%2FYNZo%2Fsq%2FLwdnWkxRgEjwBYTN0fRiOQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0e9f54f83d729-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H2 200 bat.js Show response
bat.bing.com/ 30 KB
9 KB 47ms
32ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDRGX6B
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 73e2e5173ed0d5a77b02914fa0ef1f67bb53143da75f0348f558f95565220ca1

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:29 GMT
content-encoding: gzip
last-modified: Fri, 28 May 2021 20:25:24 GMT
x-msedge-ref: Ref A: 02129995AED248329C51F2DCB0A8EBEA Ref B: FRAEDGE1210 Ref C: 2021-07-05T13:24:29Z
etag: "0d2a696ff53d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 9008

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
440 B 672ms
372ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDRGX6B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:24:30 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=fnjMuGJBBHa%2BHbjEl6rFEKL%2FZIH59PyLcN8snUj%2FCfDs2yY4Rr5G9RmVivJUqoqEam33FXsbus51iNfnFtYEBXpviAdnBkCNMkbh%2Fq7NyGwhvFWkT0u5nLtdNEsqLbqja2NmcYrq%2BtAivqs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0e9f55f88d729-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 24ms
6ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDRGX6B
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ce8edccdc98a1f67c6d81ce452ac32192a9fc0c7a2828ea2dc6747c291cb5919

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:29 GMT
via: 1.1 varnish
last-modified: Fri, 02 Jul 2021 22:49:15 GMT
age: 9139
etag: "cf581d46c3059bf617cb7f732c21a59e+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1958
x-timer: S1625491469.369958,VS0,VE0
x-served-by: cache-hhn11551-HHN

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
439 B 700ms
399ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: t.co
URL: https://t.co/oHdkaebuMi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:24:30 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=jqDE6yhPYJMaLigzLPnO4f5i%2FDRUwvV9YOdI%2Fklanf1OCRY9jVYXBVW1YUC5HFes3%2FcftG54ZhgeaNc8G7KwgcBGkY%2BlIYX13CdPdLWaCz5pI4aYB4Fef6B7lxhSGjWnJ4cF7jewd1PRhTA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0e9f55f93d729-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 95 KB
25 KB 19ms
6ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: t.co
URL: https://t.co/oHdkaebuMi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f2a2056b7a1c989899886a9b194e93912b7d11767239e956de73d5c2ea237b32

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 24676
x-xss-protection: 0
pragma: public
x-fb-debug: HCeCGhjSC56jUhaq33ze/wC4SyzRyZJ6gqmabjVyxU8njR1eH+WC7Nw2GzFzpDLSD4gEYHauQLLS++zLA9YWpQ==
x-fb-trip-id: 2050670934
x-frame-options: DENY
date: Mon, 05 Jul 2021 13:24:29 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
438 B 705ms
404ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:24:30 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2BXMHWRsXT3NYcJbL6tVzSRzDkyIhO%2FmIkgl279l4dDSvtamxz6sRL9kcQSNDAaT%2Fl6eI1hSyhCnKRqtbQ0nDjkHs7I0Z7pt9RHZ99PYE5ionyQtLffM%2FYG69ilhLpIcCVd4kOoyvEzhWjr4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0e9f56facd729-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H/1.1 200
OK / Show response
c.6sc.co/ 47 B
374 B 23ms
7ms XHR
text/plain 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-233-140.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f641a694d9ed21d05acc0245f2e17d0d249313485e1cbc53587eec1d129f02ca

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 05 Jul 2021 13:24:29 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.guardicore.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 47

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
435 B 806ms
505ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:24:30 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=hey53RV8TnzFOlQQbTD8rMU1%2B3OX8hudcOd2FDsZ8z1w6jh4TJtQ0x7Iv9iag3kJ9647sD677544BH23j9qU5LhwF38zL7aDUNQkjXdUy0ChIrsH%2Be91GDwBoXEM7rsZ3oDnJtGsHVipbJ4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0e9f56faed729-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 196ms
179ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=0d8c67340d4aad8b32bfb9bcc7aa4ded&svisitor=null&session=ecb8e518-7949-40db-8126-f5c267ae41df&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Mon%2C%2005%20Jul%202021%2013%3A24%3A29%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22Guardicore%20Labs%20reveals%20more%20details%20on%20the%20Indexsinas%20(NSABuffMiner)%20SMB%20worm.%20The%20campaign%20has%20been%20active%20since%20at%20least%202019%20and%20has%20managed%20to%20infect%20servers%20from%20a%20wide%20range%20of%20industries%2C%20including%20healthcare%2C%20hospitality%2C%20telecommunications%20and%20education.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22SMB%20Worm%20%E2%80%9CIndexsinas%E2%80%9D%20Uses%20Lateral%20Movement%20to%20Infect%20Whole%20Networks%20-%20Guardicore%22%7D&cb=&r=https%3A%2F%2Ft.co%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.guardicore.com%2Flabs%2Fsmb-worm-indexsinas%2F&pageViewId=c835c88f-c833-42d4-8c60-b755a02569d3

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 05 Jul 2021 13:24:29 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Fri, 21 Feb 2020 18:57:20 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5e502810-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
438 B 411ms
110ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:24:29 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=9DBlz6uTucKocwJ4C7u2hABnW3hy%2FsxYQnAIZlEeDyL6MQbHJDjyodbX8WPtBLED0QzAx3jXnjw3U%2FbXnbfD%2FdRYeofnL6G2SuKFy6SrpMkQisLCBvHmbIKGMsnFYHajhOFA2kWIsLi8QnY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0e9f57fd5d729-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&a=1205931766&t=pageview&_s=1&dl=https%3A%2F%2Fwww.guardicore.com%2Flabs%2Fsmb-worm-indexsinas%2F&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=SMB%20Worm%20%E2%80%9CIndexsinas%E2%80%9D%20Uses%20Lateral%20Movement%20to%20Infect%20Whole%20Networks%20-%20Guardicore&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1807376336&gjid=577295900&cid=1892901077.1625491469&tid=UA-53878132-1&_gid=1278960002.1625491469&_r=1&gtm=2ou6u0&z=237438113

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 05 Jul 2021 13:24:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.guardicore.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
439 B 424ms
123ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:24:29 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=IzuUzz7PE2ZG5HklvNg9E78vJDfp6GbJ1i4Trk9yLZO3dydyoacmny8NgoQ%2FQ%2BB8cdmQg1Wv3LM5mteyEueQYLaTaic9UmCyTWTAEsv5B169EvIN%2FAB0iIqJHCqRoBmyO1cLt7M%2FMo%2Bmm0s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0e9f58ff0d729-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
90 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-53878132-1&cid=1892901077.1625491469&jid=68089823&gjid=633542635&_gid=1278960002.1625491469&_u=YGDAgUABAAAAAG~&z=958942257

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 05 Jul 2021 13:24:29 GMT
content-type: text/plain
access-control-allow-origin: https://www.guardicore.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
789 B 689ms
388ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:24:30 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=t1cYCiI9h3o8QeZMdk%2B%2FLKmQ%2FtMzz4mt6xasxuiME2nPnSZKlk6Yath3TxuxWjaHHTzF5OKHfpufdswZo7gWu0Iamwm4ihl2nDFF1scn6CVfuc%2BACj2HgffZ5Yg5nvQqORsV9xoVSfrp1TA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0e9f58ffdd729-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j91&a=1205931766&t=pageview&_s=1&dl=https%3A%2F%2Fwww.guardicore.com%2Flabs%2Fsmb-worm-indexsinas%2F&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=SMB%20Worm%20%E2%80%9CIndexsinas%E2%80%9D%20Uses%20Lateral%20Movement%20to%20Infect%20Whole%20Networks%20-%20Guardicore&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAgUABAAAAAC~&jid=68089823&gjid=633542635&cid=1892901077.1625491469&tid=UA-53878132-1&_gid=1278960002.1625491469&gtm=2wg6u0WDRGX6B&z=41981720

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Jul 2021 23:57:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 48420
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
443 B 427ms
127ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:24:29 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Wnd%2Bi8mCdWVwh83F6yXidH6M%2BDZqQ%2Bjvw4laXdUosVx%2FlDiDbnN4S%2BS%2FyDRBB5Adb6EF51SE1mvY9HweVi8qlvmH50Urz54JQkuX%2Bo6aydM9YQquA6ikQOVvyxcflrvtMR8j6IdBvLJ6PnI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0e9f5b839d729-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 30ms
15ms XHR
text/plain 2a00:1450:400c:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-53878132-1&cid=1892901077.1625491469&jid=1807376336&gjid=577295900&_gid=1278960002.1625491469&_u=YEBAAUAAAAAAAC~&z=1068417772

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 05 Jul 2021 13:24:29 GMT
content-type: text/plain
access-control-allow-origin: https://www.guardicore.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
445 B 694ms
392ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:24:30 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=bcFOs4%2BJ%2BOEfL1Kt2MCyEX0s9D1QLNvsYXh1B8zmZC9jPkzzJ%2FfgJSXjtqxscxi%2B5eOOu3N4jHhrJXG%2BJHDp6dVbfd0E%2Fx6I0ZogRJV%2F%2B76kPSUXeWuYU1unXJOygNc06vg0UXobjnq3zzg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0e9f5c857d729-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 30ms
29ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-53878132-1&cid=1892901077.1625491469&jid=68089823&_u=YGDAgUABAAAAAG~&z=486243072

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jul 2021 13:24:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
435 B 700ms
399ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:24:30 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=2mOCQ9nZF7sh%2BtSwzSCGC1ifOUVDLBJTRAYklhME2vpaQcYt0vBaRNQHPHK499qApsUcMx6nhQAAbusuMaJd8zv6vaNzKD%2FCOCWm0UrqfY8N1lpns5GlhQAgkkPlJSakegzmkxMvqWiGV1k%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0e9f5c85ad729-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 30ms
29ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-53878132-1&cid=1892901077.1625491469&jid=68089823&_u=YGDAgUABAAAAAG~&z=486243072

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jul 2021 13:24:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
439 B 412ms
112ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:24:29 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=oeqx8NKVZstsUDmWee9jkzc4tXBF7mn67b50tGfrXI3z9gZEFRVJJ6ZM9eWtGagVyGF%2BR%2Faz4D1ZKekwq7ecG0YpGPz6BlO2noWk4oEsxXulTZ3vfqJi%2BB19Xa%2FEt03V7Bn%2BRnTpimVoeOk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0e9f5c85bd729-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=265698&time=1625491469419&url=https%3A%2F%2Fwww.guardicore.com%2Flabs%2Fsmb-worm-indexsinas%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D265698%26time%3D1625491469419%26url%3Dhttps%253A%252F%252Fwww.guardicore.com%252F...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=265698&time=1625491469419&url=https%3A%2F%2Fwww.guardicore.com%2Flabs%2Fsmb-worm-indexsinas%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=265698&time=1625491469419&url=https%3A%2F%2Fwww.guardicore.com%2Flabs%2Fsmb-worm-indexsinas%2F&liSync=true&e_ipv6=AQIX9d_qB47tZgAAAXp213jipSQaTr5...

0
39 B

384ms
187ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=265698&time=1625491469419&url=https%3A%2F%2Fwww.guardicore.com%2Flabs%2Fsmb-worm-indexsinas%2F&liSync=true&e_ipv6=AQIX9d_qB47tZgAAAXp213jipSQaTr5Pjdk1l_yZtIsKVRddOY8jfM40tmyV6xgMp340RqAA
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:31 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-proto: http/2
x-li-pop: prod-edc2
content-type: application/javascript
content-length: 0
x-li-uuid: heDab+HnjhZg1Mow8CoAAA==

Redirect headers

date: Mon, 05 Jul 2021 13:24:30 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=265698&time=1625491469419&url=https%3A%2F%2Fwww.guardicore.com%2Flabs%2Fsmb-worm-indexsinas%2F&liSync=true&e_ipv6=AQIX9d_qB47tZgAAAXp213jipSQaTr5Pjdk1l_yZtIsKVRddOY8jfM40tmyV6xgMp340RqAA
x-li-proto: http/2
x-li-pop: prod-esv5
content-length: 0
x-li-uuid: ThpbVuHnjhbQlxSm3SoAAA==

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
441 B 740ms
440ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:24:30 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Pt268IQxYuhFQBw1GFW%2FP4cRtu%2BIU465RmPe31C%2BKFZv8hbhOwLftT9X6UrVdz%2BPhvtRhqJCiNz0bS5GKsQCkG0p0gG1zu6eV%2B7MJiqR9BCmKtZPYTtrnwAmvOU0qQA2Xj0E91L27VUg%2BcY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0e9f5e8a4d729-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H3-29 200 260002655494040 Show response
connect.facebook.net/signals/config/ 260 KB
74 KB 62ms
60ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/260002655494040?v=2.9.43&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c87e155f6dd4a48a9c96082e28afe41af493426dcfa72f2bb64a9d48d750e5e5

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: zKEc4Sjwmy3SMuvy4cY3g4kWKFgV+3bEVGwaJvPCY5GfEyI7rz/mUvwpIhRCAHHhgmLzUqA2JaItL81nvVIHvQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 05 Jul 2021 13:24:29 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
789 B 452ms
151ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-956284.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:24:29 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=RjlGsGoSDyw%2BkZBMuTehNvB3jqyKcFB7OlPVpHeMo8wcwAhyjxOc3IfgN7q7ixrxSzkuLJHt6gBR1MP5JmHL6nPEwq4PVrH1gzTIwkT6E5xx10r3OXzVqrpKjR2wABeQG5UDxJ9eN3nzDGw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0e9f5e8a5d729-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H2 200 modules.6707e94afd136d068134.js Show response
script.hotjar.com/ 219 KB
58 KB 8ms
7ms Script
application/javascript 13.224.193.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.6707e94afd136d068134.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-956284.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-38.fra2.r.cloudfront.net

Software

Resource Hash

147bbc69ada02cdca64ad72a0159564a5a2643efa09602f7f014459175d6823e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 12:26:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3504
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 59137
access-control-allow-origin: *
last-modified: Mon, 05 Jul 2021 12:25:45 GMT
etag: "bbcd672a21d2eac288769d4e100c556a"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 8buKran1rgS2N8PcdlrDFt8UYhXGZB-ChT-Rk-nqeNcSnnhYqJkH7A==

