blog.cymulate.com Open in urlscan Pro
199.60.103.30 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.co/mq0rMBQDJ2?amp=1
Effective URL:
https://blog.cymulate.com/abusing-microsoft-office-online-video
Submission: On February 06 via manual (February 6th 2021, 3:04:49 pm UTC) from US

Summary HTTP 118 Redirects Links 65 Behaviour Indicators

Summary

This website contacted 42 IPs in 7 countries across 28 domains to perform 118 HTTP transactions. The main IP is 199.60.103.30, located in Canada and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is blog.cymulate.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 2nd 2020. Valid for: a year.

This is the only time blog.cymulate.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
35	199.60.103.30 199.60.103.30	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba20	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
9	2606:4700::68... 2606:4700::6811:f2cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 7	151.101.113.181 151.101.113.181	54113 (FASTLY) (FASTLY)
2	93.184.221.26 93.184.221.26	15133 (EDGECAST) (EDGECAST)
11	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:7d2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
1	72.247.179.145 72.247.179.145	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:28c::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	13.225.78.69 13.225.78.69	16509 (AMAZON-02) (AMAZON-02)
4	2a03:2880:f04... 2a03:2880:f045:10:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6811:d2cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2013	15169 (GOOGLE) (GOOGLE)
1 2	2a05:f500:11:... 2a05:f500:11:101::b93f:9005	14413 (LINKEDIN) (LINKEDIN)
1 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.126.37.25 104.126.37.25	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	13.224.194.79 13.224.194.79	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f14... 2a03:2880:f145:82:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:71b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:47b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:14bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:e9cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	13.224.194.11 13.224.194.11	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	18.203.1.140 18.203.1.140	16509 (AMAZON-02) (AMAZON-02)
2	143.204.215.125 143.204.215.125	16509 (AMAZON-02) (AMAZON-02)
4	54.158.202.0 54.158.202.0	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
118	42

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 199.60.103.30 (Canada)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

blog.cymulate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
l.cymulate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba20 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

platform.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6811:f2cc (United States)

ASN13335 (CLOUDFLARENET, US)

cdn2.hubspot.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.113.181 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

play.vidyard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 93.184.221.26 (London, United Kingdom)

ASN15133 (EDGECAST, US)

cdn.vidyard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

no-cache.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:7d2 (United States)

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.247.179.145 (Netherlands)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a72-247-179-145.deploy.static.akamaitechnologies.com

cdn.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:28c::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.69 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-69.fra2.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f045:10:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d2cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.influ2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.influ2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:11:101::b93f:9005 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.126.37.25 (United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-37-25.deploy.static.akamaitechnologies.com

secure.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.194.79 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-79.fra2.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f145:82:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:71b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:47b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:14bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e9cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.194.11 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-11.fra2.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.203.1.140 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-1-140.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.215.125 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-125.fra53.r.cloudfront.net

assets.trendemon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.158.202.0 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-158-202-0.compute-1.amazonaws.com

trackingapi.trendemon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	cymulate.com blog.cymulate.com l.cymulate.com	2 MB
12	hubspot.com no-cache.hubspot.com app.hubspot.com track.hubspot.com forms.hubspot.com	13 KB
9	vidyard.com 2 redirects play.vidyard.com cdn.vidyard.com	73 KB
9	hubspot.net cdn2.hubspot.net	122 KB
6	trendemon.com assets.trendemon.com trackingapi.trendemon.com	50 KB
6	linkedin.com 2 redirects platform.linkedin.com px.ads.linkedin.com www.linkedin.com	60 KB
5	cloudflare.com cdnjs.cloudflare.com	110 KB
4	facebook.net connect.facebook.net	153 KB
4	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com in.hotjar.com	61 KB
3	google.de www.google.de	704 B
3	google.com www.google.com	476 B
3	doubleclick.net googleads.g.doubleclick.net	4 KB
3	influ2.com www.influ2.com t.influ2.com	4 KB
2	twitter.com platform.twitter.com	29 KB
2	facebook.com www.facebook.com	407 B
2	livechatinc.com cdn.livechatinc.com secure.livechatinc.com	25 KB
2	googletagmanager.com www.googletagmanager.com	88 KB
1	hsleadflows.net js.hsleadflows.net	77 KB
1	hs-banner.com js.hs-banner.com	14 KB
1	hs-analytics.net js.hs-analytics.net	19 KB
1	hsadspixel.net js.hsadspixel.net	3 KB
1	hs-scripts.com js.hs-scripts.com	968 B
1	licdn.com snap.licdn.com	2 KB
1	googleadservices.com www.googleadservices.com	13 KB
1	gstatic.com fonts.gstatic.com	9 KB
1	googleapis.com fonts.googleapis.com	995 B
1	hsappstatic.net static.hsappstatic.net	21 KB
1	t.co t.co	511 B
118	28

