www.welivesecurity.com
Open in
urlscan Pro
2a02:26f0:2780:6::214:f586
Public Scan
URL:
https://www.welivesecurity.com/en/eset-research/romcom-exploits-firefox-and-windows-zero-days-in-the-wild/
Submission: On November 27 via api from IN — Scanned from NL
Submission: On November 27 via api from IN — Scanned from NL
Summary
This website contacted 10 IPs
in 3 countries
across 7 domains to perform 58 HTTP transactions.
The main IP is 2a02:26f0:2780:6::214:f586, located in
Netherlands and
belongs to AKAMAI-ASN1 Akamai International B.V., NL.
The main domain is www.welivesecurity.com.
The Cisco Umbrella rank of the primary domain is 449554.
TLS certificate: Issued by Thawte TLS RSA CA G1 on January 19th 2024. Valid for: a year.
This is the only time www.welivesecurity.com was scanned on urlscan.io!
TLS certificate: Issued by Thawte TLS RSA CA G1 on January 19th 2024. Valid for: a year.
This is the only time www.welivesecurity.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 20 | 2a02:26f0:278... 2a02:26f0:2780:6::214:f586 | 20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.) | |
| 25 | 2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c | 15133 (EDGECAST) (EDGECAST) | |
| 1 | 199.232.192.134 199.232.192.134 | 54113 (FASTLY) (FASTLY) | |
| 2 | 2a00:1450:400... 2a00:1450:4001:830::2008 | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 151.101.0.134 151.101.0.134 | 54113 (FASTLY) (FASTLY) | |
| 2 | 199.232.196.134 199.232.196.134 | 54113 (FASTLY) (FASTLY) | |
| 2 | 2620:1ec:bdf::45 2620:1ec:bdf::45 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 1 | 2001:4860:480... 2001:4860:4802:34::36 | 15169 (GOOGLE) (GOOGLE) | |
| 2 | 2600:9000:205... 2600:9000:2057:4400:6:8656:f5c0:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
| 58 | 10 |
20
2a02:26f0:2780:6::214:f586
(Netherlands)
ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
| www.welivesecurity.com |
25
2606:2800:233:1cb7:261b:1f9c:2074:3c
(United States)
ASN15133 (EDGECAST, US)
ASN15133 (EDGECAST, US)
| web-assets.esetstatic.com |
2
2a00:1450:4001:830::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 27 |
esetstatic.com
web-assets.esetstatic.com cdn.esetstatic.com — Cisco Umbrella Rank: 763108 |
2 MB |
| 20 |
welivesecurity.com
www.welivesecurity.com — Cisco Umbrella Rank: 449554 |
2 MB |
| 4 |
disqus.com
welivesecurity.disqus.com disqus.com — Cisco Umbrella Rank: 1315 referrer.disqus.com — Cisco Umbrella Rank: 9536 |
27 KB |
| 2 |
disquscdn.com
c.disquscdn.com — Cisco Umbrella Rank: 6938 |
839 B |
| 2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39 |
239 KB |
| 1 |
google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3353 |
|
| 0 |
go-mpulse.net
Failed
s.go-mpulse.net Failed |
|
| 58 | 7 |
| Domain | Requested by | |
|---|---|---|
| 25 | web-assets.esetstatic.com |
www.welivesecurity.com
|
| 20 | www.welivesecurity.com |
www.welivesecurity.com
|
| 2 | c.disquscdn.com |
welivesecurity.disqus.com
|
| 2 | cdn.esetstatic.com |
www.googletagmanager.com
|
| 2 | referrer.disqus.com |
www.welivesecurity.com
|
| 2 | www.googletagmanager.com |
www.welivesecurity.com
www.googletagmanager.com |
| 1 | region1.google-analytics.com |
www.googletagmanager.com
|
| 1 | disqus.com |
welivesecurity.disqus.com
|
| 1 | welivesecurity.disqus.com |
www.welivesecurity.com
|
| 0 | s.go-mpulse.net Failed |
www.welivesecurity.com
|
| 58 | 10 |
This site contains links to these domains. Also see Links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| www.welivesecurity.com Thawte TLS RSA CA G1 |
2024-01-19 - 2025-01-18 |
a year | crt.sh |
| web-assets.esetstatic.com Thawte TLS RSA CA G1 |
2024-05-22 - 2025-05-21 |
a year | crt.sh |
| *.disqus.com Sectigo RSA Domain Validation Secure Server CA |
2024-04-16 - 2025-04-16 |
a year | crt.sh |
| *.google-analytics.com WR2 |
2024-10-21 - 2025-01-13 |
3 months | crt.sh |
| cdn.esetstatic.com Thawte TLS RSA CA G1 |
2024-10-22 - 2025-10-21 |
a year | crt.sh |
| a.disquscdn.com Amazon RSA 2048 M02 |
2024-07-30 - 2025-08-27 |
a year | crt.sh |
This page contains 7 frames:
Primary Page:
https://www.welivesecurity.com/en/eset-research/romcom-exploits-firefox-and-windows-zero-days-in-the-wild/