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
439 B 760ms
460ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:24:30 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=1oe2%2FVilX0jhkh7M3C11rYX0O1YdMAm%2FFkHFCHIwoUovITtN84BeSU7HXIKRs%2F419mMax46tn%2BiiKTVAHsNBVnBNLU%2BmRM1CFdwqnPqbYhHdtj7PrZi52BuDP17Kq4DDjDoz78NWS1rSPds%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0e9f5e8a6d729-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/814034752/ 2 KB
1 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/814034752/?random=1625491469430&cv=9&fst=1625491469430&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6u0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.guardicore.com%2Flabs%2Fsmb-worm-indexsinas%2F&ref=https%3A%2F%2Ft.co%2F&tiba=SMB%20Worm%20%E2%80%9CIndexsinas%E2%80%9D%20Uses%20Lateral%20Movement%20to%20Infect%20Whole%20Networks%20-%20Guardicore&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d351cb9b4cba836f7ab1512f309a479009964a4c5a56a0a5ae2695bb7b76ca6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jul 2021 13:24:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1087
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
442 B 709ms
409ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:24:30 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=2rgvryX9hPoo%2BL%2FXUUQ%2Bf6CRR4FCm%2BRZx4Ti1CF2xk7K4bEhLKkQmaCfmGlXSMVbwnBf0Syjoo6c2uskVXwkICn775EtmUeBnuO%2F3EQB656cZj7v%2FgOA7Gc5nf4ff6H7mqkKoXbaTUDLOS8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0e9f5e8a8d729-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H2 200 adsct
t.co/i/ 43 B
360 B 110ms
110ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.0&p_id=Twitter&p_user_id=0&txn_id=o0jty&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fwww.guardicore.com%2Flabs%2Fsmb-worm-indexsinas%2F

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Mon, 05 Jul 2021 13:24:29 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 316300f2c085cc5d29a9bda369cbcd20ed4f766085aa3f8bc45f557a3bef7183
x-transaction: acdff58d47e76cfd
expires: Tue, 31 Mar 1981 05:00:00 GMT

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
439 B 709ms
408ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:24:30 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=0ZPbBbT3Jf2O%2F6mC3ly8fQPdeauh%2F7%2Fo6jePcZJAaAeLOBe9DCFJMsOXNoiE5MzBKRN5RQPPzwaEttPlz4sS2fD3OmYz7aBPzUG8pIn9hPsFvpLKUO%2BOt%2BY3UkAYrzexh8wOnaAQEU4ScAQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0e9f5f8bbd729-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H2 204 25022092.js Show response
bat.bing.com/p/action/ 0
126 B 31ms
31ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/25022092.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ARR/3.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 05 Jul 2021 13:24:29 GMT
cache-control: private,max-age=86400
x-msedge-ref: Ref A: 2E97B125900342E293903FDD91FF25E2 Ref B: FRAEDGE1210 Ref C: 2021-07-05T13:24:29Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
463 B 690ms
390ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:24:30 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Darha5dS%2FEex5%2BV33r07hwLOQXCAifyjb%2Birn3eY6VA0rS%2BJLr1mMOr%2FdCRJ3t0TPZ30XmSvzJ5ZAZ63fweE4GA7w7FyVr52PChY1X9pcPYuTwtNyvloxVm0z3SGqM3qu6%2BHiY3t2G8FJig%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0e9f5f8c9d729-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H2 204 0
bat.bing.com/action/ 0
150 B 31ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=25022092&tm=gtm001&Ver=2&mid=8afb1ae6-a404-4693-b8a7-ca55501e17a4&sid=53b9eb40dd9411eb83c18dc46dd8be7f&vid=53ba0900dd9411eb8fc98de70c856af7&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=SMB%20Worm%20%E2%80%9CIndexsinas%E2%80%9D%20Uses%20Lateral%20Movement%20to%20Infect%20Whole%20Networks%20-%20Guardicore&p=https%3A%2F%2Fwww.guardicore.com%2Flabs%2Fsmb-worm-indexsinas%2F&r=https%3A%2F%2Ft.co%2F&lt=1874&evt=pageLoad&msclkid=N&sv=1&rn=329117
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 05 Jul 2021 13:24:29 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 9DBABB06F6B34E6CADEB95E3E2353566 Ref B: FRAEDGE1210 Ref C: 2021-07-05T13:24:29Z
x-cache: CONFIG_NOCACHE
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
436 B 410ms
110ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:24:29 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=HjzGofvDkGpYz4AdQWSyWH5Yk1p3ZMkxJ9nH2pRxX0V0EFInbayuriGorROImY%2Bb1xm3k5jXBjgjRA6hejIWEfwpoGVGCBCOPUoxSNRIRK4vpPTU88N4tEd9NtPijpjATorEeBS19D9VcZM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0e9f608d8d729-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 37ms
35ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-53878132-1&cid=1892901077.1625491469&jid=1807376336&_u=YEBAAUAAAAAAAC~&z=1411971987

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jul 2021 13:24:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
793 B 716ms
415ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:24:30 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=EJXxMNTkTw6KGXtpdHkZDHB00jOVm%2BO6rHjUXF49ZwVhthXVjW1pJTY13yPv9B90yO3IOxC6a7vXuOX%2F27VsYw90%2BxaX1zNEnQRhpKD29Bvh6CvpGFklxtkpz62MtIqHvmPkwQaiTYDDhvo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0e9f608d9d729-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 51ms
49ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-53878132-1&cid=1892901077.1625491469&jid=1807376336&_u=YEBAAUAAAAAAAC~&z=1411971987

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jul 2021 13:24:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-25a418976ea02a6f393fbbe77cec94bb.html Show response
vars.hotjar.com/ Frame 84B1 2 KB
1 KB 7ms
7ms Document
text/html 13.224.193.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-956284.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-12.fra2.r.cloudfront.net
Software: /
Resource Hash: 7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-25a418976ea02a6f393fbbe77cec94bb.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.guardicore.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.guardicore.com/

Response headers

content-type: text/html
content-length: 1044
date: Sun, 04 Jul 2021 20:03:42 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "76922233be8bdb14c053af468d29404a"
last-modified: Mon, 28 Jun 2021 11:17:19 GMT
x-amz-server-side-encryption: AES256
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 34f50889bc574f1edeb41dd758962a5b.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: kxeKvVKtnrtu8SgoQXiNTkP8Sowmt1E2AnjiEE-4Y0ARPLANw1CU3g==
age: 62446

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
440 B 686ms
386ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:24:30 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=2RSpbh92Qm6boLn%2BMzU%2FD3E2LXs9u0aYNL22k9w3d5JyLJFk9VuRyXRm0YfYq5hspBlkex%2F41Oshe5AKBjaXHYqQpSDIXCF7PVpNBZ6N1SfibWmDaI8j0C4MxrITJyjrU%2FTyHa%2B6qWJM5Fg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0e9f64962d729-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
460 B 701ms
400ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:24:30 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2FgcL9mAyC0%2B3VwROBcKFnEZ6iEu%2F9e5vMxvhi1PIq0PZHVqn7upqrySMVYUkikMkeHvSCjgoFELGm2v9XBf274VyrIlfVZMMQhskiD1hFzLceIvXJcyKhe8pAI0LnA5uY9hV5gLucrM3BHI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0e9f6596cd729-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/814034752/ 42 B
64 B 23ms
23ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/814034752/?random=1625491469430&cv=9&fst=1625490000000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6u0&sendb=1&frm=0&url=https%3A%2F%2Fwww.guardicore.com%2Flabs%2Fsmb-worm-indexsinas%2F&ref=https%3A%2F%2Ft.co%2F&tiba=SMB%20Worm%20%E2%80%9CIndexsinas%E2%80%9D%20Uses%20Lateral%20Movement%20to%20Infect%20Whole%20Networks%20-%20Guardicore&async=1&fmt=3&is_vtc=1&random=3701154295&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jul 2021 13:24:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
466 B 411ms
110ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:24:29 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=w8szfqPS6%2FsEOgD0TFuUgALNzDJY5wKGIbXXYW0%2BRmgEBGWbbH%2FUjAelMdCcC8bcFCq%2B6D4xaFuHv%2Fet9XXyBjdzdbhqhNXOX03TQqk5f1NWxGGV7UXvo6ylMldYQVTCMLrLCNp2qQq28BY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0e9f65970d729-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/814034752/ 42 B
64 B 22ms
21ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/814034752/?random=1625491469430&cv=9&fst=1625490000000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6u0&sendb=1&frm=0&url=https%3A%2F%2Fwww.guardicore.com%2Flabs%2Fsmb-worm-indexsinas%2F&ref=https%3A%2F%2Ft.co%2F&tiba=SMB%20Worm%20%E2%80%9CIndexsinas%E2%80%9D%20Uses%20Lateral%20Movement%20to%20Infect%20Whole%20Networks%20-%20Guardicore&async=1&fmt=3&is_vtc=1&random=3701154295&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jul 2021 13:24:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
446 B 696ms
396ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:24:30 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=W0Lv%2F1kiYg3EhHjlzT8JpHmzXP0zGb%2Fo7PRd2tDVKLXNhf%2Bb%2FsZMa7VqQXsdW3RM11%2BRZORd7Ey1UL8OP6%2Bgv%2FDhM5vow%2BpuFgJhXCe2TaAMG3khpIaJomR79rRtZl5%2B1TvkJpIyODTvTRg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0e9f6799fd729-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 22ms
6ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=260002655494040&ev=PageView&dl=https%3A%2F%2Fwww.guardicore.com%2Flabs%2Fsmb-worm-indexsinas%2F&rl=https%3A%2F%2Ft.co%2F&if=false&ts=1625491469525&sw=1600&sh=1200&v=2.9.43&r=stable&ec=0&o=30&fbp=fb.1.1625491469524.536784650&it=1625491469426&coo=false&rqm=GET

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:29 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 05 Jul 2021 13:24:29 GMT

GET
H2 200 fonts_42240151fc53b9614c20ac9df402a866.css
whimsical.com/s/css/ Frame 67B9 2 KB
1022 B 14ms
13ms Stylesheet
text/css 13.225.87.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://whimsical.com/s/css/fonts_42240151fc53b9614c20ac9df402a866.css
Requested by: Host: whimsical.com
URL: https://whimsical.com/embed/JB41vmcC4ixUuR5dsrXKpe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-2.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 916ab7aaacbc74895f204db9d9566e94a3cae718e01df6c3d8cc1e4c7e41426d

Request headers

Referer: https://whimsical.com/embed/JB41vmcC4ixUuR5dsrXKpe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: N1bQGZNH6pZHznuIyXc2xlNg8bUzVljJ
content-encoding: gzip
etag: W/"42240151fc53b9614c20ac9df402a866"
age: 5046
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Thu, 01 Jul 2021 11:02:04 GMT
server: AmazonS3
date: Mon, 05 Jul 2021 12:01:18 GMT
access-control-max-age: 604800
access-control-allow-methods: GET
content-type: text/css
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: SMPOiK_jjg9ojbY89N45X2Ac4M09Whis3LRz5OeCYoFHRe-36RnOhQ==

GET
H2 200 app_04d6ee80ec7ebdc8f7e2a0f54f22db71.css
whimsical.com/s/css/ Frame 67B9 11 KB
3 KB 13ms
12ms Stylesheet
text/css 13.225.87.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://whimsical.com/s/css/app_04d6ee80ec7ebdc8f7e2a0f54f22db71.css
Requested by: Host: whimsical.com
URL: https://whimsical.com/embed/JB41vmcC4ixUuR5dsrXKpe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-2.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fdab6db4a2db88cc9799961049391621ff500a38e34763b8f7369062b5e48cbf

Request headers

Referer: https://whimsical.com/embed/JB41vmcC4ixUuR5dsrXKpe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: YZg2RLbGWOAHvYBUKYRFPD08rYcSnYga
content-encoding: gzip
etag: W/"04d6ee80ec7ebdc8f7e2a0f54f22db71"
age: 1131
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Fri, 02 Jul 2021 06:49:48 GMT
server: AmazonS3
date: Mon, 05 Jul 2021 13:06:16 GMT
access-control-max-age: 604800
access-control-allow-methods: GET
content-type: text/css
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: Xqw0-3COQZfiNiDyLLjQ0uKcjF_6WaU8MhbD0elVVfvG4d6PpRmP7Q==

GET
H2 200 shared_e3b634035309281f753f699e0720c655.js Show response
whimsical.com/s/app/ Frame 67B9 239 KB
46 KB 13ms
13ms Script
application/javascript 13.225.87.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://whimsical.com/s/app/shared_e3b634035309281f753f699e0720c655.js
Requested by: Host: whimsical.com
URL: https://whimsical.com/embed/JB41vmcC4ixUuR5dsrXKpe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-2.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ab93e62292fdfe62091f56da4dc29d0be525f23d098219d92d164bcd41b426ac

Request headers

Referer: https://whimsical.com/embed/JB41vmcC4ixUuR5dsrXKpe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 05:01:34 GMT
content-encoding: gzip
age: 30176
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 604800
access-control-allow-origin: *
last-modified: Mon, 05 Jul 2021 04:36:33 GMT
server: AmazonS3
etag: W/"e3b634035309281f753f699e0720c655"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-version-id: v6W5x7ztrSkcjL5kjvdoAZADdFsS4IgE
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: Az6yYL71C0ik7LFUBrvpfedS7ojU-oKNZdGiTAN6exkIuG1h9Q6J8g==

GET
H2 200 main_cb23d744d201f95cb03966eac47f4bdb.js Show response
whimsical.com/s/app/ Frame 67B9 6 MB
2 MB 16ms
16ms Script
application/javascript 13.225.87.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://whimsical.com/s/app/main_cb23d744d201f95cb03966eac47f4bdb.js
Requested by: Host: whimsical.com
URL: https://whimsical.com/embed/JB41vmcC4ixUuR5dsrXKpe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-2.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fb2f94d7ac787b539fe4f82203f813ff614d7434cca5c2ccb5fa12ae01aa1174

Request headers

Referer: https://whimsical.com/embed/JB41vmcC4ixUuR5dsrXKpe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 05:01:34 GMT
content-encoding: gzip
age: 30176
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 604800
access-control-allow-origin: *
last-modified: Mon, 05 Jul 2021 04:36:31 GMT
server: AmazonS3
etag: W/"cb23d744d201f95cb03966eac47f4bdb"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-version-id: 9jTfsJWcC_nwIMWCc.6L2nZU_8Motrs9
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: H_-H2PUNYAHkKH_eLCCYi32WcMfeYS5nTGlAhh01tyCBEowtbhLF-w==