	Domain	Requested by
34	blog.cymulate.com	t.co blog.cymulate.com
9	cdn2.hubspot.net	blog.cymulate.com
7	track.hubspot.com
7	play.vidyard.com	2 redirects static.hsappstatic.net
5	cdnjs.cloudflare.com	blog.cymulate.com cdnjs.cloudflare.com
4	trackingapi.trendemon.com	assets.trendemon.com
4	connect.facebook.net	t.co connect.facebook.net blog.cymulate.com
3	www.google.de	blog.cymulate.com
3	www.google.com	blog.cymulate.com
3	googleads.g.doubleclick.net	www.googleadservices.com
3	www.linkedin.com	1 redirects platform.linkedin.com
3	no-cache.hubspot.com	blog.cymulate.com
2	assets.trendemon.com	t.co assets.trendemon.com
2	t.influ2.com	www.influ2.com blog.cymulate.com
2	platform.twitter.com	blog.cymulate.com platform.twitter.com
2	www.facebook.com	blog.cymulate.com
2	px.ads.linkedin.com	1 redirects blog.cymulate.com
2	www.googletagmanager.com	blog.cymulate.com www.googletagmanager.com
2	cdn.vidyard.com	blog.cymulate.com
1	l.cymulate.com
1	forms.hubspot.com	js.hsleadflows.net
1	in.hotjar.com	script.hotjar.com
1	vars.hotjar.com	static.hotjar.com
1	app.hubspot.com	blog.cymulate.com
1	js.hsleadflows.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	script.hotjar.com	static.hotjar.com
1	secure.livechatinc.com	cdn.livechatinc.com
1	www.influ2.com	www.googletagmanager.com
1	js.hs-scripts.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	blog.cymulate.com
1	cdn.livechatinc.com	blog.cymulate.com
1	static.hsappstatic.net	blog.cymulate.com
1	platform.linkedin.com	blog.cymulate.com
1	t.co
118	41

This site contains links to these domains. Also see Links.

Domain
cymulate.com
app.cymulate.com
www.facebook.com
twitter.com
www.linkedin.com
www.businesswire.com
msdn.microsoft.com
www.trendmicro.com
www.youtube.com

Subject Issuer	Validity	Valid
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-01-12` - `2022-01-11`	a year	crt.sh
blog.cymulate.com Cloudflare Inc ECC CA-3	`2020-07-02` - `2021-07-02`	a year	crt.sh
platform.linkedin.com DigiCert SHA2 Secure Server CA	`2020-07-03` - `2022-07-08`	2 years	crt.sh
hubspot.net Cloudflare Inc ECC CA-3	`2020-07-03` - `2021-07-03`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
*.vidyard.com DigiCert SHA2 Secure Server CA	`2020-04-08` - `2022-07-01`	2 years	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2020-07-27` - `2021-07-27`	a year	crt.sh
hsappstatic.net Cloudflare Inc ECC CA-3	`2020-07-05` - `2021-07-05`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
livechat.com DigiCert Secure Site ECC CA-1	`2020-07-16` - `2021-07-16`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-12-22` - `2021-03-21`	3 months	crt.sh
www.influ2.com GTS CA 1D2	`2021-01-10` - `2021-04-10`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-01-06` - `2021-07-05`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2020-10-02` - `2021-04-02`	6 months	crt.sh
t.influ2.com GTS CA 1D2	`2020-12-18` - `2021-03-18`	3 months	crt.sh
p.ssl.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-02-03` - `2022-02-08`	a year	crt.sh
*.trendemon.com SSL.com RSA SSL subCA	`2019-03-29` - `2021-06-26`	2 years	crt.sh
l.cymulate.com Cloudflare Inc ECC CA-3	`2020-07-02` - `2021-07-02`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://blog.cymulate.com/abusing-microsoft-office-online-video
Frame ID: 62C2B347A2B8F0014A8040ABF1B58BB4
Requests: 113 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 80EB3E9F553F72C810CBB9D7488E9207
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html?origin=https%3A%2F%2Fblog.cymulate.com
Frame ID: E1F54EAE17B890E84C97C3E1901E5C91
Requests: 1 HTTP requests in this frame