Frame ID: E6B4F9DB86B82366C9D9705519F72B1B
Requests: 55 HTTP requests in this frame
Frame:
https://s.go-mpulse.net/boomerang/7R9SM-QGSYF-QDLJK-UETXR-SPM6B
Frame ID: 6FE7328FE0739D42DC1D3C1836F36E36
Requests: 1 HTTP requests in this frame
Frame:
https://disqus.com/embed/comments/?base=default&f=welivesecurity&t_i=RomCom%20exploits%20Firefox%20and%20Windows%20zero%20days%20in%20the%20wild&t_u=https%3A%2F%2Fwww.welivesecurity.com%2Fen%2Feset-research%2Fromcom-exploits-firefox-and-windows-zero-days-in-the-wild%2F&t_e=30935&t_d=RomCom%20exploits%20Firefox%20and%20Windows%20zero%20days%20in%20the%20wild&t_t=30935&s_o=default&l=en
Frame ID: 153BA1EEF31EF15B52EA366177868D26
Requests: 1 HTTP requests in this frame
Frame:
data://truncated
Frame ID: F89004F9ED26340CDFF99B4A4F65700A
Requests: 3 HTTP requests in this frame
Frame:
data://truncated
Frame ID: 5E225479AD20C0FB4A421C94AB109F32
Requests: 3 HTTP requests in this frame
Frame:
https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css
Frame ID: E63002D77D604055B39460D8C0618F68
Requests: 1 HTTP requests in this frame
Frame:
https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css
Frame ID: 0AF37F602907C45F74FA1046A7D40B97
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
RomCom exploits Firefox and Windows zero days in the wildDetected technologies
Vue.js
(JavaScript Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <[^>]+\sdata-v(?:ue)?-
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googletagmanager\.com/ns\.html[^>]+></iframe>
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Page Statistics
79 Outgoing links
These are links going to different origins than the main page.
URL: https://nvd.nist.gov/vuln/detail/CVE-2023-36884
Title: CVE-2023-36884
Title: CVE-2023-36884
Search URL Search Domain Scan URL
URL: https://www.microsoft.com/en-us/security/blog/2023/07/11/storm-0978-attacks-reveal-financial-and-espionage-motives/
Title: June 2023
Title: June 2023
Search URL Search Domain Scan URL
URL: https://nvd.nist.gov/vuln/detail/CVE-2024-9680
Title: CVE-2024-9680
Title: CVE-2024-9680
Search URL Search Domain Scan URL
URL: https://nvd.nist.gov/vuln/detail/CVE-2024-49039
Title: CVE-2024-49039
Title: CVE-2024-49039
Search URL Search Domain Scan URL
URL: https://firefox-source-docs.mozilla.org/dom/ipc/process_model.html#content-process
Title: content process
Title: content process
Search URL Search Domain Scan URL
URL: https://github.com/monoxgas/sRDI/blob/master/ShellcodeRDI/ShellcodeRDI.c
Title: Shellcode Reflective DLL Injection
Title: Shellcode Reflective DLL Injection
Search URL Search Domain Scan URL
URL: https://cwe.mitre.org/data/definitions/416.html
Title: use-after-free
Title: use-after-free
Search URL Search Domain Scan URL
URL: https://developer.mozilla.org/en-US/docs/Web/HTML/Element/iframe
Title: iframe
Title: iframe
Search URL Search Domain Scan URL
URL: https://www.mozilla.org/en-US/security/advisories/mfsa2024-51/
Title: Security Advisory 2024-51
Title: Security Advisory 2024-51
Search URL Search Domain Scan URL
URL: https://blog.torproject.org/new-release-tor-browser-1357/
Title: release 13.5.7
Title: release 13.5.7
Search URL Search Domain Scan URL
URL: https://blog.torproject.org/new-release-tails-6-8-1/
Title: release 6.8.1
Title: release 6.8.1
Search URL Search Domain Scan URL
URL: https://www.mozilla.org/en-US/security/advisories/mfsa2024-52/
Title: Security Advisory 2024-52
Title: Security Advisory 2024-52
Search URL Search Domain Scan URL
URL: https://dimitrifourny.github.io/2024/11/14/firefox-animation-cve-2024-9680.html
Title: detailed analysis
Title: detailed analysis
Search URL Search Domain Scan URL
URL: https://www.w3schools.com/js/js_object_accessors.asp
Title: getter
Title: getter
Search URL Search Domain Scan URL
URL: https://en.wikipedia.org/wiki/Heap_spraying
Title: heap spraying
Title: heap spraying
Search URL Search Domain Scan URL
URL: https://developer.mozilla.org/en-US/docs/Web/API/Animation
Title: Animation
Title: Animation
Search URL Search Domain Scan URL
URL: https://developer.mozilla.org/en-US/docs/Web/API/AnimationTimeline
Title: AnimationTimeline
Title: AnimationTimeline
Search URL Search Domain Scan URL