GET
H2 200 rollbar.min.js Show response
cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/ Frame 67B9 69 KB
19 KB 15ms
14ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js

Requested by

Host: whimsical.com
URL: https://whimsical.com/embed/JB41vmcC4ixUuR5dsrXKpe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b140f87ff144db782e0cddbdd64decbaa35b5c7c890f1e45b05fe2d8478b42e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://whimsical.com
Referer: https://whimsical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1525751
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 18862
cf-request-id: 0abd7f6d4d0000c2c719908000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fc1-112f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=PSFv10w04acJGPQpa3sz0%2Fq47DVtwoiy8IR74TGw5GO73eW3a1I4Xj4TlGzuF9%2FxDbxEwQi9IeHP2cuvbYds7LY66ZAO0otMn456SkjsC1LdCEXiStIvzCMULtTBo8oo3jAfv7axi%2FxG6TILpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 66a0e9f5efa92c01-FRA
expires: Sat, 25 Jun 2022 13:24:29 GMT

GET
H2 200 mtiFontTrackingCode.js Show response
whimsical.com/fonts/ Frame 67B9 650 B
1 KB 33ms
33ms Script
application/javascript 13.225.87.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://whimsical.com/fonts/mtiFontTrackingCode.js
Requested by: Host: whimsical.com
URL: https://whimsical.com/embed/JB41vmcC4ixUuR5dsrXKpe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-2.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5c3c9df8b8f0a80f863c53dec5cbca7dedbdcc7697c6c6359520950774653960

Request headers

Referer: https://whimsical.com/embed/JB41vmcC4ixUuR5dsrXKpe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: XQUQKFTtWWII7qHAS9rDijPfk2Juq6Vx
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
etag: "32dd789522cc6923c80141fcf5d3a614"
age: 79913
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 650
last-modified: Fri, 02 Jul 2021 06:49:44 GMT
server: AmazonS3
date: Sun, 04 Jul 2021 15:12:37 GMT
access-control-max-age: 604800
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: A1vk9q_HMpm7qaXkmCQrEZlW-mbsvNaPG1Y0kFJliqnsFJV9tOuzUA==

GET
H2 200 1.css
fast.fonts.net/t/ Frame 67B9 0
408 B 57ms
34ms Stylesheet
text/css 2606:4700::6811:e14e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.fonts.net/t/1.css?apiType=css&projectid=7723b9c5-0291-47fe-9ba4-95bad24e01b3
Requested by: Host: t.co
URL: https://t.co/oHdkaebuMi
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:e14e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://whimsical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:29 GMT
cf-cache-status: HIT
age: 170446
cf-ray: 66a0e9f64f712b65-FRA
content-length: 0
x-amz-id-2: IP15hFP3nTtX0y23aXg6uIKxMvIWP1YCNo5oKk3WvRAGgAvkZKibDBsM2c+WJk2LX6KfO1fu2ZU=
last-modified: Tue, 23 Mar 2021 12:59:23 GMT
server: cloudflare
etag: "d41d8cd98f00b204e9800998ecf8427e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 8YX3PTQ1ZEANNXM1
cache-control: public, max-age=0, s-maxage=604800
accept-ranges: bytes
content-type: text/css; charset=utf-8
x-amz-meta-mtime: 1519217722

GET
H/1.1 200
OK form.css
go.guardicore.com/css/ Frame 81F3 31 KB
8 KB 98ms
97ms Stylesheet
text/css 35.174.150.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go.guardicore.com/css/form.css?ver=2020-10-19
Requested by: Host: go.guardicore.com
URL: https://go.guardicore.com/l/503441/2019-11-13/29ntk8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.174.150.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pi0-lba1-3-ue1.aws.pardot.com
Software: PardotServer /
Resource Hash: 338de273f529e717971d06587c95a880c0c4240b0cd24e79e14ac07a9522cd1d

Request headers

Referer: https://go.guardicore.com/l/503441/2019-11-13/29ntk8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 05 Jul 2021 13:24:29 GMT
Content-Encoding: gzip
X-Pardot-Route: cb482e8713caadba289bc279c1db8a1d
X-Pardot-LB: a083ac6fc1531fb089982e922db67d20
Last-Modified: Thu, 01 Jul 2021 05:18:57 GMT
Server: PardotServer
ETag: "7bd2-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: max-age=63072000
Accept-Ranges: bytes
Content-Length: 7657
Expires: Wed, 05 Jul 2023 13:24:29 GMT

GET
H/1.1 200
OK piUtils.js Show response
go.guardicore.com/js/ Frame 81F3 341 KB
99 KB 203ms
104ms Script
application/javascript 35.174.150.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go.guardicore.com/js/piUtils.js?ver=2020-10-19
Requested by: Host: go.guardicore.com
URL: https://go.guardicore.com/l/503441/2019-11-13/29ntk8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.174.150.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pi0-lba1-3-ue1.aws.pardot.com
Software: PardotServer /
Resource Hash: 744d368a676dabf6be331840fdf74176a9ad7a784bf3920e3f640c9ed89fc43c

Request headers

Referer: https://go.guardicore.com/l/503441/2019-11-13/29ntk8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 05 Jul 2021 13:24:30 GMT
Content-Encoding: gzip
X-Pardot-Route: cb482e8713caadba289bc279c1db8a1d
X-Pardot-LB: a083ac6fc1531fb089982e922db67d20
Last-Modified: Thu, 01 Jul 2021 05:18:57 GMT
Server: PardotServer
ETag: "55586-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Cache-Control: max-age=63072000
Transfer-Encoding: chunked
Accept-Ranges: bytes
Expires: Wed, 05 Jul 2023 13:24:30 GMT

GET
H2 200 gaconnector.js Show response
track.gaconnector.com/ Frame 81F3 8 KB
3 KB 313ms
98ms Script
text/plain 34.197.34.29
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track.gaconnector.com/gaconnector.js
Requested by: Host: go.guardicore.com
URL: https://go.guardicore.com/l/503441/2019-11-13/29ntk8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.197.34.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 056cf1ad4d84c1438bd0efea62a6a10a21acab4f1adae279e87bd401ba83cd99

Request headers

Referer: https://go.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:30 GMT
access-control-request-method: *
server: nginx/1.18.0
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: gzip
access-control-allow-headers: *
content-length: 3080
expires: Mon, 05 Jul 2021 14:24:30 GMT

GET
H3-29 200 gtm.js Show response
www.googletagmanager.com/ Frame 81F3 219 KB
61 KB 30ms
29ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WDRGX6B

Requested by

Host: go.guardicore.com
URL: https://go.guardicore.com/l/503441/2019-11-13/29ntk8

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fb61a62c56ef2a0d94bfa23bee794c03e807a36b0bd32b09deb5f35b80269eac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://go.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:30 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61999
x-xss-protection: 0
last-modified: Mon, 05 Jul 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 05 Jul 2021 13:24:30 GMT

GET
H2 200 / Show response
beacon-v2.helpscout.net/ Frame 67B9 293 B
619 B 25ms
8ms Script
application/javascript 13.224.193.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon-v2.helpscout.net/
Requested by: Host: whimsical.com
URL: https://whimsical.com/embed/JB41vmcC4ixUuR5dsrXKpe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-49.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a69c0037019e6c8cec8652c2988389ce96a23dc737425822309d7e8eb9a17341

Request headers

Referer: https://whimsical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:23:04 GMT
content-encoding: gzip
last-modified: Tue, 29 Jun 2021 20:26:10 GMT
server: AmazonS3
age: 88
etag: "359d6434e62dc2be7a0d71d24c145b14"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1ac3fd533bf6be1b511077f8b8e23bfd.cloudfront.net (CloudFront)
cache-control: max-age=120, s-maxage=120, public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 244
x-amz-cf-id: qdvcmqvswR9vYZOtRPx9UHyRwgl_FMPgNIytosf2OYtY3HanbaJAUA==

GET
H2 200 094b15e3-94bd-435b-a595-d40edfde661a.woff2
whimsical.com/fonts/ Frame 67B9 69 KB
69 KB 11ms
10ms Font
font/woff2 13.225.87.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://whimsical.com/fonts/094b15e3-94bd-435b-a595-d40edfde661a.woff2
Requested by: Host: whimsical.com
URL: https://whimsical.com/s/css/fonts_42240151fc53b9614c20ac9df402a866.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-2.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6f497512d1947b96e7f727d8bc1f357add3d996085532b6b809fd1f46a5926fb

Request headers

Origin: https://whimsical.com
Referer: https://whimsical.com/s/css/fonts_42240151fc53b9614c20ac9df402a866.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 4a1YTXik4knC2kaJQiZ.o5c6N4V79jqC
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
etag: "94db95e9999925ba9473c77342875ced"
age: 1131
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 70444
last-modified: Fri, 02 Jul 2021 06:49:44 GMT
server: AmazonS3
date: Mon, 05 Jul 2021 13:06:18 GMT
access-control-max-age: 604800
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: QAxpwA1bgxyCm8OLzEu2ZUoREsTC_sM0HEEjvux2cklMEQbvIVS7fw==

GET
H2 200 46251881-ffe9-4bfb-99c7-d6ce3bebaf3e.woff2
whimsical.com/fonts/ Frame 67B9 58 KB
59 KB 12ms
10ms Font
font/woff2 13.225.87.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://whimsical.com/fonts/46251881-ffe9-4bfb-99c7-d6ce3bebaf3e.woff2
Requested by: Host: whimsical.com
URL: https://whimsical.com/s/css/fonts_42240151fc53b9614c20ac9df402a866.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-2.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cb141079dc8a7d193c67b7cbc71e283ecded63f65db850b61f8652341a92c77e

Request headers

Origin: https://whimsical.com
Referer: https://whimsical.com/s/css/fonts_42240151fc53b9614c20ac9df402a866.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: CX9fGU.5Ym6OT3fKpMDsGXNdpekcOMPY
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
etag: "78c41677940560c5b54869ecfe829ad7"
age: 29570
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 59612
last-modified: Wed, 30 Jun 2021 02:36:50 GMT
server: AmazonS3
date: Mon, 05 Jul 2021 05:12:50 GMT
access-control-max-age: 604800
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: HjYBQzSD5vO3FDDCAeliI1SXZk4Uy533Y0OK9fu4wpESBgQtMItjIw==

GET
H2 200 7b29ae40-30ff-4f99-a2b9-cde88669fa2f.woff2
whimsical.com/fonts/ Frame 67B9 68 KB
69 KB 15ms
12ms Font
font/woff2 13.225.87.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://whimsical.com/fonts/7b29ae40-30ff-4f99-a2b9-cde88669fa2f.woff2
Requested by: Host: whimsical.com
URL: https://whimsical.com/s/css/fonts_42240151fc53b9614c20ac9df402a866.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-2.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 37533822750ebd172bd73e5d8df4e9bd685d75b770d0af06f03e1bbbe9b3ae5c

Request headers

Origin: https://whimsical.com
Referer: https://whimsical.com/s/css/fonts_42240151fc53b9614c20ac9df402a866.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: FmZiBTVxB5mtRJM6CeuQt4cdLUWpCyGY
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
etag: "b4065770cb88ed7159c8192fb1efdc94"
age: 69730
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 70064
last-modified: Fri, 02 Jul 2021 06:49:44 GMT
server: AmazonS3
date: Sun, 04 Jul 2021 18:02:20 GMT
access-control-max-age: 604800
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: SShMjLhqu6jbtuC64MiNMaWhgXeSyPkmHHC4kUJpLAx3tAUbk16Uyw==

GET
H2 200 c7717981-647d-4b76-8817-33062e42d11f.woff2
whimsical.com/fonts/ Frame 67B9 31 KB
31 KB 15ms
13ms Font
font/woff2 13.225.87.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://whimsical.com/fonts/c7717981-647d-4b76-8817-33062e42d11f.woff2
Requested by: Host: whimsical.com
URL: https://whimsical.com/s/css/fonts_42240151fc53b9614c20ac9df402a866.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-2.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d5c3c62c85d8821b972073ed49d7ede0cfac1a7d45d10781c23dae935ae69f49

Request headers

Origin: https://whimsical.com
Referer: https://whimsical.com/s/css/fonts_42240151fc53b9614c20ac9df402a866.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 8X9SpkIHUjgl7DDNq6d8G9T33zv9MZdH
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
etag: "016291d031ed34462ba50ac8e19fd759"
age: 25260
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 31652
last-modified: Fri, 02 Jul 2021 06:49:44 GMT
server: AmazonS3
date: Mon, 05 Jul 2021 06:25:29 GMT
access-control-max-age: 604800
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: zLsAJO0a1P1uMz-l1_g8iskEp0wxxv95QtoLhlcOB5HDGo_kfuSimA==

GET
H2 200 31704504-4671-47a6-a61e-397f07410d91.woff2
whimsical.com/fonts/ Frame 67B9 58 KB
59 KB 16ms
14ms Font
font/woff2 13.225.87.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://whimsical.com/fonts/31704504-4671-47a6-a61e-397f07410d91.woff2
Requested by: Host: whimsical.com
URL: https://whimsical.com/s/css/fonts_42240151fc53b9614c20ac9df402a866.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-2.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee63601efc0a127a6eadcd9062a0e1622fcb1c705ab8b6499519148f8474fc39

Request headers

Origin: https://whimsical.com
Referer: https://whimsical.com/s/css/fonts_42240151fc53b9614c20ac9df402a866.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: C3N_HkXUf.svRO0NZrH1DB4TnfcVT7ZA
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
etag: "71d1cd74ac15e3df21589055cfb04989"
age: 28847
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 59636
last-modified: Wed, 30 Jun 2021 19:15:28 GMT
server: AmazonS3
date: Mon, 05 Jul 2021 05:29:05 GMT
access-control-max-age: 604800
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: poqK89bX7PwGWZmkV2JvcilnpgVMDxvd_IzEawrs6gjnDW_ZVt8l1Q==