Frame: https://www.linkedin.com/pages-extensions/FollowCompany?id=10868396&counter=bottom&xdOrigin=https%3A%2F%2Fblog.cymulate.com&xdChannel=2019a45a-5709-4964-b04a-552c26ceba78&xd_origin_host=https%3A%2F%2Fblog.cymulate.com
Frame ID: FBC9367992065A613110C1AB9C0BF2A9
Requests: 1 HTTP requests in this frame

Frame: https://www.linkedin.com/pages-extensions/FollowCompany?id=10868396&counter=bottom&xdOrigin=https%3A%2F%2Fblog.cymulate.com&xdChannel=2019a45a-5709-4964-b04a-552c26ceba78&xd_origin_host=https%3A%2F%2Fblog.cymulate.com
Frame ID: 4D253A473AF292765DB89AB702BD3C02
Requests: 1 HTTP requests in this frame

Frame: https://play.vidyard.com/oEeGKEsoqd995kKu6vS7RG?disable_popouts=1&v=4.2.27&viral_sharing=0&embed_button=0&hide_playlist=1&color=FFFFFF&playlist_color=FFFFFF&play_button_color=2A2A2A&gdpr_enabled=1&type=inline&autoplay=0&loop=0&muted=0&hidden_controls=0&pomo=2&vydata%5Butk%5D=e865f67f72c2a58d7a903e7594374def&vydata%5Bportal_id%5D=4347852&vydata%5Bcontent_type%5D=blog-post&vydata%5Bcanonical_url%5D=https%3A%2F%2Fblog.cymulate.com%2Fabusing-microsoft-office-online-video&vydata%5Bpage_id%5D=6389069793&vydata%5Bcontent_page_id%5D=6389069793&vydata%5Blegacy_page_id%5D=6389069793&vydata%5Bcontent_folder_id%5D=null&vydata%5Bcontent_group_id%5D=5759690221&vydata%5Bab_test_id%5D=null&vydata%5Blanguage_code%5D=null
Frame ID: 7B60E0FC45342A91EE8436627236A976
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://t.co/mq0rMBQDJ2?amp=1 Page URL
https://blog.cymulate.com/abusing-microsoft-office-online-video Page URL

Detected technologies

LiveChat (Live Chat) Expand

Overall confidence: 100%
Detected patterns

script /cdn\.livechatinc\.com\/.*tracking\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Fingerprintjs (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /fingerprint(\d)?(?:\.min)?\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

Linkedin (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/platform\.linkedin\.com\/in\.js/i

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/platform\.twitter\.com\/widgets\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

118
Requests

99 %
HTTPS

68 %
IPv6

28
Domains

41
Subdomains

42
IPs

7
Countries

2824 kB
Transfer

5236 kB
Size

15
Cookies

65 Outgoing links

These are links going to different origins than the main page.

URL: https://cymulate.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://cymulate.com/

Search URL Search Domain Scan URL

URL: https://cymulate.com/platform
Title: PLATFORM

Search URL Search Domain Scan URL

URL: https://cymulate.com/use-cases/
Title: Use Cases

Search URL Search Domain Scan URL

URL: https://cymulate.com/email-gateway/
Title: Email Gateway

Search URL Search Domain Scan URL

URL: https://cymulate.com/web-gateway/
Title: Web Gateway

Search URL Search Domain Scan URL

URL: https://cymulate.com/web-application-firewall/
Title: Web Application Firewall

Search URL Search Domain Scan URL

URL: https://cymulate.com/phishing-awareness/
Title: Phishing Awareness

Search URL Search Domain Scan URL

URL: https://cymulate.com/endpoint-security/
Title: Endpoint Security

Search URL Search Domain Scan URL

URL: https://cymulate.com/lateral-movement/
Title: Lateral Movement

Search URL Search Domain Scan URL

URL: https://cymulate.com/data-exfiltration/
Title: Data Exfiltration

Search URL Search Domain Scan URL

URL: https://cymulate.com/immediate-threat-intelligence/
Title: Immediate Threats Intelligence