URL: https://developer.mozilla.org/en-US/docs/Web/API/Animation/ready#value
Title: ready
Title: ready
Search URL Search Domain Scan URL
URL: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Promise
Title: Promise
Title: Promise
Search URL Search Domain Scan URL
URL: https://en.wikipedia.org/wiki/Heap_feng_shui
Title: heap feng shui
Title: heap feng shui
Search URL Search Domain Scan URL
URL: https://hg.mozilla.org/releases/mozilla-release/file/51b5f898b64a5839a0714c3251ccb6dc6131aa17/dom/animation/AnimationTimeline.cpp#l40
Title: Tick
Title: Tick
Search URL Search Domain Scan URL
URL: https://hg.mozilla.org/releases/mozilla-release/file/51b5f898b64a5839a0714c3251ccb6dc6131aa17/dom/animation/Animation.cpp#l931
Title: Tick
Title: Tick
Search URL Search Domain Scan URL
URL: https://developer.mozilla.org/en-US/docs/Web/API/ImageData
Title: ImageData
Title: ImageData
Search URL Search Domain Scan URL
URL: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/ArrayBuffer
Title: ArrayBuffer
Title: ArrayBuffer
Search URL Search Domain Scan URL
URL: https://www.sentinelone.com/labs/firefox-jit-use-after-frees-exploiting-cve-2020-26950/#addofp
Title: blogpost
Title: blogpost
Search URL Search Domain Scan URL
URL: https://udn.realityripple.com/docs/Mozilla/Tech/XPCOM/Reference/Glue_classes/nsRefPtr
Title: RefPtr
Title: RefPtr
Search URL Search Domain Scan URL
URL: https://hg.mozilla.org/mozilla-central/rev/0ee07613d050
Title: diff
Title: diff
Search URL Search Domain Scan URL
URL: https://github.com/monoxgas/sRDI/blob/master/Native/Loader.cpp#L367
Title: https://github.com/monoxgas/sRDI/blob/master/Native/Loader.cpp#L367
Title: https://github.com/monoxgas/sRDI/blob/master/Native/Loader.cpp#L367
Search URL Search Domain Scan URL
URL: https://support.microsoft.com/en-us/topic/november-12-2024-kb5046612-os-build-14393-7515-b1748400-ba4a-444b-9051-96e3b41d8c5d
Title: KB5046612
Title: KB5046612
Search URL Search Domain Scan URL
URL: https://learn.microsoft.com/en-us/windows/win32/api/rpcndr/nf-rpcndr-ndrclientcall2
Title: NdrClientCall2
Title: NdrClientCall2
Search URL Search Domain Scan URL
URL: https://learn.microsoft.com/en-us/windows/win32/api/rpcndr/ns-rpcndr-midl_stub_desc
Title: MIDL_STUB_DESC
Title: MIDL_STUB_DESC
Search URL Search Domain Scan URL
URL: https://github.com/silverf0x/RpcView
Title: RpcView
Title: RpcView
Search URL Search Domain Scan URL
URL: https://learn.microsoft.com/en-us/windows/win32/secauthz/security-descriptors
Title: security descriptor
Title: security descriptor
Search URL Search Domain Scan URL
URL: https://learn.microsoft.com/en-us/windows/win32/api/rpcdce/nf-rpcdce-rpcserverregisterif3
Title: RpcServerRegisterIf3
Title: RpcServerRegisterIf3
Search URL Search Domain Scan URL
URL: https://learn.microsoft.com/en-us/windows-hardware/drivers/kernel/sddl-for-device-objects
Title: Security Descriptor Definition Language
Title: Security Descriptor Definition Language
Search URL Search Domain Scan URL
URL: https://lolbas-project.github.io/lolbas/Binaries/Conhost/#execute
Title: hide the child process window
Title: hide the child process window
Search URL Search Domain Scan URL
URL: https://blog.mozilla.org/security/2024/10/11/behind-the-scenes-fixing-an-in-the-wild-firefox-exploit/
Title: blogpost
Title: blogpost
Search URL Search Domain Scan URL
URL: https://www.eset.com/int/business/services/threat-intelligence/?utm_source=welivesecurity.com&utm_medium=referral&utm_campaign=wls-research&utm_content=romcom-exploits-firefox-and-windows-zero-days-in-the-wild&sfdccampaignid=7011n0000017htTAAQ
Title: ESET Threat Intelligence
Title: ESET Threat Intelligence
Search URL Search Domain Scan URL
URL: https://github.com/eset/malware-ioc/tree/master/romcom
Title: our GitHub repository
Title: our GitHub repository
Search URL Search Domain Scan URL
URL: https://attack.mitre.org/resources/versions/
Title: version 16
Title: version 16
Search URL Search Domain Scan URL
URL: https://attack.mitre.org/versions/v16/techniques/T1583
Title: T1583
Title: T1583
Search URL Search Domain Scan URL
URL: https://attack.mitre.org/versions/v16/techniques/T1587/001
Title: T1587.001
Title: T1587.001
Search URL Search Domain Scan URL
URL: https://attack.mitre.org/versions/v16/techniques/T1587/004