GET
H2 200 4132c4c8-680c-4d6d-9251-a2da38503bbd.woff2
whimsical.com/fonts/ Frame 67B9 59 KB
60 KB 17ms
15ms Font
font/woff2 13.225.87.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://whimsical.com/fonts/4132c4c8-680c-4d6d-9251-a2da38503bbd.woff2
Requested by: Host: whimsical.com
URL: https://whimsical.com/s/css/fonts_42240151fc53b9614c20ac9df402a866.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-2.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0be0dff23b790d714b6b7cc266fb5130a6260930ce52cfbc3e5b8f1c6cb45a5a

Request headers

Origin: https://whimsical.com
Referer: https://whimsical.com/s/css/fonts_42240151fc53b9614c20ac9df402a866.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 4LJO0vB1v4x50wQ77rRydRgAdEdR8qRH
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
etag: "60ea8a138399e0f18bf9833c8ec5daaa"
age: 79328
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 60716
last-modified: Fri, 02 Jul 2021 06:49:44 GMT
server: AmazonS3
date: Sun, 04 Jul 2021 15:22:23 GMT
access-control-max-age: 604800
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: 1-XBD_hMhH-2MZyCCWNJkdxnkYuEibI6dEjB25KoTMgmfiKsDwR6Qg==

GET
H2 200 PFDINMonoPro-Regular.woff
whimsical.com/fonts/ Frame 67B9 48 KB
49 KB 16ms
14ms Font
font/woff 13.225.87.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://whimsical.com/fonts/PFDINMonoPro-Regular.woff
Requested by: Host: whimsical.com
URL: https://whimsical.com/s/css/fonts_42240151fc53b9614c20ac9df402a866.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-2.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4309fe7b036687b04b69f76218298f708159f674dad07c0581099035f5ca8050

Request headers

Origin: https://whimsical.com
Referer: https://whimsical.com/s/css/fonts_42240151fc53b9614c20ac9df402a866.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: XuBFzYvPlykGzHR3ArK6Mvm_ZRLtrjlm
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
etag: "0cbfde128d47301077b804f8dece57fc"
age: 79328
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 49212
last-modified: Fri, 02 Jul 2021 06:49:44 GMT
server: AmazonS3
date: Sun, 04 Jul 2021 15:22:23 GMT
access-control-max-age: 604800
access-control-allow-methods: GET
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: xYfNGOAmEXsdIABREWC2sZxFbxH65rvt3H4ftUDiGVgTC-yGgYxOAA==

GET
H2 200 PFDINMonoPro-Italic.woff
whimsical.com/fonts/ Frame 67B9 54 KB
54 KB 17ms
16ms Font
font/woff 13.225.87.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://whimsical.com/fonts/PFDINMonoPro-Italic.woff
Requested by: Host: whimsical.com
URL: https://whimsical.com/s/css/fonts_42240151fc53b9614c20ac9df402a866.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-2.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dc0b32d7b2d078ebd0390050a25e4a9bcf32f1af1f2f6fa1555170c28d07fb84

Request headers

Origin: https://whimsical.com
Referer: https://whimsical.com/s/css/fonts_42240151fc53b9614c20ac9df402a866.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 04 Jul 2021 16:05:55 GMT
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
age: 76716
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 54868
last-modified: Fri, 02 Jul 2021 06:49:44 GMT
server: AmazonS3
etag: "5f7c1c4b1d13ddafbaaf93b62fce6a50"
access-control-max-age: 604800
access-control-allow-methods: GET
x-amz-version-id: Z2HIH6NY8Kkfun_FojqgiEJqldehpf3d
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: font/woff
x-amz-cf-id: Tv6kkf1hHrIvB4jWU6E7TFpHCxaiPfkpPZ7i8CBLiubw_hhQFJK1Bg==

GET
H2 200 PFDINMonoPro-Bold.woff
whimsical.com/fonts/ Frame 67B9 48 KB
49 KB 18ms
17ms Font
font/woff 13.225.87.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://whimsical.com/fonts/PFDINMonoPro-Bold.woff
Requested by: Host: whimsical.com
URL: https://whimsical.com/s/css/fonts_42240151fc53b9614c20ac9df402a866.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-2.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c9583ce91f61e5d79c64e30b548bf546eb76a2b9f04a4f21831d8033dc275acc

Request headers

Origin: https://whimsical.com
Referer: https://whimsical.com/s/css/fonts_42240151fc53b9614c20ac9df402a866.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 04 Jul 2021 16:38:14 GMT
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
age: 74777
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 49316
last-modified: Fri, 02 Jul 2021 06:49:44 GMT
server: AmazonS3
etag: "9674197973ef6c189b598eaa9b47a407"
access-control-max-age: 604800
access-control-allow-methods: GET
x-amz-version-id: hAa0oQfwJnT5N6PTtLq3HdOVkb_jZgvm
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: font/woff
x-amz-cf-id: dYZc0II85oxkUdMmfJE5SLVOHpS8WvVrFfTYdRltKT7eX1Hlj3spUA==

GET
H2 200 PFDINMonoPro-BoldItalic.woff
whimsical.com/fonts/ Frame 67B9 54 KB
54 KB 19ms
18ms Font
font/woff 13.225.87.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://whimsical.com/fonts/PFDINMonoPro-BoldItalic.woff
Requested by: Host: whimsical.com
URL: https://whimsical.com/s/css/fonts_42240151fc53b9614c20ac9df402a866.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-2.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: baa8cb02e0fce843c48ebfb75a646e4f84364e54a62fc308f1d112d98896e32b

Request headers

Origin: https://whimsical.com
Referer: https://whimsical.com/s/css/fonts_42240151fc53b9614c20ac9df402a866.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: xbyeX8Q9zX6RGnmAoYCP0geQ.rrtfoAw
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
etag: "0e8dd5af3698c424e6cb9eb34ea7c091"
age: 28847
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 55264
last-modified: Wed, 30 Jun 2021 19:15:28 GMT
server: AmazonS3
date: Mon, 05 Jul 2021 05:29:06 GMT
access-control-max-age: 604800
access-control-allow-methods: GET
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: eudBYps7x4brwpFnRhRMwPmGiGsrLb-Cv-H4fPJmoXT0hZIqdCe9QA==

GET
H2 200 open-in-whimsical@2x_688af10572d02d60782fc501718f1d22.png
whimsical.com/s/images/ Frame 67B9 6 KB
6 KB 9ms
8ms Image
image/png 13.225.87.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://whimsical.com/s/images/open-in-whimsical@2x_688af10572d02d60782fc501718f1d22.png
Requested by: Host: whimsical.com
URL: https://whimsical.com/embed/JB41vmcC4ixUuR5dsrXKpe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-2.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 92c8a3c1c84ff1c97503a7a63b3ff3a6d44af33b9d55f8cd278ee3dfe40e0565

Request headers

Referer: https://whimsical.com/embed/JB41vmcC4ixUuR5dsrXKpe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 5t_k6k5lQpsgE_IOcXMC3ythPU.I.T2B
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
etag: "688af10572d02d60782fc501718f1d22"
age: 61126
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 5728
last-modified: Fri, 02 Jul 2021 06:49:54 GMT
server: AmazonS3
date: Sun, 04 Jul 2021 20:25:44 GMT
access-control-max-age: 604800
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: yoRGpobO3Pg-2Z9x0Yubenz737I4u9w-Sje-l3FxgIg6BBgboqVeeA==

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
445 B 454ms
153ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:24:30 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=S3X%2FDvnF77VLRzmZYDbEj9QvZJ0w1H4M%2FFTN7tD%2BMzZeuNq8xZW2NOSpb%2FBwOfFYXGvbLY%2BfwSh%2FwxTU8UFfx7ygP6rQYUFONMNf80axm9t6P3sZHJjDL0GwLzI72VxZbssnqIXglKKTsgs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0e9fc7ff9d729-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 13ms
6ms Ping
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary8yT33UUhezHXXMBE

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Mon, 05 Jul 2021 13:24:30 GMT
content-type: text/plain
access-control-allow-origin: https://www.guardicore.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
438 B 437ms
137ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:24:30 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=n298RP3m7ocUUvg3a4bI3Lw5D8D2oQYV32Xl2zSQSHFketSaBoQEv6fibR0Ysv%2FgWxLtsvyJ4KK%2BsnUplWZoSBW52l8oHEpq0Yb6M1vrL6IJwTqHlN%2F6YFkz41gMk9TsNB00SIpi%2BaA%2BiJs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0e9fc7ffbd729-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 185ms
184ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=0d8c67340d4aad8b32bfb9bcc7aa4ded&svisitor=64bb1002e85500000d08e36034010000558e0200&session=ecb8e518-7949-40db-8126-f5c267ae41df&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2005%20Jul%202021%2013%3A24%3A30%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2005%20Jul%202021%2013%3A24%3A29%20GMT%22%2C%22timeSpent%22%3A%221142%22%2C%22totalTimeSpent%22%3A%221142%22%7D&isIframe=false&m=%7B%22description%22%3A%22Guardicore%20Labs%20reveals%20more%20details%20on%20the%20Indexsinas%20(NSABuffMiner)%20SMB%20worm.%20The%20campaign%20has%20been%20active%20since%20at%20least%202019%20and%20has%20managed%20to%20infect%20servers%20from%20a%20wide%20range%20of%20industries%2C%20including%20healthcare%2C%20hospitality%2C%20telecommunications%20and%20education.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22SMB%20Worm%20%E2%80%9CIndexsinas%E2%80%9D%20Uses%20Lateral%20Movement%20to%20Infect%20Whole%20Networks%20-%20Guardicore%22%7D&cb=&r=https%3A%2F%2Ft.co%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.guardicore.com%2Flabs%2Fsmb-worm-indexsinas%2F&pageViewId=c835c88f-c833-42d4-8c60-b755a02569d3

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 05 Jul 2021 13:24:30 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Fri, 21 Feb 2020 18:57:20 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5e502810-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 200 account.get-visitor-token Show response
whimsical.com/api/ Frame 67B9 109 B
725 B 403ms
403ms XHR
application/edn 13.225.87.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://whimsical.com/api/account.get-visitor-token
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-2.fra2.r.cloudfront.net
Software: /
Resource Hash: 6e26b189979d8e8a3130d629c20a29b827d9efb6d74061f962c5584c600263bd

Request headers

Accept: application/edn
Referer: https://whimsical.com/embed/JB41vmcC4ixUuR5dsrXKpe
X: 256893730
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/edn

Response headers

pragma: no-cache
date: Mon, 05 Jul 2021 13:24:30 GMT
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
content-type: application/edn
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-length: 109
x-amz-cf-id: OORcLMc0I1RjD9nc-ROxE95Gq3bA7AK6Ott99WCU5NwLqf2jzXADzg==
expires: 0

GET
H2 200 vendor.899a59ba.js Show response
beacon-v2.helpscout.net/static/js/ Frame 67B9 814 KB
199 KB 9ms
9ms Script
application/javascript 13.224.193.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon-v2.helpscout.net/static/js/vendor.899a59ba.js
Requested by: Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-49.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ba4dd4b5f97a58ad068d743dfdf7865ba3d7e4bff24379ca93ca634008c90a3e

Request headers

Referer: https://whimsical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 12:03:52 GMT
content-encoding: gzip
last-modified: Tue, 29 Jun 2021 20:26:10 GMT
server: AmazonS3
age: 4839
etag: "2222e44c8134901ae72782e44a0b603e"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1ac3fd533bf6be1b511077f8b8e23bfd.cloudfront.net (CloudFront)
cache-control: max-age=315360000, s-maxage=7200, public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 203388
x-amz-cf-id: qqqdHvEKTUJ162J2DbcgevQD5RdpTxbNyphwVwl9-DxGmWe6y2vYnw==

GET
H2 200 main.b314c378.js Show response
beacon-v2.helpscout.net/static/js/ Frame 67B9 254 KB
64 KB 9ms
9ms Script
application/javascript 13.224.193.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon-v2.helpscout.net/static/js/main.b314c378.js
Requested by: Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-49.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0621ccf15f4c0c81dfc958917e75a6ab9a6fbcdeef4d4cf2b034c4132d1ac929

Request headers

Referer: https://whimsical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:07:55 GMT
content-encoding: gzip
last-modified: Tue, 29 Jun 2021 20:26:10 GMT
server: AmazonS3
age: 995
etag: "7d2f1fc4ea6e714e76ff2ad57e4e302f"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1ac3fd533bf6be1b511077f8b8e23bfd.cloudfront.net (CloudFront)
cache-control: max-age=315360000, s-maxage=7200, public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 64821
x-amz-cf-id: SXIhPpxp7JKfWtjQTVmDYJgH6o1yk0EV8FwkxUSjzpuP2MW6w10eWw==

GET
H/1.1 200
OK pd.js Show response
pi.pardot.com/ Frame 81F3 5 KB
2 KB 377ms
96ms Script
application/javascript 35.174.150.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/pd.js
Requested by: Host: go.guardicore.com
URL: https://go.guardicore.com/l/503441/2019-11-13/29ntk8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.174.150.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pi0-lba1-3-ue1.aws.pardot.com
Software: PardotServer /
Resource Hash: b7939e67e521a72f9344e54fe85a3edff247ac537235f178a522ae836dbf6820

Request headers

Referer: https://go.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 05 Jul 2021 13:24:30 GMT
Content-Encoding: gzip
X-Pardot-Route: 4587f66dff94d6e76a668284fbf3dba1
X-Pardot-LB: a083ac6fc1531fb089982e922db67d20
Last-Modified: Thu, 01 Jul 2021 05:18:58 GMT
Server: PardotServer
ETag: "14be-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Cache-Control: max-age=63072000
Accept-Ranges: bytes
Content-Length: 1923
Expires: Wed, 05 Jul 2023 13:24:30 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ Frame 81F3 5 KB
2 KB 8ms
7ms Script
application/x-javascript 2a02:26f0:6c00:2b0::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDRGX6B
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b0::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 6e6e6a03e72a528c28884b50bf296425667f38dd0aaf1dd17ce89199ffc85271

Request headers

Referer: https://go.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 05 Jul 2021 13:24:30 GMT
Content-Encoding: gzip
Last-Modified: Tue, 15 Jun 2021 01:25:13 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=33806
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2079

GET
H3-29 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame 81F3 36 KB
14 KB 34ms
17ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDRGX6B

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

92bd24374fb205c765a133d522acb2772693d2ccd486b7855e2447918de296a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14011
x-xss-protection: 0
server: cafe
etag: 1690124483490796579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 05 Jul 2021 13:24:30 GMT