Search URL Search Domain Scan URL

URL: https://cymulate.com/full-kill-chain-apt/
Title: Full Kill-Chain APT

Search URL Search Domain Scan URL

URL: https://cymulate.com/company/overview
Title: COMPANY

Search URL Search Domain Scan URL

URL: https://cymulate.com/company/overview#leadership
Title: Leadership

Search URL Search Domain Scan URL

URL: https://cymulate.com/company/overview#board
Title: Board

Search URL Search Domain Scan URL

URL: https://cymulate.com/company/overview#investors
Title: Investors

Search URL Search Domain Scan URL

URL: https://cymulate.com/company/overview#research
Title: Research Unit

Search URL Search Domain Scan URL

URL: https://cymulate.com/company/overview#our_team
Title: Our Team

Search URL Search Domain Scan URL

URL: https://cymulate.com/company/careers
Title: Careers

Search URL Search Domain Scan URL

URL: https://cymulate.com/contact-us/
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://cymulate.com/partners/
Title: Partners

Search URL Search Domain Scan URL

URL: https://cymulate.com/partners#sec_2
Title: Find a Partner

Search URL Search Domain Scan URL

URL: https://cymulate.com/partners#sec_1
Title: Become a Partner

Search URL Search Domain Scan URL

URL: https://cymulate.com/partners#sec_3
Title: Partners Central

Search URL Search Domain Scan URL

URL: https://cymulate.com/resources
Title: Resources

Search URL Search Domain Scan URL

URL: https://cymulate.com/resources/
Title: Collateral

Search URL Search Domain Scan URL

URL: https://cymulate.com/resources/news/
Title: News

Search URL Search Domain Scan URL

URL: https://cymulate.com/resources/news#news_section
Title: In the News

Search URL Search Domain Scan URL

URL: https://cymulate.com/resources/news#pr_section
Title: Press Releases

Search URL Search Domain Scan URL

URL: https://cymulate.com/resources/news#awards_section
Title: Awards

Search URL Search Domain Scan URL

URL: https://cymulate.com/events/
Title: Events

Search URL Search Domain Scan URL

URL: https://app.cymulate.com/login
Title: Login

Search URL Search Domain Scan URL

URL: https://cymulate.com/free-trial
Title: free trial

Search URL Search Domain Scan URL

URL: https://cymulate.com/schedule-a-demo
Title: Schedule a demo

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://blog.cymulate.com/abusing-microsoft-office-online-video&title=Abusing%20Microsoft%20Office%20Online%20Video&picture=https://l.cymulate.com/hubfs/Blog%20-25-1.png&description=%20Cymulate%E2%80%99s%20research%20team%20has%20discovered%20a%20way%20to%20abuse%20the%20Online%20Video%20feature%20on%20Microsoft%20Word%20to%20execute%20malicious%20code.%20Attackers%20could%20use%20this%20for%20malicious%20purposes%20such%20as%20phishing,%20as%20the%20document%20will%20show%20the%20embedded%20online%20video%20with%20a%20link%20to%20YouTube,%20while%20in%20fact%20a%20html/javascript%20code%20is%20running%20in%20the%20background%20that%20potentially%20could%20lead%20to%20further%20code%20execution%20scenarios.
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/share?source=https://blog.cymulate.com/abusing-microsoft-office-online-video&text=Abusing%20Microsoft%20Office%20Online%20Video%20-%20https://blog.cymulate.com/abusing-microsoft-office-online-video

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/shareArticle?mini=true&url=https://blog.cymulate.com/abusing-microsoft-office-online-video&title=Abusing%20Microsoft%20Office%20Online%20Video&summary=%20Cymulate%E2%80%99s%20research%20team%20has%20discovered%20a%20way%20to%20abuse%20the%20Online%20Video%20feature%20on%20Microsoft%20Word%20to%20execute%20malicious%20code.%20Attackers%20could%20use%20this%20for%20malicious%20purposes%20such%20as%20phishing,%20as%20the%20document%20will%20show%20the%20embedded%20online%20video%20with%20a%20link%20to%20YouTube,%20while%20in%20fact%20a%20html/javascript%20code%20is%20running%20in%20the%20background%20that%20potentially%20could%20lead%20to%20further%20code%20execution%20scenarios.