Title: T1587.004
Title: T1587.004
Search URL Search Domain Scan URL
URL: https://attack.mitre.org/versions/v16/techniques/T1588/003
Title: T1588.003
Title: T1588.003
Search URL Search Domain Scan URL
URL: https://attack.mitre.org/versions/v16/techniques/T1588/005
Title: T1588.005
Title: T1588.005
Search URL Search Domain Scan URL
URL: https://attack.mitre.org/versions/v16/techniques/T1588/006
Title: T1588.006
Title: T1588.006
Search URL Search Domain Scan URL
URL: https://attack.mitre.org/versions/v16/techniques/T1608
Title: T1608
Title: T1608
Search URL Search Domain Scan URL
URL: https://attack.mitre.org/versions/v16/techniques/T1189
Title: T1189
Title: T1189
Search URL Search Domain Scan URL
URL: https://attack.mitre.org/versions/v16/techniques/T1053/005
Title: T1053.005
Title: T1053.005
Search URL Search Domain Scan URL
URL: https://attack.mitre.org/versions/v16/techniques/T1546/015
Title: T1546.015
Title: T1546.015
Search URL Search Domain Scan URL
URL: https://attack.mitre.org/versions/v16/techniques/T1068
Title: T1068
Title: T1068
Search URL Search Domain Scan URL
URL: https://attack.mitre.org/versions/v16/techniques/T1622
Title: T1622
Title: T1622
Search URL Search Domain Scan URL
URL: https://attack.mitre.org/versions/v16/techniques/T1480
Title: T1480
Title: T1480
Search URL Search Domain Scan URL
URL: https://attack.mitre.org/versions/v16/techniques/T1027/011
Title: T1027.011
Title: T1027.011
Search URL Search Domain Scan URL
URL: https://attack.mitre.org/versions/v16/techniques/T1553/002
Title: T1553.002
Title: T1553.002
Search URL Search Domain Scan URL
URL: https://attack.mitre.org/versions/v16/techniques/T1555/003
Title: T1555.003
Title: T1555.003
Search URL Search Domain Scan URL
URL: https://attack.mitre.org/versions/v16/techniques/T1552/001
Title: T1552.001
Title: T1552.001
Search URL Search Domain Scan URL
URL: https://attack.mitre.org/versions/v16/techniques/T1087
Title: T1087
Title: T1087
Search URL Search Domain Scan URL
URL: https://attack.mitre.org/versions/v16/techniques/T1518
Title: T1518
Title: T1518
Search URL Search Domain Scan URL
URL: https://attack.mitre.org/versions/v16/techniques/T1614
Title: T1614
Title: T1614
Search URL Search Domain Scan URL
URL: https://attack.mitre.org/versions/v16/techniques/T1021
Title: T1021
Title: T1021
Search URL Search Domain Scan URL
URL: https://attack.mitre.org/versions/v16/techniques/T1560
Title: T1560
Title: T1560
Search URL Search Domain Scan URL
URL: https://attack.mitre.org/versions/v16/techniques/T1185
Title: T1185
Title: T1185
Search URL Search Domain Scan URL
URL: https://attack.mitre.org/versions/v16/techniques/T1005
Title: T1005
Title: T1005
Search URL Search Domain Scan URL
URL: https://attack.mitre.org/versions/v16/techniques/T1114/001
Title: T1114.001
Title: T1114.001
Search URL Search Domain Scan URL
URL: https://attack.mitre.org/versions/v16/techniques/T1113
Title: T1113
Title: T1113
Search URL Search Domain Scan URL
URL: https://attack.mitre.org/versions/v16/techniques/T1071/001
Title: T1071.001
Title: T1071.001
Search URL Search Domain Scan URL
URL: https://attack.mitre.org/versions/v16/techniques/T1573/002
Title: T1573.002
Title: T1573.002
Search URL Search Domain Scan URL
URL: https://attack.mitre.org/versions/v16/techniques/T1041
Title: T1041
Title: T1041
Search URL Search Domain Scan URL
URL: https://attack.mitre.org/versions/v16/techniques/T1565
Title: T1565
Title: T1565
Search URL Search Domain Scan URL
URL: https://attack.mitre.org/versions/v16/techniques/T1657
Title: T1657
Title: T1657
Search URL Search Domain Scan URL
URL: https://www.facebook.com/sharer/sharer.php?u=https://www.welivesecurity.com/en/eset-research/romcom-exploits-firefox-and-windows-zero-days-in-the-wild/
Search URL Search Domain Scan URL
URL: https://www.linkedin.com/shareArticle?mini=true&url=https://www.welivesecurity.com/en/eset-research/romcom-exploits-firefox-and-windows-zero-days-in-the-wild/
Search URL Search Domain Scan URL
URL: https://twitter.com/intent/tweet?url=https://www.welivesecurity.com/en/eset-research/romcom-exploits-firefox-and-windows-zero-days-in-the-wild/
Search URL Search Domain Scan URL