GET
H2 200 hotjar-956284.js Show response
static.hotjar.com/c/ Frame 81F3 4 KB
2 KB 10ms
8ms Script
application/javascript 13.225.87.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-956284.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDRGX6B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.87.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-87-62.fra2.r.cloudfront.net

Software

Resource Hash

8022e9b8ff20c746eb0f1c29881c77b72e6a190a9fa7dbef7d3106ee473e60ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:29 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
age: 1
etag: W/f3cd1d15cc826431f6923bdb256d7d96
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
x-amz-cf-pop: FRA2-C2
content-length: 1895
via: 1.1 a10d58b5ce965502cc34c5b27682fe23.cloudfront.net (CloudFront)
x-amz-cf-id: rU_JB13qPqATL-nM-r96uvKM70yU-UZaxBZDqHaxOkClRLmrhDiTsQ==

GET
H2 200 bat.js Show response
bat.bing.com/ Frame 81F3 30 KB
9 KB 30ms
29ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDRGX6B
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 73e2e5173ed0d5a77b02914fa0ef1f67bb53143da75f0348f558f95565220ca1

Request headers

Referer: https://go.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:30 GMT
content-encoding: gzip
last-modified: Fri, 28 May 2021 20:25:24 GMT
x-msedge-ref: Ref A: 054FC761322E441E92B259349E42216A Ref B: FRAEDGE1210 Ref C: 2021-07-05T13:24:30Z
etag: "0d2a696ff53d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 9008

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ Frame 81F3 5 KB
2 KB 7ms
6ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDRGX6B
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ce8edccdc98a1f67c6d81ce452ac32192a9fc0c7a2828ea2dc6747c291cb5919

Request headers

Referer: https://go.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:30 GMT
via: 1.1 varnish
last-modified: Fri, 02 Jul 2021 22:49:15 GMT
age: 9140
etag: "cf581d46c3059bf617cb7f732c21a59e+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1958
x-timer: S1625491471.595203,VS0,VE0
x-served-by: cache-hhn11551-HHN

GET
H3-29 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 81F3 95 KB
24 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: t.co
URL: https://t.co/oHdkaebuMi

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f2a2056b7a1c989899886a9b194e93912b7d11767239e956de73d5c2ea237b32

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://go.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 24676
x-xss-protection: 0
pragma: public
x-fb-debug: HCeCGhjSC56jUhaq33ze/wC4SyzRyZJ6gqmabjVyxU8njR1eH+WC7Nw2GzFzpDLSD4gEYHauQLLS++zLA9YWpQ==
x-frame-options: DENY
date: Mon, 05 Jul 2021 13:24:30 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/ Frame 81F3
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=265698&time=1625491470602&url=https%3A%2F%2Fwww.guardicore.com%2F
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=265698&time=1625491470602&url=https%3A%2F%2Fwww.guardicore.com%2F&e_ipv6=AQKta80CfUVYkQAAAXp213l3l9xc3zcBJczGjY0l_70jW16BKfDGsyIpmrnZQFGQF0LVPXEz

0
155 B

294ms
184ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=265698&time=1625491470602&url=https%3A%2F%2Fwww.guardicore.com%2F&e_ipv6=AQKta80CfUVYkQAAAXp213l3l9xc3zcBJczGjY0l_70jW16BKfDGsyIpmrnZQFGQF0LVPXEz
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:31 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-proto: http/2
x-li-pop: prod-edc2
content-type: application/javascript
content-length: 0
x-li-uuid: l4EKcOHnjhaQk2758CoAAA==

Redirect headers

date: Mon, 05 Jul 2021 13:24:30 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=265698&time=1625491470602&url=https%3A%2F%2Fwww.guardicore.com%2F&e_ipv6=AQKta80CfUVYkQAAAXp213l3l9xc3zcBJczGjY0l_70jW16BKfDGsyIpmrnZQFGQF0LVPXEz
x-li-proto: http/2
x-li-pop: prod-esv5
content-length: 0
x-li-uuid: 1zXiX+HnjhYwgJhp3SoAAA==

GET
H2 200 modules.6707e94afd136d068134.js Show response
script.hotjar.com/ Frame 81F3 219 KB
58 KB 7ms
7ms Script
application/javascript 13.224.193.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.6707e94afd136d068134.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-956284.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-38.fra2.r.cloudfront.net

Software

Resource Hash

147bbc69ada02cdca64ad72a0159564a5a2643efa09602f7f014459175d6823e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 12:26:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3505
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 59137
access-control-allow-origin: *
last-modified: Mon, 05 Jul 2021 12:25:45 GMT
etag: "bbcd672a21d2eac288769d4e100c556a"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: w0Nx31qK3oDDGxOuDjgJ0Dh3DfyHbqWvD1FiaZCzHX2cWzZaKjc0xQ==

GET
H2 200 adsct Show response
analytics.twitter.com/i/ Frame 81F3 31 B
660 B 134ms
114ms Script
application/javascript 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.0&p_id=Twitter&p_user_id=0&txn_id=o0jty&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=1&tw_document_referrer=https%3A%2F%2Fwww.guardicore.com%2F&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fgo.guardicore.com%2Fl%2F503441%2F2019-11-13%2F29ntk8

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://go.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
pragma: no-cache
last-modified: Mon, 05 Jul 2021 13:24:30 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 96994a546b47f67f39dfefa267a6b1bc824d71aa48c7cf6c95ec8374a958ae04
x-transaction: 8761c9dc10bd3957
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 adsct
t.co/i/ Frame 81F3 43 B
165 B 114ms
114ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.0&p_id=Twitter&p_user_id=0&txn_id=o0jty&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=1&tw_document_referrer=https%3A%2F%2Fwww.guardicore.com%2F&tw_document_href=https%3A%2F%2Fgo.guardicore.com%2Fl%2F503441%2F2019-11-13%2F29ntk8

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://go.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Mon, 05 Jul 2021 13:24:30 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 316300f2c085cc5d29a9bda369cbcd20ed4f766085aa3f8bc45f557a3bef7183
x-transaction: 5ea392441b707ae7
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H3-29 200 260002655494040 Show response
connect.facebook.net/signals/config/ Frame 81F3 260 KB
74 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/260002655494040?v=2.9.43&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c87e155f6dd4a48a9c96082e28afe41af493426dcfa72f2bb64a9d48d750e5e5

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://go.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 75545
x-xss-protection: 0
pragma: public
x-fb-debug: zKEc4Sjwmy3SMuvy4cY3g4kWKFgV+3bEVGwaJvPCY5GfEyI7rz/mUvwpIhRCAHHhgmLzUqA2JaItL81nvVIHvQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 05 Jul 2021 13:24:30 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 /
www.facebook.com/tr/ Frame 81F3 44 B
88 B 7ms
6ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=260002655494040&ev=PageView&dl=https%3A%2F%2Fgo.guardicore.com%2Fl%2F503441%2F2019-11-13%2F29ntk8&rl=https%3A%2F%2Fwww.guardicore.com%2F&if=true&ts=1625491470633&sw=1600&sh=1200&v=2.9.43&r=stable&ec=0&o=30&fbp=fb.1.1625491469524.536784650&it=1625491470607&coo=false&rqm=GET

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://go.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:30 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Mon, 05 Jul 2021 13:24:30 GMT

GET
H2 200 box-25a418976ea02a6f393fbbe77cec94bb.html Show response
vars.hotjar.com/ Frame 9357 2 KB
1 KB 7ms
7ms Document
text/html 13.224.193.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-956284.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-12.fra2.r.cloudfront.net
Software: /
Resource Hash: 7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-25a418976ea02a6f393fbbe77cec94bb.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://go.guardicore.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://go.guardicore.com/

Response headers

content-type: text/html
content-length: 1044
date: Sun, 04 Jul 2021 20:03:42 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "76922233be8bdb14c053af468d29404a"
last-modified: Mon, 28 Jun 2021 11:17:19 GMT
x-amz-server-side-encryption: AES256
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 34f50889bc574f1edeb41dd758962a5b.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: nPRlT-xTFTSwpEsnEUc4jn9LVKP3PzV1Nn_6agdWNnBoFS0qXjur7w==
age: 62447

GET
H3-29 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/814034752/ Frame 81F3 2 KB
1 KB 31ms
28ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/814034752/?random=1625491470713&cv=9&fst=1625491470713&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6u0&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fgo.guardicore.com%2Fl%2F503441%2F2019-11-13%2F29ntk8&ref=https%3A%2F%2Fwww.guardicore.com%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e974e19c37b11b3654efd796984f37cb1d6548dc18efe71d0e38839fffc6bd6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jul 2021 13:24:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1017
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 25022092.js Show response
bat.bing.com/p/action/ Frame 81F3 0
93 B 250ms
249ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/25022092.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ARR/3.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 05 Jul 2021 13:24:30 GMT
cache-control: private,max-age=86400
x-msedge-ref: Ref A: 5E1AB626AB2A4B04B97FFD7D310C655A Ref B: FRAEDGE1210 Ref C: 2021-07-05T13:24:30Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ Frame 81F3 0
94 B 36ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=25022092&tm=gtm001&Ver=2&mid=da5de02d-e3c5-4eda-bffb-97b38522e26d&sid=53b9eb40dd9411eb83c18dc46dd8be7f&vid=53ba0900dd9411eb8fc98de70c856af7&vids=0&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fwww.guardicore.com%2F&r=&lt=1733&evt=pageLoad&ifm=1&msclkid=N&sv=1&rn=980054
Requested by: Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 05 Jul 2021 13:24:30 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: FB2C439DAF5C4C11B3F8302B9DBE64A8 Ref B: FRAEDGE1210 Ref C: 2021-07-05T13:24:30Z
x-cache: CONFIG_NOCACHE
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/814034752/ Frame 81F3 42 B
64 B 21ms
21ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/814034752/?random=1625491470713&cv=9&fst=1625490000000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6u0&sendb=1&frm=2&url=https%3A%2F%2Fgo.guardicore.com%2Fl%2F503441%2F2019-11-13%2F29ntk8&ref=https%3A%2F%2Fwww.guardicore.com%2F&async=1&fmt=3&is_vtc=1&random=2907398004&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jul 2021 13:24:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/814034752/ Frame 81F3 42 B
64 B 22ms
21ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/814034752/?random=1625491470713&cv=9&fst=1625490000000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6u0&sendb=1&frm=2&url=https%3A%2F%2Fgo.guardicore.com%2Fl%2F503441%2F2019-11-13%2F29ntk8&ref=https%3A%2F%2Fwww.guardicore.com%2F&async=1&fmt=3&is_vtc=1&random=2907398004&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.guardicore.com
URL: https://www.guardicore.com/labs/smb-worm-indexsinas/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jul 2021 13:24:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.0 200
OK analytics Show response
pi.pardot.com/ Frame 81F3 3 KB
3 KB 208ms
208ms Script
text/javascript 35.174.150.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://pi.pardot.com/analytics?ver=3&pi_form=true&visitor_id=427873014&visitor_id_sign=554ffdde6da78c89ce9862794705e27b148c38d19b349650a56429c63fddd3d8504f4a208589304e8e88a1f47ed9740eacc29532&pi_opt_in=&campaign_id=48793&account_id=504441&title=&url=https%3A%2F%2Fgo.guardicore.com%2Fl%2F503441%2F2019-11-13%2F29ntk8&referrer=https%3A%2F%2Fwww.guardicore.com%2F

Requested by

Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js

Protocol

HTTP/1.0

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.174.150.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

pi0-lba1-3-ue1.aws.pardot.com

Software

PardotServer /

Resource Hash

9cd2692027789757f2b1868176e63fed7cf61ef9ee49f59f5890b1c41ad0156e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://go.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 05 Jul 2021 13:24:31 GMT
Content-Encoding: gzip
X-Pardot-Route: d5a18e4517a9c8ba62b77de366a4cdb5
X-Pardot-LB: a083ac6fc1531fb089982e922db67d20
X-Pardot-Rsp: 16/23/149
Vary: Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=31536000; includeSubDomains
P3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Content-Length: 1450
Server: PardotServer
Expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H2 200 items.get Show response
whimsical.com/api/ Frame 67B9 906 B
1 KB 391ms
391ms XHR
application/transit+json 13.225.87.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://whimsical.com/api/items.get
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-2.fra2.r.cloudfront.net
Software: /
Resource Hash: 4b44d35a36bd7d65aa676b68fd395ac3270f29037418c6c818ce2eb5dd0ea78d

Request headers

Authorization: Bearer 7qwO9dNVr0U2jWS+ZAkEK7ytHdt9wQHM
Content-Type: application/transit+json
Accept: application/transit+json
Referer: https://whimsical.com/embed/JB41vmcC4ixUuR5dsrXKpe
W-Version: 20
W-App-Version: 9f3de62bfc5381cb74877d47223dce3c60c23455
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
W-Session-Id: 24accaca-853a-4631-9893-dbb12dce9ab8

Response headers

pragma: no-cache
date: Mon, 05 Jul 2021 13:24:31 GMT
content-encoding: gzip
x-amz-cf-pop: FRA2-C2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/transit+json
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-amz-cf-id: _xrM97exV2J_srwrAngmdDZWEyJSZLaOIHd3bOWFciAyBM8q5414cA==
expires: 0

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
468 B 408ms
104ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:24:31 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=lmMV%2FfHu1eJUpDN8%2BSZqKJFE5lenHMzcjBm4%2Bb5gycoJyXGi%2FEmWcn6%2FZfcnfypO721GzZqbBlO%2BN86o%2FJYb4I%2FB5k%2Ff8N0reradGGzL23fjItQ3yyv6WIPUuwAoNhXn2r33PqD9e92TCSo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0ea004fe1d729-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
158 B 116ms
115ms Script
application/javascript 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.0&p_id=Twitter&p_user_id=0&txn_id=o0jty&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.guardicore.com%2Flabs%2Fsmb-worm-indexsinas%2F