Search URL Search Domain Scan URL

URL: https://www.businesswire.com/news/home/20181025005616/en/Cymulate-Finds-Logical-Bug-Microsoft-Office-Suite
Title: here

Search URL Search Domain Scan URL

URL: https://msdn.microsoft.com/en-us/library/hh772332(v=vs.85).aspx
Title: msSaveOrOpenBlob

Search URL Search Domain Scan URL

URL: https://www.trendmicro.com/en_us/business/products/all-solutions.html?_ga=2.246909824.56643921.1542550565-987354932.1542290912
Title: Trend Micro™ XGen™ security

Search URL Search Domain Scan URL

URL: https://cymulate.com/terms-and-conditions/
Title: Terms and Conditions

Search URL Search Domain Scan URL

URL: https://cymulate.com/platform/email-gateway
Title: Email Security

Search URL Search Domain Scan URL

URL: https://cymulate.com/platform/web-gateway
Title: Web Gateway

Search URL Search Domain Scan URL

URL: https://cymulate.com/platform/web-application-firewall
Title: Web Application

Search URL Search Domain Scan URL

URL: https://cymulate.com/platform/phishing-awareness
Title: Phishing

Search URL Search Domain Scan URL

URL: https://cymulate.com/platform/endpoint-security
Title: Endpoint

Search URL Search Domain Scan URL

URL: https://cymulate.com/platform/lateral-movement
Title: Lateral Movement

Search URL Search Domain Scan URL

URL: https://cymulate.com/platform/data-exfiltration
Title: Data Exfiltration

Search URL Search Domain Scan URL

URL: https://cymulate.com/company/overview#aboutus
Title: About Us

Search URL Search Domain Scan URL

URL: https://cymulate.com/company/overview#researchunit
Title: Research Unit

Search URL Search Domain Scan URL

URL: https://cymulate.com/company/overview#ourteam
Title: Our Team

Search URL Search Domain Scan URL

URL: https://cymulate.com/partners#findapartner
Title: Find a Partner

Search URL Search Domain Scan URL

URL: https://cymulate.com/partners#becomeapartner
Title: Become a Partner

Search URL Search Domain Scan URL

URL: https://cymulate.com/partners/partners-central/
Title: Partners Central

Search URL Search Domain Scan URL

URL: https://cymulate.com/resources/collateral/
Title: Collateral

Search URL Search Domain Scan URL

URL: https://cymulate.com/resources/news#inthenews
Title: In the News

Search URL Search Domain Scan URL

URL: https://cymulate.com/resources/news#pressreleases
Title: Press Releases

Search URL Search Domain Scan URL

URL: https://cymulate.com/resources/news#awards
Title: Awards

Search URL Search Domain Scan URL

URL: https://cymulate.com/resource_type/events/
Title: EVENTS

Search URL Search Domain Scan URL

URL: http://app.cymulate.com/login
Title: LOGIN

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Cymulate/

Search URL Search Domain Scan URL

URL: https://twitter.com/CymulateLtd

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company-beta/10868396

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC1QIoFAsCjk238tQDIguONw

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.co/mq0rMBQDJ2?amp=1 Page URL
https://blog.cymulate.com/abusing-microsoft-office-online-video Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://play.vidyard.com/oEeGKEsoqd995kKu6vS7RG.jpg HTTP 302
https://cdn.vidyard.com/thumbnails/8OBuged-8AIWByCv7Vbrdw/70fe0b7a1dfa635997d921.jpg

Request Chain 52

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=120269&time=1612623871641&url=https%3A%2F%2Fblog.cymulate.com%2Fabusing-microsoft-office-online-video HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D120269%26time%3D1612623871641%26url%3Dhttps%253A%252F%252Fblog.cymulate.com%252Fabusing-microsoft-office-online-video%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=120269&time=1612623871641&url=https%3A%2F%2Fblog.cymulate.com%2Fabusing-microsoft-office-online-video&liSync=true

Request Chain 104

https://play.vidyard.com/oEeGKEsoqd995kKu6vS7RG.jpg HTTP 302
https://cdn.vidyard.com/thumbnails/8OBuged-8AIWByCv7Vbrdw/70fe0b7a1dfa635997d921.jpg

118 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 mq0rMBQDJ2 Show response
t.co/ 344 B
511 B 195ms
142ms Document
text/html 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://t.co/mq0rMBQDJ2?amp=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

fb1701fe8f79a13f4285dfc5604333aa7a505ca42a16d846d6ba6ba2f474eaaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Request headers