URL: https://www.eset.com/?utm_source=welivesecurity.com&utm_medium=referral&utm_campaign=autotagging&utm_content=eset-research&utm_term=en
Title: ESET
Title: ESET
Search URL Search Domain Scan URL
URL: https://www.facebook.com/eset/
Search URL Search Domain Scan URL
URL: https://youtube.com/esetglobal
Search URL Search Domain Scan URL
URL: https://twitter.com/ESET
Search URL Search Domain Scan URL
URL: https://www.linkedin.com/company/eset
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
58 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
www.welivesecurity.com/en/eset-research/romcom-exploits-firefox-and-windows-zero-days-in-the-wild/ |
128 KB 32 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
FedraSansAltPro-BookLF-405f3258.woff
www.welivesecurity.com/build/assets/ |
163 KB 167 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
FedraSansAltPro-BoldLF-31f4bc72.woff
www.welivesecurity.com/build/assets/ |
162 KB 165 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
FedraSansAltPro-DemiLF-8885b886.woff
www.welivesecurity.com/build/assets/ |
164 KB 168 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
firefox-windows-zero-days-romcom.jpeg
web-assets.esetstatic.com/tn/-x425/wls/2024/11-2024/ |
98 KB 98 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
article-header-995fa639.js
www.welivesecurity.com/build/assets/ |
442 B 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
app-22f82615.css
www.welivesecurity.com/build/assets/ |
299 KB 48 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
damien-schaeffer.jpeg
web-assets.esetstatic.com/tn/-x45/wls/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
romain-dumont.jpeg
web-assets.esetstatic.com/tn/-x45/wls/ |
1 KB 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
firefox-windows-zero-days-romcom.jpeg
web-assets.esetstatic.com/tn/-x700/wls/2024/11-2024/ |
219 KB 220 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
figure-1.png
web-assets.esetstatic.com/wls/2024/11-2024/romcom-firefox-zero-day/ |
74 KB 74 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
figure-2.png
web-assets.esetstatic.com/wls/2024/11-2024/romcom-firefox-zero-day/ |
230 KB 231 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
figure-3.png
web-assets.esetstatic.com/wls/2024/11-2024/romcom-firefox-zero-day/ |
125 KB 125 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
figure-4.png
web-assets.esetstatic.com/wls/2024/11-2024/romcom-firefox-zero-day/ |
37 KB 37 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
figure-5.png
web-assets.esetstatic.com/wls/2024/11-2024/romcom-firefox-zero-day/ |
47 KB 48 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
figure-6.png
web-assets.esetstatic.com/wls/2024/11-2024/romcom-firefox-zero-day/ |
120 KB 120 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
figure-7.png
web-assets.esetstatic.com/wls/2024/11-2024/romcom-firefox-zero-day/ |
23 KB 23 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
figure-8.png
web-assets.esetstatic.com/wls/2024/11-2024/romcom-firefox-zero-day/ |
74 KB 74 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
figure-9.png
web-assets.esetstatic.com/wls/2024/11-2024/romcom-firefox-zero-day/ |
50 KB 50 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
figure-10.png
web-assets.esetstatic.com/wls/2024/11-2024/romcom-firefox-zero-day/ |
64 KB 64 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
figure-11.png
web-assets.esetstatic.com/wls/2024/11-2024/romcom-firefox-zero-day/ |
65 KB 65 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
figure-12.png
web-assets.esetstatic.com/wls/2024/11-2024/romcom-firefox-zero-day/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
figure-13.png
web-assets.esetstatic.com/wls/2024/11-2024/romcom-firefox-zero-day/ |
18 KB 19 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
figure-14.png
web-assets.esetstatic.com/wls/2024/11-2024/romcom-firefox-zero-day/ |
37 KB 37 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
figure-15.png
web-assets.esetstatic.com/wls/2024/11-2024/romcom-firefox-zero-day/ |
107 KB 107 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
figure-16.png
web-assets.esetstatic.com/wls/2024/11-2024/romcom-firefox-zero-day/ |