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
pragma: no-cache
last-modified: Mon, 05 Jul 2021 13:24:31 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 96994a546b47f67f39dfefa267a6b1bc824d71aa48c7cf6c95ec8374a958ae04
x-transaction: 87ba9bb033943b37
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.0 200
OK analytics Show response
go.guardicore.com/ Frame 81F3 50 B
1 KB 191ms
191ms Script
text/javascript 35.174.150.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go.guardicore.com/analytics?conly=true&pi_form=true&visitor_id=427873014&visitor_id_sign=554ffdde6da78c89ce9862794705e27b148c38d19b349650a56429c63fddd3d8504f4a208589304e8e88a1f47ed9740eacc29532&pi_opt_in=&campaign_id=48793&account_id=504441&title=&url=https%3A%2F%2Fgo.guardicore.com%2Fl%2F503441%2F2019-11-13%2F29ntk8&referrer=https%3A%2F%2Fwww.guardicore.com%2F
Requested by: Host: pi.pardot.com
URL: https://pi.pardot.com/analytics?ver=3&pi_form=true&visitor_id=427873014&visitor_id_sign=554ffdde6da78c89ce9862794705e27b148c38d19b349650a56429c63fddd3d8504f4a208589304e8e88a1f47ed9740eacc29532&pi_opt_in=&campaign_id=48793&account_id=504441&title=&url=https%3A%2F%2Fgo.guardicore.com%2Fl%2F503441%2F2019-11-13%2F29ntk8&referrer=https%3A%2F%2Fwww.guardicore.com%2F
Protocol: HTTP/1.0
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.174.150.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pi0-lba1-3-ue1.aws.pardot.com
Software: PardotServer /
Resource Hash: dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3

Request headers

Referer: https://go.guardicore.com/l/503441/2019-11-13/29ntk8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 05 Jul 2021 13:24:31 GMT
X-Pardot-Route: d5a18e4517a9c8ba62b77de366a4cdb5
X-Pardot-LB: a083ac6fc1531fb089982e922db67d20
X-Pardot-Rsp: 16/10/135
Vary: User-Agent
P3p: CP="CAO DSP AND SO ON" policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Content-Length: 50
Server: PardotServer
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 embed_shepherd-v1.js Show response
fast.wistia.com/static/ Frame 81F3 571 KB
104 KB 23ms
6ms Script
application/javascript 2a04:4e42:1b::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/static/embed_shepherd-v1.js

Requested by

Host: pi.pardot.com
URL: https://pi.pardot.com/analytics?ver=3&pi_form=true&visitor_id=427873014&visitor_id_sign=554ffdde6da78c89ce9862794705e27b148c38d19b349650a56429c63fddd3d8504f4a208589304e8e88a1f47ed9740eacc29532&pi_opt_in=&campaign_id=48793&account_id=504441&title=&url=https%3A%2F%2Fgo.guardicore.com%2Fl%2F503441%2F2019-11-13%2F29ntk8&referrer=https%3A%2F%2Fwww.guardicore.com%2F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a3f2c1ed3b6c5c8668af3066dc10e5aca023ab0b63c05be2cd42241f18dd9572

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://go.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:31 GMT
content-encoding: br
vary: Accept-Encoding
age: 1206
x-cache: HIT, HIT
content-length: 106109
x-served-by: cache-dca17763-DCA, cache-hhn4051-HHN
access-control-allow-origin: *
x-browser-version: 89
last-modified: Thu, 01 Jul 2021 15:01:32 GMT
x-timer: S1625491471.189449,VS0,VE0
etag: "60ddd8cc-19e7d"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2, 62

POST
H2 200 items.scroll Show response
whimsical.com/api/ Frame 67B9 163 KB
23 KB 477ms
476ms XHR
application/transit+json 13.225.87.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://whimsical.com/api/items.scroll
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-2.fra2.r.cloudfront.net
Software: /
Resource Hash: 2789f68163f600c0f7e91f859ca0ef98100786ae15e98839448713e3941d0bca

Request headers

Authorization: Bearer 7qwO9dNVr0U2jWS+ZAkEK7ytHdt9wQHM
Content-Type: application/transit+json
Accept: application/transit+json
Referer: https://whimsical.com/embed/JB41vmcC4ixUuR5dsrXKpe
W-Version: 20
W-App-Version: 9f3de62bfc5381cb74877d47223dce3c60c23455
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
W-Session-Id: 24accaca-853a-4631-9893-dbb12dce9ab8

Response headers

pragma: no-cache
date: Mon, 05 Jul 2021 13:24:31 GMT
content-encoding: gzip
x-amz-cf-pop: FRA2-C2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/transit+json
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-amz-cf-id: gpP4Zt4q3i25T1RU-GMGpa8-1UPou4so10yIojZ8pKqpEpWLZL6s9g==
expires: 0

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
435 B 412ms
111ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:24:31 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=4J9iA1x8vLhJBucUuls9GiuVNjSDmMQhyt86XalzmNJDT83IpKXYB96iuU4MRgyV1uuDF6cwkEgiT%2B2UEWANcQ8ppKLPDbubAnxHPusnTDYeP4JUu6x7z%2FnPHKgfA6EtttD0eTmFE2DFYeA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0ea02cdafd729-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 192ms
191ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=0d8c67340d4aad8b32bfb9bcc7aa4ded&svisitor=64bb1002e85500000d08e36034010000558e0200&session=ecb8e518-7949-40db-8126-f5c267ae41df&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2005%20Jul%202021%2013%3A24%3A31%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2005%20Jul%202021%2013%3A24%3A30%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%222143%22%7D&isIframe=false&m=%7B%22description%22%3A%22Guardicore%20Labs%20reveals%20more%20details%20on%20the%20Indexsinas%20(NSABuffMiner)%20SMB%20worm.%20The%20campaign%20has%20been%20active%20since%20at%20least%202019%20and%20has%20managed%20to%20infect%20servers%20from%20a%20wide%20range%20of%20industries%2C%20including%20healthcare%2C%20hospitality%2C%20telecommunications%20and%20education.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22SMB%20Worm%20%E2%80%9CIndexsinas%E2%80%9D%20Uses%20Lateral%20Movement%20to%20Infect%20Whole%20Networks%20-%20Guardicore%22%7D&cb=&r=https%3A%2F%2Ft.co%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.guardicore.com%2Flabs%2Fsmb-worm-indexsinas%2F&pageViewId=c835c88f-c833-42d4-8c60-b755a02569d3

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 05 Jul 2021 13:24:31 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Mon, 07 Jun 2021 21:53:38 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60be9562-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 81F3 44 B
147 B 7ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=260002655494040&ev=Microdata&dl=https%3A%2F%2Fgo.guardicore.com%2Fl%2F503441%2F2019-11-13%2F29ntk8&rl=https%3A%2F%2Fwww.guardicore.com%2F&if=true&ts=1625491472140&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.43&r=stable&ec=1&o=30&fbp=fb.1.1625491472139.1435470858&it=1625491470607&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://go.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 13:24:32 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 05 Jul 2021 13:24:32 GMT

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
813 B 419ms
119ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:24:32 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=XyVKKfeSeTV9VLBWGSG7IBSMnWjdcAgHTtZ9%2BI942HRKPGM7oTPBuRAiEddlqGKsP31RcWzfJBaI9pK6d7KMEFBha099eAuivGVn8HLGBEcbI2zIgCkAVHZz8OYVmOsC%2Ftp%2FRDK0rmDhKeo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0ea090a5bd729-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 181ms
181ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=0d8c67340d4aad8b32bfb9bcc7aa4ded&svisitor=null&session=d3787b55-6cfd-47fc-840c-c6892d8b8cbd&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2005%20Jul%202021%2013%3A24%3A32%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2005%20Jul%202021%2013%3A24%3A31%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%223144%22%7D&isIframe=false&m=%7B%22description%22%3A%22Guardicore%20Labs%20reveals%20more%20details%20on%20the%20Indexsinas%20(NSABuffMiner)%20SMB%20worm.%20The%20campaign%20has%20been%20active%20since%20at%20least%202019%20and%20has%20managed%20to%20infect%20servers%20from%20a%20wide%20range%20of%20industries%2C%20including%20healthcare%2C%20hospitality%2C%20telecommunications%20and%20education.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22SMB%20Worm%20%E2%80%9CIndexsinas%E2%80%9D%20Uses%20Lateral%20Movement%20to%20Infect%20Whole%20Networks%20-%20Guardicore%22%7D&cb=&r=https%3A%2F%2Ft.co%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.guardicore.com%2Flabs%2Fsmb-worm-indexsinas%2F&pageViewId=c835c88f-c833-42d4-8c60-b755a02569d3

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 05 Jul 2021 13:24:32 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Sat, 05 Jun 2021 07:56:05 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60bb2e15-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
461 B 141ms
141ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:24:33 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=atrf6DjlU0%2BnnVVf5jQgxPqYHVvNKwexwz6CNt7qN5%2Bz%2BiAAqSWFwvjUXg2a1nH5r6qKImKoqsK819W1%2BDVXc19EoEXKsu5Bo0B9rinGcsfXZz8y28zzkVXfHroLIEsEq96bRvcCbGyUzb4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0ea0d6bf3d729-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 184ms
184ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=0d8c67340d4aad8b32bfb9bcc7aa4ded&svisitor=null&session=d3787b55-6cfd-47fc-840c-c6892d8b8cbd&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2005%20Jul%202021%2013%3A24%3A33%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2005%20Jul%202021%2013%3A24%3A32%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%224146%22%7D&isIframe=false&m=%7B%22description%22%3A%22Guardicore%20Labs%20reveals%20more%20details%20on%20the%20Indexsinas%20(NSABuffMiner)%20SMB%20worm.%20The%20campaign%20has%20been%20active%20since%20at%20least%202019%20and%20has%20managed%20to%20infect%20servers%20from%20a%20wide%20range%20of%20industries%2C%20including%20healthcare%2C%20hospitality%2C%20telecommunications%20and%20education.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22SMB%20Worm%20%E2%80%9CIndexsinas%E2%80%9D%20Uses%20Lateral%20Movement%20to%20Infect%20Whole%20Networks%20-%20Guardicore%22%7D&cb=&r=https%3A%2F%2Ft.co%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.guardicore.com%2Flabs%2Fsmb-worm-indexsinas%2F&pageViewId=c835c88f-c833-42d4-8c60-b755a02569d3

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 05 Jul 2021 13:24:33 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Mon, 07 Jun 2021 21:53:38 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60be9562-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
467 B 275ms
275ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:24:34 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Ll1m%2FHNpwhzSe4McPzVoqTKn%2F1BgJXRkLtvQK2M8%2FfjwGPEWI%2B2F%2BR%2B4QCQ8zTGWp6WLgwcDrwpa9TxmgxUS1yM9bWR53bKc5EuxSSJuVp9X63q3%2FDY5YGHlNPGQjGUDFiorzUzjt5aapMs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0ea13a9d0d729-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 178ms
178ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=0d8c67340d4aad8b32bfb9bcc7aa4ded&svisitor=null&session=20d32172-4df6-42ab-8979-27c855d157db&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2005%20Jul%202021%2013%3A24%3A34%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2005%20Jul%202021%2013%3A24%3A33%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%225146%22%7D&isIframe=false&m=%7B%22description%22%3A%22Guardicore%20Labs%20reveals%20more%20details%20on%20the%20Indexsinas%20(NSABuffMiner)%20SMB%20worm.%20The%20campaign%20has%20been%20active%20since%20at%20least%202019%20and%20has%20managed%20to%20infect%20servers%20from%20a%20wide%20range%20of%20industries%2C%20including%20healthcare%2C%20hospitality%2C%20telecommunications%20and%20education.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22SMB%20Worm%20%E2%80%9CIndexsinas%E2%80%9D%20Uses%20Lateral%20Movement%20to%20Infect%20Whole%20Networks%20-%20Guardicore%22%7D&cb=&r=https%3A%2F%2Ft.co%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.guardicore.com%2Flabs%2Fsmb-worm-indexsinas%2F&pageViewId=c835c88f-c833-42d4-8c60-b755a02569d3

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 05 Jul 2021 13:24:34 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Mon, 07 Jun 2021 21:53:38 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60be9562-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
462 B 448ms
147ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:24:35 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=tEtAqfK%2BrJ9%2BMry28uxD4EH9T62Z3oflOTeNxoWQ5YZHTac25vUB7Yo6eeMSh%2F5QF0Z7n61n0D3RqPeyd6S2%2F%2FU8cAAVOOivEO4UNiIsLuBG8imrdcD8qyqe%2FcTddtjyoqlB4x9kSCci0ZQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0ea1beabcd729-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 190ms
180ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=0d8c67340d4aad8b32bfb9bcc7aa4ded&svisitor=null&session=20d32172-4df6-42ab-8979-27c855d157db&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2005%20Jul%202021%2013%3A24%3A35%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2005%20Jul%202021%2013%3A24%3A34%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%226148%22%7D&isIframe=false&m=%7B%22description%22%3A%22Guardicore%20Labs%20reveals%20more%20details%20on%20the%20Indexsinas%20(NSABuffMiner)%20SMB%20worm.%20The%20campaign%20has%20been%20active%20since%20at%20least%202019%20and%20has%20managed%20to%20infect%20servers%20from%20a%20wide%20range%20of%20industries%2C%20including%20healthcare%2C%20hospitality%2C%20telecommunications%20and%20education.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22SMB%20Worm%20%E2%80%9CIndexsinas%E2%80%9D%20Uses%20Lateral%20Movement%20to%20Infect%20Whole%20Networks%20-%20Guardicore%22%7D&cb=&r=https%3A%2F%2Ft.co%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.guardicore.com%2Flabs%2Fsmb-worm-indexsinas%2F&pageViewId=c835c88f-c833-42d4-8c60-b755a02569d3