:method: GET
:authority: t.co
:scheme: https
:path: /mq0rMBQDJ2?amp=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cache-control: private,max-age=300
content-encoding: gzip
content-length: 202
content-type: text/html; charset=utf-8
date: Sat, 06 Feb 2021 15:04:30 GMT
expires: Sat, 06 Feb 2021 15:09:30 GMT
server: tsa_f
set-cookie: muc=ce375f97-1724-4dfd-9ca8-92b7f2535078; Max-Age=63072000; Expires=Mon, 06 Feb 2023 15:04:30 GMT; Domain=t.co; Secure; SameSite=None
strict-transport-security: max-age=0
vary: Origin
x-connection-hash: de4a55b54fdaf8925c62001b8408fe38
x-response-time: 117
x-xss-protection: 0

GET
H2 200 Primary Request abusing-microsoft-office-online-video Show response
blog.cymulate.com/ 80 KB
14 KB 1004ms
943ms Document
text/html 199.60.103.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.cymulate.com/abusing-microsoft-office-online-video

Requested by

Host: t.co
URL: https://t.co/mq0rMBQDJ2?amp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.60.103.30 , Canada, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / HubSpot

Resource Hash

a7c5f7ef6f56673187bea1ebd252b17428ff70e1344954bd577e44e38841b81d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=0

Request headers

:method: GET
:authority: blog.cymulate.com
:scheme: https
:path: /abusing-microsoft-office-online-video
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://t.co/mq0rMBQDJ2?amp=1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://t.co/mq0rMBQDJ2?amp=1

Response headers

date: Sat, 06 Feb 2021 15:04:31 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d441c626e927f8a33702139c3024e72691612623870; expires=Mon, 08-Mar-21 15:04:30 GMT; path=/; domain=.blog.cymulate.com; HttpOnly; SameSite=Lax __cfruid=392c54a92d064b3c07c67c061c3c2c33db9321bf-1612623871; path=/; domain=.blog.cymulate.com; HttpOnly; Secure; SameSite=None
cache-control: s-maxage=10800, max-age=0
etag: W/"9249d9d3bcdac8c250fcfe794a9f9789"
last-modified: Sat, 06 Feb 2021 09:59:07 GMT
strict-transport-security: max-age=0
cf-cache-status: EXPIRED
cache-tag: CT-6389069793,CG-5759690221,P-4347852,L-9514672875,L-9514997162,L-9520300796,W-10021181699,CW-10067292000,CW-28077902350,CW-5608897986,CW-5608897991,CW-5608898434,CW-5608898447,CW-5608898455,CW-5608898463,CW-5608898464,CW-5609598491,CW-5609598623,CW-5609598635,CW-9515693035,CW-9517380878,E-9514997204,E-9515047132,MENU-10021181699,PGS-ALL,SW-0
content-security-policy: upgrade-insecure-requests
edge-cache-tag: CT-6389069793,CG-5759690221,P-4347852,L-9514672875,L-9514997162,L-9520300796,W-10021181699,CW-10067292000,CW-28077902350,CW-5608897986,CW-5608897991,CW-5608898434,CW-5608898447,CW-5608898455,CW-5608898463,CW-5608898464,CW-5609598491,CW-5609598623,CW-5609598635,CW-9515693035,CW-9517380878,E-9514997204,E-9515047132,MENU-10021181699,PGS-ALL,SW-0
referrer-policy: no-referrer-when-downgrade
x-hs-cache-config: BrowserCache-5s-EdgeCache-180s
x-hs-combine-css: Disabled
x-hs-content-id: 6389069793
x-hs-hub-id: 4347852
x-powered-by: HubSpot
cf-request-id: 08197890c1000072930a132000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 61d5c3946fb87293-AMS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery-1.7.1.js Show response
blog.cymulate.com/hs/hsstatic/jquery-libs/static-1.1/jquery/ 92 KB
33 KB 70ms
67ms Script
application/javascript 199.60.103.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.cymulate.com/hs/hsstatic/jquery-libs/static-1.1/jquery/jquery-1.7.1.js

Requested by

Host: blog.cymulate.com
URL: https://blog.cymulate.com/abusing-microsoft-office-online-video