38 KB 38 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
figure-18.png
web-assets.esetstatic.com/wls/2024/11-2024/romcom-firefox-zero-day/ |
29 KB 30 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
welivesecurity-eset-threat-intelligence.jpeg
web-assets.esetstatic.com/wls/2023/2023-12/ |
72 KB 72 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
PowerPool_0Days.jpg
web-assets.esetstatic.com/tn/-x82/wls/2018/09/ |
4 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
0days-pdf.jpeg
web-assets.esetstatic.com/tn/-x82/wls/2018/05/ |
6 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
zero-3.jpg
web-assets.esetstatic.com/tn/-x82/wls/2019/07/ |
6 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
eset-apt-activity-report-q2-2024-q3-2024-d75a59c4.webp
www.welivesecurity.com/build/assets/ |
41 KB 43 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
app-7a4ecde0.js
www.welivesecurity.com/build/assets/ |
80 KB 26 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
search-7d9f58b7.js
www.welivesecurity.com/build/assets/ |
276 KB 101 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
_commonjsHelpers-042e6b4d.js
www.welivesecurity.com/build/assets/ |
725 B 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
prism-40494b65.css
www.welivesecurity.com/build/assets/ |
2 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
prism-40d1b0a4.js
www.welivesecurity.com/build/assets/ |
66 KB 26 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
article-e3625c4c.css
www.welivesecurity.com/build/assets/ |
23 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
article-98874652.js
www.welivesecurity.com/build/assets/ |
140 KB 45 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
table-wrapper-135558d1.js
www.welivesecurity.com/build/assets/ |
320 B 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
7R9SM-QGSYF-QDLJK-UETXR-SPM6B
s.go-mpulse.net/boomerang/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
embed.js
welivesecurity.disqus.com/ |
81 KB 26 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
7R9SM-QGSYF-QDLJK-UETXR-SPM6B
s.go-mpulse.net/boomerang/ Frame 6FE7 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gtm.js
www.googletagmanager.com/ |
373 KB 120 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
671 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
FedraSansAltPro-MediumLF-261e3ac5.woff
www.welivesecurity.com/build/assets/ |
166 KB 169 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
FedraSansAltPro-BookItalicLF-4cad214a.woff
www.welivesecurity.com/build/assets/ |
162 KB 165 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
FedraSansAltPro-LightLF-ec800a5b.woff
www.welivesecurity.com/build/assets/ |
159 KB 162 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Consolas-58a1668c.woff
www.welivesecurity.com/build/assets/ |
260 KB 263 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
disqus.com/embed/comments/ Frame 153B |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
event.gif
referrer.disqus.com/juggler/ |
43 B 339 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
event.gif
referrer.disqus.com/juggler/ |
43 B 339 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ Frame F890 |
3 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ Frame F890 |
5 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ Frame F890 |
155 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ Frame 5E22 |
3 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ Frame 5E22 |
5 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ Frame 5E22 |
155 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
app.min.js
cdn.esetstatic.com/cookie-consent/v3/ |
84 KB 32 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
355 KB 119 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
region1.google-analytics.com/g/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
app.min.css
cdn.esetstatic.com/cookie-consent/v3/ |
20 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
favicon.ico
www.welivesecurity.com/ |
1 KB 4 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
realtime.b23ff3c36dd0169627f8e54ca1621eca.css
c.disquscdn.com/next/embed/styles/ Frame E630 |