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 05 Jul 2021 13:24:35 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Fri, 21 Feb 2020 18:57:20 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5e502810-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
459 B 437ms
136ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:24:36 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=4pVBMYbuSwMTnLjYiMFqI1I0EwHDOi6%2FPf3rgN%2BJnnIJovjhoapraJp0mhr8rCrYKEmqGXqimG5TJ7Dj4tlze%2FmOiZ2WalfKa1gRA8%2FgC8z6z4GYRraX6irtLYqFb1erNL1Dc8cl7y3pqj4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0ea221822d729-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 179ms
178ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=0d8c67340d4aad8b32bfb9bcc7aa4ded&svisitor=null&session=20d32172-4df6-42ab-8979-27c855d157db&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2005%20Jul%202021%2013%3A24%3A36%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2005%20Jul%202021%2013%3A24%3A35%20GMT%22%2C%22timeSpent%22%3A%221013%22%2C%22totalTimeSpent%22%3A%227161%22%7D&isIframe=false&m=%7B%22description%22%3A%22Guardicore%20Labs%20reveals%20more%20details%20on%20the%20Indexsinas%20(NSABuffMiner)%20SMB%20worm.%20The%20campaign%20has%20been%20active%20since%20at%20least%202019%20and%20has%20managed%20to%20infect%20servers%20from%20a%20wide%20range%20of%20industries%2C%20including%20healthcare%2C%20hospitality%2C%20telecommunications%20and%20education.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22SMB%20Worm%20%E2%80%9CIndexsinas%E2%80%9D%20Uses%20Lateral%20Movement%20to%20Infect%20Whole%20Networks%20-%20Guardicore%22%7D&cb=&r=https%3A%2F%2Ft.co%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.guardicore.com%2Flabs%2Fsmb-worm-indexsinas%2F&pageViewId=c835c88f-c833-42d4-8c60-b755a02569d3

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 05 Jul 2021 13:24:36 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Mon, 07 Jun 2021 21:53:38 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60be9562-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
459 B 543ms
242ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:24:38 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=G5oAXPnpE9NjfBbgcWSbHLm6iC9KXBmi9BxOTsHmWyQIgG2MMP%2BvZfFHNrW6t1kjlDD1nNCzWHC%2BbOPM59N7mSPoioGiLIcLprQaAc6ItpHsMll72BIASzVTzoes07lNVN5uZJnLUVkjgmQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0ea286b7ed729-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 179ms
178ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=0d8c67340d4aad8b32bfb9bcc7aa4ded&svisitor=null&session=c125a180-0eab-4a52-850d-f17b35193461&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2005%20Jul%202021%2013%3A24%3A37%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2005%20Jul%202021%2013%3A24%3A36%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%228162%22%7D&isIframe=false&m=%7B%22description%22%3A%22Guardicore%20Labs%20reveals%20more%20details%20on%20the%20Indexsinas%20(NSABuffMiner)%20SMB%20worm.%20The%20campaign%20has%20been%20active%20since%20at%20least%202019%20and%20has%20managed%20to%20infect%20servers%20from%20a%20wide%20range%20of%20industries%2C%20including%20healthcare%2C%20hospitality%2C%20telecommunications%20and%20education.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22SMB%20Worm%20%E2%80%9CIndexsinas%E2%80%9D%20Uses%20Lateral%20Movement%20to%20Infect%20Whole%20Networks%20-%20Guardicore%22%7D&cb=&r=https%3A%2F%2Ft.co%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.guardicore.com%2Flabs%2Fsmb-worm-indexsinas%2F&pageViewId=c835c88f-c833-42d4-8c60-b755a02569d3

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 05 Jul 2021 13:24:37 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Fri, 21 Feb 2020 18:57:20 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5e502810-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
440 B 107ms
107ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:24:38 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=wizjk9Ijx408Sl5QX%2B55FSv3aaTu9KhK6bccPR4d44%2BT7cE52o7kx1eBiQSkHN8urLMX7wDdY3QgJHJoYyrWLpDs535ZhBmr5UCJm9MRSZaWmew%2Bb72gmOJhxaNqz%2BDfjQLVlLXQGezbF%2FE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0ea2ccb5ed729-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 178ms
178ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=0d8c67340d4aad8b32bfb9bcc7aa4ded&svisitor=null&session=52558972-6e16-4aa8-8611-4ab02e9c45e0&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2005%20Jul%202021%2013%3A24%3A38%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2005%20Jul%202021%2013%3A24%3A37%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%229163%22%7D&isIframe=false&m=%7B%22description%22%3A%22Guardicore%20Labs%20reveals%20more%20details%20on%20the%20Indexsinas%20(NSABuffMiner)%20SMB%20worm.%20The%20campaign%20has%20been%20active%20since%20at%20least%202019%20and%20has%20managed%20to%20infect%20servers%20from%20a%20wide%20range%20of%20industries%2C%20including%20healthcare%2C%20hospitality%2C%20telecommunications%20and%20education.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22SMB%20Worm%20%E2%80%9CIndexsinas%E2%80%9D%20Uses%20Lateral%20Movement%20to%20Infect%20Whole%20Networks%20-%20Guardicore%22%7D&cb=&r=https%3A%2F%2Ft.co%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.guardicore.com%2Flabs%2Fsmb-worm-indexsinas%2F&pageViewId=c835c88f-c833-42d4-8c60-b755a02569d3

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 05 Jul 2021 13:24:38 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Fri, 21 Feb 2020 18:57:20 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5e502810-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
465 B 116ms
116ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:24:39 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=75nrQGCAnKGKNgDh6VyIY03HALouNuu%2BeH1LecjcHteXj9DixEk%2BpwYwf6krAQz%2F3dpKMthg6ypoN%2B%2BxFir8Vcx3GdXHsFmGyE42TKj%2BHJzM0nr7MymTlsrzknZguIGQrzBQYOABfXXlh4k%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0ea330ff8d729-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 185ms
184ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=0d8c67340d4aad8b32bfb9bcc7aa4ded&svisitor=null&session=52558972-6e16-4aa8-8611-4ab02e9c45e0&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2005%20Jul%202021%2013%3A24%3A39%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2005%20Jul%202021%2013%3A24%3A38%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%2210165%22%7D&isIframe=false&m=%7B%22description%22%3A%22Guardicore%20Labs%20reveals%20more%20details%20on%20the%20Indexsinas%20(NSABuffMiner)%20SMB%20worm.%20The%20campaign%20has%20been%20active%20since%20at%20least%202019%20and%20has%20managed%20to%20infect%20servers%20from%20a%20wide%20range%20of%20industries%2C%20including%20healthcare%2C%20hospitality%2C%20telecommunications%20and%20education.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22SMB%20Worm%20%E2%80%9CIndexsinas%E2%80%9D%20Uses%20Lateral%20Movement%20to%20Infect%20Whole%20Networks%20-%20Guardicore%22%7D&cb=&r=https%3A%2F%2Ft.co%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.guardicore.com%2Flabs%2Fsmb-worm-indexsinas%2F&pageViewId=c835c88f-c833-42d4-8c60-b755a02569d3

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 05 Jul 2021 13:24:39 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Fri, 21 Feb 2020 18:57:20 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5e502810-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 402 3
gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/ 157 B
810 B 109ms
109ms Other
application/csp-report 2606:4700:e0::ac40:6527
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.rapidsec.net/g/r/csp/69e8dd9c-ba91-4ae8-943c-e8abcfe8ec4f/0/0/3?sct=59f8d87f-31ba-460d-b9e9-f8ec4647baff&dpos=report

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Jul 2021 13:24:42 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=lCOFIvlDSsPzsmiWEymxmST1tpouq8Vpdng693NfGPd8T9vNXMnAGwvxab7fYAvncScjkZHImUo5%2Fc8A9Z6NpCwLtsF%2Bl1TkzgjJnethpziFGannPYJcsltGSd2aHQ3kUd7xtDR2pY5J1VQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/csp-report
access-control-allow-origin: https://www.guardicore.com
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66a0ea45cd57d729-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 180ms
180ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=0d8c67340d4aad8b32bfb9bcc7aa4ded&svisitor=null&session=d85e6bc4-c094-4479-82b3-edc1dd8036c1&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2005%20Jul%202021%2013%3A24%3A42%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2005%20Jul%202021%2013%3A24%3A39%20GMT%22%2C%22timeSpent%22%3A%223001%22%2C%22totalTimeSpent%22%3A%2213166%22%7D&isIframe=false&m=%7B%22description%22%3A%22Guardicore%20Labs%20reveals%20more%20details%20on%20the%20Indexsinas%20(NSABuffMiner)%20SMB%20worm.%20The%20campaign%20has%20been%20active%20since%20at%20least%202019%20and%20has%20managed%20to%20infect%20servers%20from%20a%20wide%20range%20of%20industries%2C%20including%20healthcare%2C%20hospitality%2C%20telecommunications%20and%20education.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22SMB%20Worm%20%E2%80%9CIndexsinas%E2%80%9D%20Uses%20Lateral%20Movement%20to%20Infect%20Whole%20Networks%20-%20Guardicore%22%7D&cb=&r=https%3A%2F%2Ft.co%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.guardicore.com%2Flabs%2Fsmb-worm-indexsinas%2F&pageViewId=c835c88f-c833-42d4-8c60-b755a02569d3

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guardicore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 05 Jul 2021 13:24:42 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Mon, 07 Jun 2021 21:53:38 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60be9562-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

Verdicts & Comments Add Verdict or Comment

152 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
go.guardicore.com/	1970-01-20 05:29:07	Name: visitor_id503441-hash Value: 554ffdde6da78c89ce9862794705e27b148c38d19b349650a56429c63fddd3d8504f4a208589304e8e88a1f47ed9740eacc29532
go.guardicore.com/	1970-01-20 05:29:07	Name: visitor_id503441 Value: 427873014
.guardicore.com/	1970-01-20 04:53:07	Name: _uetvid Value: 53ba0900dd9411eb8fc98de70c856af7
.guardicore.com/	1970-01-19 19:31:31	Name: _dc_gtm_UA-53878132-1 Value: 1
.guardicore.com/	1970-01-19 19:31:33	Name: _hjFirstSeen Value: 1
www.guardicore.com/	1970-01-20 13:02:43	Name: _gd_svisitor Value: 64bb1002e85500000d08e36034010000558e0200
.guardicore.com/	1970-01-20 04:17:07	Name: _hjid Value: 64332ad8-3d35-4107-8eab-e5403443021d
.guardicore.com/	1970-01-19 19:32:57	Name: _uetsid Value: 53b9eb40dd9411eb83c18dc46dd8be7f
www.guardicore.com/	1970-01-19 19:31:45	Name: _gd_session Value: ecb8e518-7949-40db-8126-f5c267ae41df
.guardicore.com/	1970-01-19 21:41:07	Name: _gcl_au Value: 1.1.1323617008.1625491469
.guardicore.com/	1970-01-19 21:41:07	Name: _fbp Value: fb.1.1625491469524.536784650
.guardicore.com/	1969-12-31 23:59:59	Name: _hjTLDTest Value: 1
.guardicore.com/	1970-01-19 19:32:57	Name: _gid Value: GA1.2.1278960002.1625491469
.guardicore.com/	1970-01-19 19:31:31	Name: _gat_gtag_UA_53878132_1 Value: 1
.guardicore.com/	1970-01-20 13:02:43	Name: _ga Value: GA1.2.1892901077.1625491469
www.guardicore.com/	1970-01-20 13:02:43	Name: _gd_visitor Value: d86e3db8-891b-46e5-868e-adc1df722497

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.guardicore.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	warning	URL: https://www.guardicore.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1(Line 2) Message: jQuery.Deferred exception: Cannot read property 'getItem' of null TypeError: Cannot read property 'getItem' of null at _default.get (https://www.guardicore.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.2.5:2:56236) at _default.setViewsAndSessions (https://www.guardicore.com/wp-content/plugins/elementor-pro/assets/js/preloaded-elements-handlers.min.js?ver=3.3.1:2:89347) at new _default (https://www.guardicore.com/wp-content/plugins/elementor-pro/assets/js/preloaded-elements-handlers.min.js?ver=3.3.1:2:89098) at Function.<anonymous> (https://www.guardicore.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.3.1:2:5491) at Function.each (https://www.guardicore.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1:2:3026) at ElementorProFrontend.initModules (https://www.guardicore.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.3.1:2:5456) at ElementorProFrontend.onElementorFrontendInit (https://www.guardicore.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.3.1:2:5712) at dispatch (https://www.guardicore.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1:2:43090) at v.handle (https://www.guardicore.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1:2:41074) at Object.trigger (https://www.guardicore.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1:2:71513) undefined
console-api	error	URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js(Line 1) Message: Error getting from localStorage: TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js(Line 1) Message: Error getting from localStorage: TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js(Line 1) Message: Error storing in localStorage: TypeError: Cannot read property 'setItem' of null
console-api	error	URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js(Line 1) Message: Error getting from localStorage: TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js(Line 1) Message: Error getting from localStorage: TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js(Line 1) Message: Error getting from localStorage: TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js(Line 1) Message: Error getting from localStorage: TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js(Line 1) Message: Error getting from localStorage: TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js(Line 1) Message: Error storing in localStorage: TypeError: Cannot read property 'setItem' of null
console-api	error	URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js(Line 1) Message: Error storing in localStorage: TypeError: Cannot read property 'setItem' of null
console-api	error	URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js(Line 1) Message: Error storing in localStorage: TypeError: Cannot read property 'setItem' of null