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.60.103.30 , Canada, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:31 GMT
via: 1.1 d2322e4264977966de69a888b2e0eba9.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
age: 728486
cf-ray: 61d5c39a6a9b7293-AMS
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0819789485000072930a164000000001
last-modified: Tue, 25 Nov 2014 17:03:30 GMT
server: cloudflare
etag: W/"ddb84c1587287b2df08966081ef063bf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-version-id: null
cache-control: public, max-age=31536000
x-amz-cf-pop: AMS54-C1
content-type: application/javascript
x-amz-cf-id: T8WVFUsrTDif4K8cF4JbOtSn3IrB06M7XBnorKZIvj5oD3jo5oHqQg==
expires: Sun, 06 Feb 2022 15:04:31 GMT

GET
H2 200 module_10067292000_Cymulate_May2019_Theme_Header_Popup.min.css
blog.cymulate.com/hs-fs/hub/4347852/hub_generated/module_assets/1559292585630/ 2 KB
1 KB 345ms
343ms Stylesheet
text/css 199.60.103.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.cymulate.com/hs-fs/hub/4347852/hub_generated/module_assets/1559292585630/module_10067292000_Cymulate_May2019_Theme_Header_Popup.min.css
Requested by: Host: blog.cymulate.com
URL: https://blog.cymulate.com/abusing-microsoft-office-online-video
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.30 , Canada, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83edf3ef706d5b6e0356cf4eb9cb2eb549b75629544b5c9a5839574e06f2dda1

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:31 GMT
via: 1.1 7c4bbd97f5be908e33f403c3794f629a.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
x-amz-cf-pop: IAD89-C1
x-cache: Miss from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 8B9B9C2B5135EFF5
x-amz-id-2: hpVVRVEfOCxJxyudfOG34JNfEGNcScnoRKvtn8CF807IO66qaEVi7Jl9lDTDu3ofZnq9qn2vgyk=
last-modified: Fri, 31 May 2019 08:49:46 GMT
server: cloudflare
etag: W/"f21b755a976f9ee375dd94666b9f07b6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: 3lIcPiBHCXZx5R_nSb5dcj6KtmIBugzW
cf-request-id: 081978947c000072930aa1b000000001
cf-ray: 61d5c39a5a937293-AMS
x-amz-cf-id: _8EVpvM4hu5gaXmEZtc7688AubAEyYpxtcSBKxYxrQD6mbD1WtN4QQ==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11

GET
H2 200 module_28077902350_author-box.min.css
blog.cymulate.com/hs-fs/hub/4347852/hub_generated/module_assets/28077902350/1586845253495/ 928 B
685 B 382ms
380ms Stylesheet
text/css 199.60.103.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.cymulate.com/hs-fs/hub/4347852/hub_generated/module_assets/28077902350/1586845253495/module_28077902350_author-box.min.css
Requested by: Host: blog.cymulate.com
URL: https://blog.cymulate.com/abusing-microsoft-office-online-video
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.30 , Canada, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7fba3c84cf907b348f7a052e5e6a3d42d75c9105a9e96bde91a64f52f7402b2

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:31 GMT
via: 1.1 88b63cb2f8aab28c7291262ffc15282f.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
x-amz-cf-pop: IAD89-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 9D09BB1EC2C624EF
x-amz-id-2: qObSj3wv/GCrUY2p/CSizhg2E4TO/tfNrAN+JyKUAerRlYnU3HOVILaaIoQ1bO3NgNiX13iuIBk=
last-modified: Tue, 14 Apr 2020 06:20:54 GMT
server: cloudflare
etag: W/"3acc078fbb175920201e1789105dad69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: N46Spsmk6sAxtlb01uEr7fFPusY1OSmS
cf-request-id: 081978947c000072930b0e0000000001
cf-ray: 61d5c39a6a957293-AMS
x-amz-cf-id: L1lESr8oNuDfTUHADVpTDp7l-JhwX_qbFdBLfwy5igtvs3BqFx6p_w==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11

GET
H2 200 rss_post_listing.css
blog.cymulate.com/hs/hsstatic/AsyncSupport/static-1.94/sass/ 910 B
544 B 70ms
68ms Stylesheet
text/css 199.60.103.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.cymulate.com/hs/hsstatic/AsyncSupport/static-1.94/sass/rss_post_listing.css

Requested by

Host: blog.cymulate.com
URL: https://blog.cymulate.com/abusing-microsoft-office-online-video