337 B 839 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
realtime.b23ff3c36dd0169627f8e54ca1621eca.css
c.disquscdn.com/next/embed/styles/ Frame 0AF3 |
337 B 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- s.go-mpulse.net
- URL
- https://s.go-mpulse.net/boomerang/7R9SM-QGSYF-QDLJK-UETXR-SPM6B
- Domain
- s.go-mpulse.net
- URL
- https://s.go-mpulse.net/boomerang/7R9SM-QGSYF-QDLJK-UETXR-SPM6B
Verdicts & Comments Add Verdict or Comment
30 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| $current_language object| BOOMR_mq string| BOOMR_API_key object| BOOMR number| BOOMR_lstart function| disqus_config object| dataLayer number| uidEvent object| __VUE_INSTANCE_SETTERS__ boolean| __VUE_I18N_FULL_INSTALL__ boolean| __VUE_I18N_LEGACY_API__ boolean| __VUE__ object| Prism object| DISQUS object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady string| myDomain object| links object| gaGlobal object| regeneratorRuntime object| $cookiebar number| BOOMR_onload2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .welivesecurity.com/ | Name: _ga Value: GA1.1.287769360.1732686765 |
|
| .welivesecurity.com/ | Name: _ga_FBY6B30C4M Value: GS1.1.1732686764.1.0.1732686765.0.0.0 |
5 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Content-Security-Policy | default-src 'none'; child-src https://disqus.com https://vars.hotjar.com; connect-src 'self' http://ad.doubleclick.net https://*.akamaihd.net https://*.akstat.io https://*.eset.com https://*.hotjar.com https://*.hotjar.io https://adservice.google.com https://captcha.welivesecurity.com https://cc.welivesecurity.com https://cdn.esetstatic.com https://cdn.linkedin.oribi.io https://in.hotjar.com https://px.ads.linkedin.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://trial-eum-clientnsv4-s.akamaihd.net https://trial-eum-clienttons-s.akamaihd.net https://vc.hotjar.io https://ws22.hotjar.com https://ws32.hotjar.com https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://www.opinionstage.com wss://*.hotjar.com wss://ws1.hotjar.com; font-src 'self' data: https://script.hotjar.com; form-action 'self' https://enjoy.eset.com; frame-ancestors 'self'; frame-src 'self' https://*.slideshare.net https://bid.g.doubleclick.net https://c.disquscdn.com https://disqus.com https://m.facebook.com https://open.spotify.com/ https://platform.twitter.com https://player.vimeo.com https://share.transistor.fm https://tpc.googlesyndication.com https://vars.hotjar.com https://www.buzzsprout.com https://www.facebook.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.podbean.com https://www.screencast.com https://www.slideshare.net https://www.youtube-nocookie.com https://www.youtube.com; img-src 'self' data: https://*.ads.linkedin.com https://*.esetstatic.com https://adservice.google.com https://analytics.twitter.com https://c.disquscdn.com https://captcha.welivesecurity.com https://connect.facebook.net https://googleads.g.doubleclick.net https://px.ads.linkedin.com https://referrer.disqus.com https://region1.google-analytics.com https://script.hotjar.com https://secure.eset.com https://syndication.twitter.com https://t.co https://twitter.com https://www.facebook.com https://www.google-analytics.com https://www.googletagmanager.com https://www.hotjar.com https://www.linkedin.com https://www.youtube.com; manifest-src 'self'; media-src 'self' https://web-assets.esetstatic.com; object-src 'self' https://content.screencast.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://a.disquscdn.com https://assets.esetstatic.com https://cdn.esetstatic.com https://connect.facebook.net https://embed.playbuzz.com https://googleads.g.doubleclick.net https://platform.twitter.com https://script.hotjar.com https://snap.licdn.com https://static.ads-twitter.com https://static.hotjar.com https://tpc.googlesyndication.com https://welivesecurity.disqus.com https://www.buzzsprout.com https://www.google-analytics.com https://www.googleadservices.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.youtube.com; style-src 'self' 'unsafe-inline' https://assets.esetstatic.com https://c.disquscdn.com https://cdn.esetstatic.com; worker-src 'self'; report-uri https://www-welivesecurity-com.api.cspconsole.com/v1/csp/report; report-to csp-endpoint; |