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
b.6sc.co
bat.bing.com
beacon-v2.helpscout.net
buff.ly
c.6sc.co
cdnjs.cloudflare.com
connect.facebook.net
fast.fonts.net
fast.wistia.com
fonts.googleapis.com
gate.rapidsec.net
go.guardicore.com
googleads.g.doubleclick.net
j.6sc.co
pi.pardot.com
px.ads.linkedin.com
px4.ads.linkedin.com
s.w.org
script.hotjar.com
secure.gravatar.com
snap.licdn.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
t.co
track.gaconnector.com
vars.hotjar.com
whimsical.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.guardicore.com
www.linkedin.com
104.111.233.140
104.244.42.197
104.244.42.3
108.174.10.14
13.224.193.12
13.224.193.38
13.224.193.49
13.225.87.2
13.225.87.62
142.250.185.194
192.0.77.48
199.232.136.157
2606:4700::6810:125e
2606:4700::6811:e14e
2606:4700:e0::ac40:6527
2620:119:50e1:101::6cae:b25
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:827::2002
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2004
2a00:1450:400c:c04::9b
2a00:1450:400c:c08::9c
2a02:26f0:6c00:2b0::25ea
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a04:4e42:1b::622
2a04:fa87:fffe::c000:4902
34.197.34.29
35.174.150.168
35.235.124.140
67.199.248.12
0018646720dd7fb919bd39bba73942b95a725590f3eca1dde849e088028b2b90
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
056cf1ad4d84c1438bd0efea62a6a10a21acab4f1adae279e87bd401ba83cd99
0621ccf15f4c0c81dfc958917e75a6ab9a6fbcdeef4d4cf2b034c4132d1ac929
0b140f87ff144db782e0cddbdd64decbaa35b5c7c890f1e45b05fe2d8478b42e
0be0dff23b790d714b6b7cc266fb5130a6260930ce52cfbc3e5b8f1c6cb45a5a
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e
0cdce53dc078014ad2af66256afb166fddb4db77945fa4113ad3007459e3aa06
0f5e95fc50f76666b87f3662e462236b80049d5e111bb083c409791e5d65101e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1396662705b0c8e4aece9ae751982e526b27e9e1271276d3bc02168d3491361e
13cbc75f4ec4fe7e354dff7e326e148da49f8a71b9bccd3f17605eba779a3f0d
147bbc69ada02cdca64ad72a0159564a5a2643efa09602f7f014459175d6823e
148b35f5e5d3dd37d6fc44caa577d6b478b0a62bb1200439d1f77e21f9c88c64
17f076500dca787c42b1dd6238ce50a0752771eafd040e8512c713a7ec947c65
19fb1c3c4a52d399f2b32a80c3fa35d97dde81f33e20bb7da6d95d4087c49ed6
1a74087f01c6bf2309a2f5d7ddb8c2309f5fac988dccd6a72e283ef5eb70a347
1ada5259a5ac61a7d68315f7efa6b98d61d2d0478df0545869c880afeaa67dcd
1c6e8d172c625037f0bef75c2efd2932f818236edd250baab7ab9c045a038886
1c8231e24838de4ad2d966d5cb48563a2a6e540a15848d337fa3c466d0730775
1e5aeaa58ab4c2345953f77e07fbc20578326076a259ed702eea64e077fde675
205e4853afd7ec80018e17064a0f71965ff0007e19babf0b88b0625843ea8e6b
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
2253d28cf7e038400244b19b4fe87d90240a0388e16f0a145deeff4eaf47b14a
23711380d4aa9cb1d400ed80287482643d79b55ec2398da742d9804b8a12f216
238665a4e9c6f3e6fd4c936f560856580b5f30d2aaf8e508d07a2f56a0516fc1
23ad59d8614ad388eb5341dd0b4db738694d4eb9d18ddf4bd057e18f665c0f1a
2789f68163f600c0f7e91f859ca0ef98100786ae15e98839448713e3941d0bca
288960b7f569d9400fcee66853782b5c32613018935c0571e411237ba32b861f
28aa95a989d5e46ee060bb0d443fcd699d31db7320673379fad857f77fc776a8
29324a862ffba034fcc79da865e521ad3cb4bdfaf4acec27fd0c3d917fd960da
2989e0b9e836cb9de3274d641ec6a58c2052f039e790ddd59b22303930bfdeeb
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
32724c08701fcb0bb65c489c06718dca25268bc15b53bf0df19f89fbf8dd2676
338de273f529e717971d06587c95a880c0c4240b0cd24e79e14ac07a9522cd1d
37533822750ebd172bd73e5d8df4e9bd685d75b770d0af06f03e1bbbe9b3ae5c
3a911565c50d12c7eddff1a62d2a410dbf4199e642d74628966126a9d9faaaec
3b1ae6cec7f06d999f0695e08022868275f74821104092579bc1a848db0f34de
3bb51227d2ff534e4834ff3137f722a77dc2a8a9c6f1fda503116c0d7f9f7b47
3c905981a0c3eb45cb3aa610f847bc3fc70a126acff5fc79c9d4d78dea3ee7ce
3e10b7ee8ea3952cb3da15f41abe49fb69db8a01cc191179591c4c250d3d3391
3f9c38934fc41ee2a85f1a6e1ad59e96f7f1e73b9b4e653394708715d5ab32c5
41ce2509fa9959868717986010e16b6334885fd46bc64d0d3c745a73ed3c41e4
4309fe7b036687b04b69f76218298f708159f674dad07c0581099035f5ca8050
4604fb3649c76594567706713285dd8be0c3538a2c3b0edfd49d74c9f5147972
47ae8f0c316caf1b0820b3fc47281e73ee11896b90cd172022965474bb5eaa21
4a7ee62eb33f3bbb66c2151e5cac6bf4904e28302efc36128f3e3ccae6fde580
4aecb207b56cac3dfc7a264fdf05de9a1322885f1daa182167eab999570e384a
4b44d35a36bd7d65aa676b68fd395ac3270f29037418c6c818ce2eb5dd0ea78d
4b8b06e8edfab1dd4475c13ee021e4f582b075677a9018e2f0ba56cc3fc2f0b6
4b9a7bdede208dc634debc53edee3ab4c7412e97063bd350c4726fb7625b532f
52adbaf8b7004e3e0ef2b06be5492748eeef0bdfbc2d91b4aa3aa7ddd7028703
552816c0181f22f4dc11728b99d077587e09299d57ecc9539a95233ba59d2b51
55d372262d6c1aca75034d99cb49419689270ff74765adf77ed15ded9ece52fe
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c3c9df8b8f0a80f863c53dec5cbca7dedbdcc7697c6c6359520950774653960
5ddb2729aaae248b99bc553da916346ac6a8d144b7b1afde0ddcdf0eeda1589c
5e13437dee929c20638ff3b3be2c584b73ecdf3188cdaa5215a498b855240789
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
60e04dcb9483e44801771aab65df07bfa3fabbaf9a4386fd05f568d0e4d8710d
641f4e0a0380efe7b30ff0cd45dc2d02edeeb1988f3a96fddee0eca86d288164
661ecc75f2bc78cea2b6407201598bcac2c92c852aa77131c55254557c68e53c
67f565f25c1bb8ae629cfca60c71766232073a0c905e0387e45895657b4ae3e7
6b52123640de6d13a94ebf0b28b2621535de362b536e775e84ac17362153293d
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
6cd0d6897b3d4779f7d88ce72531f22fbf75851b195fb14e6f3f23d051b3d1e9
6d351cb9b4cba836f7ab1512f309a479009964a4c5a56a0a5ae2695bb7b76ca6
6d7c73e67cbb5215d633ce9ad65f0c0377004621fce62982568024178ac4b589
6e26b189979d8e8a3130d629c20a29b827d9efb6d74061f962c5584c600263bd
6e6e6a03e72a528c28884b50bf296425667f38dd0aaf1dd17ce89199ffc85271
6f497512d1947b96e7f727d8bc1f357add3d996085532b6b809fd1f46a5926fb
6fdfb97b7fe44ab4013707e8e7aae1f88da2fb7ad090a460b1be6130d937724a
71008cf308a9bb2a3a3ddaa973f816c0d3a11db5cc9e7bdd5498089423019b3e
71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba
72331d11d428c3ee2a07f27f50de5d46ee2dfed73a188788110271edce7972ff
730865a3662dc048745e9d47ba1204827d6de6602367aeedaf425c49c1827cc4
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
73e2e5173ed0d5a77b02914fa0ef1f67bb53143da75f0348f558f95565220ca1
744d368a676dabf6be331840fdf74176a9ad7a784bf3920e3f640c9ed89fc43c
785c1179e9138a30fccbcd502d81ad2920049a12fd3d83fae433052e9be4c62f
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9
8022e9b8ff20c746eb0f1c29881c77b72e6a190a9fa7dbef7d3106ee473e60ea
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87a4d24f8fb09eae43f4e07568e22c9f714ad5a86296516dd3721d7328922d71
88453621e7720bf12afcf1abb01eec2dfd56cc8de16ed8b85937e90a1b1fc9b2
88c7b96dcdb3c0c4d52f8dcfdc11b012497f5f4d2c31bcdd9ac429050d60c4a1
897ebbdf379aeb2c751275f083d298f15b094902c6bd6a66405ffb0604c64124
8ceba365f48b90d9f44b80d2323be5ed8cb3d6bc9a8601c2b555523aa84f8878
916ab7aaacbc74895f204db9d9566e94a3cae718e01df6c3d8cc1e4c7e41426d
92bd24374fb205c765a133d522acb2772693d2ccd486b7855e2447918de296a1
92c8a3c1c84ff1c97503a7a63b3ff3a6d44af33b9d55f8cd278ee3dfe40e0565
970fb3515835fc779193ba0f88531ff29972b3c9cd76aba2fb1222fb97beeab6
9cd2692027789757f2b1868176e63fed7cf61ef9ee49f59f5890b1c41ad0156e
9e0156dd49c03744e79bbea60eebbbb94b5811c1b71b91f5fb38a8270dedfbaf
a3f2c1ed3b6c5c8668af3066dc10e5aca023ab0b63c05be2cd42241f18dd9572
a48dea362116d7516a2cf97066a32758d353760ee02dbf900ddff86b02a16473
a5be724742b18d242a2532bded133564f8d8327b2ff622c4073f8a213cc67b16
a69c0037019e6c8cec8652c2988389ce96a23dc737425822309d7e8eb9a17341
aa4b003bb85142c7ff8d4fa84ba07f5a8c070cd2a504af3d406731884bd44fec
ab93e62292fdfe62091f56da4dc29d0be525f23d098219d92d164bcd41b426ac
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
af71cb6decf2066c163b45f4b8b5283f9fa4043a5de26bcea4b11597afa4e090
b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804
b5641645c15c48b3ff5ce52e718563e1d04d18492e552eb126862768327e2855
b763b49b4a8f7afccef98cc8a40f450a31d6c69150d30acb3438d81331222d41
b7939e67e521a72f9344e54fe85a3edff247ac537235f178a522ae836dbf6820
ba4dd4b5f97a58ad068d743dfdf7865ba3d7e4bff24379ca93ca634008c90a3e
baa8cb02e0fce843c48ebfb75a646e4f84364e54a62fc308f1d112d98896e32b
be28a35c24df4d07890eb60a8dc916d76b648a012b33439a11df136d5b6bb3f6
c2a282dd6dac10a3fbf469b4e67f489608777854e6d157bf11233dfbaa16851e
c4a56c561bd003b2bfa260025204e2d68174e30f78a7d17556f892f1844c43f3
c87e155f6dd4a48a9c96082e28afe41af493426dcfa72f2bb64a9d48d750e5e5
c9583ce91f61e5d79c64e30b548bf546eb76a2b9f04a4f21831d8033dc275acc
c9b46437d7418e1712daaad6d73fa17c2c6afb5681770c90339c25428415b7fd
cb141079dc8a7d193c67b7cbc71e283ecded63f65db850b61f8652341a92c77e
cda985523c372cef46674a191a25e985efb7639934d701b2f50f341a7326dfa7
ce04afdc3d195c9c5b1f7ab1a0c639f027a366ea68f673666b0b0add1d376dae
ce8edccdc98a1f67c6d81ce452ac32192a9fc0c7a2828ea2dc6747c291cb5919
ceaa8c47e55f50794d42966a696f0f35149ffd1560c46eecbca911d6b48d9371
cf6787a72f1d1013b60c768f8e6db80fd19249cdea059b86253980177ee1a0c9
d4cfd8082109b47b94a9af2888657a68860315ad99736d4c9b0c49fb0152b68b
d5c3c62c85d8821b972073ed49d7ede0cfac1a7d45d10781c23dae935ae69f49
d882dbd828af87ed3434862bf608a2dee6d347817ae547421c9b2051ce29a905
d8e1bb6afaee4a9709470e6bc6712a4288aab63eff4a430e75935d0095648bb6
d933f8f840eef52daff68a857d0fcb1ad642c4a199745aba857db18b6431c977
da1b60970149580c709bbc357622d24e7029d658e852e74ef1d861ffb22ad219
dc0b32d7b2d078ebd0390050a25e4a9bcf32f1af1f2f6fa1555170c28d07fb84
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3
dd1617feba063690e3bf1621308e1af67c6cabcdb2602e5a1df3a14b02b94d05
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e1549773d59ab2805e4db4ea0475b33a0e0295702d0f15c12107fc60e2caa99a
e36eaa6e7cebbd4138dfb008ee3d53ab8195f45953b0f4f27d0d8156ab059021
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e974e19c37b11b3654efd796984f37cb1d6548dc18efe71d0e38839fffc6bd6c
ea33b0ef01fbc24a9f2a3f6c858425fe2a19712e029eae43641ac3bfbc59c0e3
ea8db732b0c05833c674be800e81bf8dc72919a00feafde206c1f6001d1c6bcf
eb43b657e2bb320b9ef4581e4c7167c3f93a1a19b00fea14f4395deff2d82fa7
ee3bf73c6c9ad57355c0ea3d028c8578295c733d1386e9a884f12ee3fa87f0c2
ee63601efc0a127a6eadcd9062a0e1622fcb1c705ab8b6499519148f8474fc39
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef5778f747401ce5abeaa4accff79fa721b062dd375572c06e185e9f49130746
f2a2056b7a1c989899886a9b194e93912b7d11767239e956de73d5c2ea237b32
f3a7ddd6363de195ad182e5e26cdc0addd8ad09e6deba53fcd22831f9cb28803
f641a694d9ed21d05acc0245f2e17d0d249313485e1cbc53587eec1d129f02ca
f6ea484d6d98cf40416aa534105ecefa98b468463f86f63321d4ff473f266ebe
f770bc714b92d45af98259cc48f5b8033e6993147da9c35b70e7b845d379df25
f8d00356859998784bda26e1d14f2d981515921b96ded50d5d6f6f0e75bac15c
fb2f94d7ac787b539fe4f82203f813ff614d7434cca5c2ccb5fa12ae01aa1174
fb61a62c56ef2a0d94bfa23bee794c03e807a36b0bd32b09deb5f35b80269eac
fdab6db4a2db88cc9799961049391621ff500a38e34763b8f7369062b5e48cbf
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c
fe5f91e8750420e8c460358e4ddf588f781c252c2426741e59132f238d6e6203
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

www.guardicore.com Open in urlscan Pro 35.235.124.140 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

252 Requests

100 %HTTPS

57 %IPv6

29 Domains

37 Subdomains

34 IPs

4 Countries

4927 kBTransfer

15608 kBSize

16 Cookies

15 Outgoing links

Page URL History

Redirected requests

252 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.guardicore.com Open in urlscan Pro
35.235.124.140 Public Scan

Screenshot
Live screenshot

Full Image

252
Requests

100 %
HTTPS

57 %
IPv6

29
Domains

37
Subdomains

34
IPs

4
Countries

4927 kB
Transfer

15608 kB
Size

16
Cookies

252 HTTP transactions
0 data transactions