| Strict-Transport-Security | max-age=15724800 |
| X-Content-Type-Options | nosniff |
| X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
c.disquscdn.com
cdn.esetstatic.com
disqus.com
referrer.disqus.com
region1.google-analytics.com
s.go-mpulse.net
web-assets.esetstatic.com
welivesecurity.disqus.com
www.googletagmanager.com
www.welivesecurity.com
s.go-mpulse.net
151.101.0.134
199.232.192.134
199.232.196.134
2001:4860:4802:34::36
2600:9000:2057:4400:6:8656:f5c0:93a1
2606:2800:233:1cb7:261b:1f9c:2074:3c
2620:1ec:bdf::45
2a00:1450:4001:830::2008
2a02:26f0:2780:6::214:f586
04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747
054b1f45314c405f88ea8a751de572d5a7772859c0540153568f3791626e47fd
1158e961296af313a3fd25e0473a4c2a2cef62c92a960e02fde3885a27ed2e7d
128911ef435c0f01ae6d03f13582741c428f44a0aa95411952cdc39e7ea2b554
13d1a190e6a23400b5547645f6f047e82b37c0edbadc1bc65616e3bbe245c4e8
14b75f906762d5d50271e171d65d237b7c001cab295da34ef77120c8088bc544
1a995247efaf231683f675ce856e50e5b5d6b92f32de5fb6ccd3f9e2083fea08
1e89f784c3e9ab274916e2914975fd0cc3d26753b775c5b6612f60eadce8c6b6
2022ea97ebe9a696f86d93923a57c617a50c3bcb04fa6632712d205743fb756b
22f826157ad8eca3fb93f9360073c96b7fde99b4e3c4947b640f8677919c69f9
23a223c38b45904824f0a34625188bc89e8e3fbd95ee8e85d603713d177e179f
2528450017dfa57400ee0b800f706b0cdd436694d1930c70040d6a15e2362516
261e3ac5dbb4ba8069ecba539a13b971d2e147981f4573e993410d8bd6de0037
28f320d3140309f09153d9a196b49fd691a7f2cdbbcf6a68f84d7b1d6e632750
3015251c25c16c64f93abebdcd1f2af61bac039f223542de1868932de244c9cb
3082ead3f37130dcdc3d940a9d0da2e85250fc07acded75435468681041711bd
31f4bc726f2849a3c8f77f8432b635d2d4529a3ff80b669fc9e21b0ed1c81ea7
35b7ed1e4bfbc258ad836ca11403bb9bec55112beeae5aee8397d4391a210ee1
3ed115198f0c803d959f27d55c576fba275727d1754d7a86954e01c485aa237c
40494b653a0f9485c88432191eaace18e7dff8646f45114d6007fe19da129e34
405f32580b4440f0ddf2af9fcfd37fc9a863fde26b57b5623a9b188d61d47166
4120f4a0d3c0b333f4ec9c72a8e93594d1662ff7f5cfb15343cd1b4d4f53432b
4cad214a2eeb48599ea314d32d2685f6554fe548be21add2f606db059530506e
4d336dea7e4718cc74f89405fce95c4efc3de76b7a91cef78f903eededbd6b13
58a1668cd118c21300e88b973c712f2dbc95a8cae66ee0f92f45c976db327dcf
5bcc1c2562394410d0af32a3b0314c70b4f71e470f8162da48eb714a71e34675
606ea62b1a8a1e2b24b9e0eafef0757cea22f73f3956d6548611f7c26c4551b5
644fbb688b94c602990a4988d379d439a5151ea782e06496cb6347cbbb64e49d
6572478fbf8e29ee8109a22286fd9f82330fae739c518b58d5f37df25e17ea37
65ff1ff388ffcf377831a7d522781f280ed33725a4dc77be648bd34b81f0d968
6758ce1e52006273b0a69fe73c9ae2f3aa4468a212256fe3b5212d6a86c13f39
7808605ddd1f0eaa454aa444293d2f0260943e51e53838fca46506e6a69fe521
863e71a3e7db529edbd1a5c855554f2f0db6aaf45d6875f7dbdc190d3f0b18a0
8885b88667beb8538140ecc550853e59d12e85fbd73dd70d4487b6cc757d8a2b
8b67a0820b92ad626dd7204b203736274c68fa2cb1a107077d571e60f6dedf96
8d52b212d0bfa14afd4ea3e671b76b9a3558d2553d43f984691baaa96312c58b
956f61e41e263b6074a58cbcb2eb181014e8c8e277388ebd98cc0d59921577f4
9801a8f4ea755c5c62a49fd9f9692746321f3f6bcdc0e3bed555cce4a7bad924
a7def1fa0223f6d52a8d16be0dfde290883e9e2aa7911d0bfd46141eae8beabe
afc3e346900d10e57e3a6cb5711b22657afde3f39e6a8256c7b2cfd9af0091cc
b119a81f8856b3268204e015051f2949116a82e7aa931ecf1778ba3b6b26a927
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
cb9fde39a114d78f16f57e52d1d9d73338adaa0493ff7726cfb0d67b7d15eddd
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d75a59c42bbb51ae80c641e02dd5c5986398825d130e81681638e2d689d8e536
d89a07786bcc2f4ef706841be00a440803449762b59a06e3330561876b3e4b18
db190a7b15903aaa80cb7d59d3a7a295818bcbeb0a17c8511817bc3e3d49cc4e
e1d94b925fb713d0a3a2d8528c9e3e4ac87d6e10ff0103d3d437ec58041b3c99
e1dff8ed16093991fa6c2b2bb97094a50e8ab172eda52cf1a1bfd250f6f27ba7
e3625c4c1b10a8e8b5fb271f45549d6d68e0a9c462062fc927709ea7ab285ca5
e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2
ea47c530b1c079e1d948384ec32a6f0784f15059442f49c89f48a752c3ff6d5a
ec800a5bcb2d4e57adcc0c7ec3d69427ac3e392d4a0302891dd76fb80ffd0bfd
ed915d2176566b841f0e01e7632ce7a20b023cbcb4f5976a6015284fccd8a865
eebeab159f658bdeacd97302cab8585bb8a5f9b6a2c492e2047766d78091365c
f10ef60fb36a67de15befc15d70911ffa5be3ffb7beea616f965194b5aea36b7