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.60.103.30 , Canada, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

723fbf8d73cd4e75f64f7d21558585aa1658b11332e87bd288f6987e398ecfb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:31 GMT
via: 1.1 946220429f157f0f0ada3caf7d8642cc.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
age: 149366
x-amz-server-side-encryption: AES256
cf-ray: 61d5c39a6a967293-AMS
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0819789482000072930c126000000001
last-modified: Thu, 04 Feb 2021 19:41:00 GMT
server: cloudflare
etag: W/"e1b521ec14a912d6d385c21388ec7d79"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-version-id: poR_HfzOwGppYdgImYO54h7K5fIDNnah
cache-control: public, max-age=31536000
x-amz-cf-pop: MXP64-C3
content-type: text/css
x-amz-cf-id: CPisKuN6JkqrmM2cccCemPQ1YELGHK98B2L73vF0b8Mu6BToBvMcYA==
expires: Sun, 06 Feb 2022 15:04:31 GMT

GET
H2 200 module_9515693035_Site_Search_Input_-_CYM_Blog_2019.min.css
blog.cymulate.com/hs-fs/hub/4347852/hub_generated/module_assets/1557395645834/ 565 B
685 B 365ms
363ms Stylesheet
text/css 199.60.103.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.cymulate.com/hs-fs/hub/4347852/hub_generated/module_assets/1557395645834/module_9515693035_Site_Search_Input_-_CYM_Blog_2019.min.css
Requested by: Host: blog.cymulate.com
URL: https://blog.cymulate.com/abusing-microsoft-office-online-video
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.30 , Canada, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a594ed19e2a1c508889da563841d1479c5bd43666f6336e26f06cb34f1601842

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:31 GMT
via: 1.1 2e50d9b1ee017f302768660f02b7418e.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
x-amz-cf-pop: IAD89-C1
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 772D186490FF5D68
x-amz-id-2: vUNefK4LC0r7e6JkGlotrLNxP2aW7kx5ETfyjtoEnbCxd/e3XlZQjguVcigFdYhiikq68p0Wwzg=
last-modified: Thu, 09 May 2019 09:54:06 GMT
server: cloudflare
etag: W/"97b5599484c0592f6e76c984ca18afc9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: w12gykqQBEghTWZcCtHQ09D5WI20LG4y
cf-request-id: 081978947d000072930e33a000000001
cf-ray: 61d5c39a6a997293-AMS
x-amz-cf-id: Z1AMCVEHbQonJ8l_fdGRzC78nSCCRytijyCBuRX7cFE8nFTTd_jtTw==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11

GET
H/1.1 200
OK in.js Show response
platform.linkedin.com/ 181 KB
55 KB 37ms
6ms Script
text/javascript 2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.linkedin.com/in.js
Requested by: Host: blog.cymulate.com
URL: https://blog.cymulate.com/abusing-microsoft-office-online-video
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Play /
Resource Hash: dd09ac569606839a91da1ec3b96ffa4e75cf303ffd0ea8a733c4e1befb8c8e12

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-LI-UUID: mxdAaKEvYRYghc5T6CoAAA==
Date: Sat, 06 Feb 2021 15:04:31 GMT
Content-Encoding: gzip
X-CDN-CLIENT-IP-VERSION: IPV6
Server: Play
X-Li-Pop: prod-efr5
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Cache-Control: public, max-age=3600
Connection: keep-alive
X-LI-Proto: http/1.1
Content-Length: 55606
X-CDN: AKAM
X-Li-Fabric: prod-lva1
Expires: Sat, 6 Feb 2021 15:41:51 GMT

GET
H2 200 layout.min.css
cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1612537463320/hubspot/hubspot_default/shared/responsive/ 5 KB
2 KB 36ms
18ms Stylesheet
text/css 2606:4700::6811:f2cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1612537463320/hubspot/hubspot_default/shared/responsive/layout.min.css
Requested by: Host: blog.cymulate.com
URL: https://blog.cymulate.com/abusing-microsoft-office-online-video
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 341a4d40ad1b2560db940f906716d0e9539d4c0785399d7e0348fd0d3af00170

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:31 GMT
content-encoding: br
cf-cache-status: HIT
age: 86000
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
cf-request-id: 081978948600003140461c4000000001
last-modified: Fri, 05 Feb 2021 15:04:24 GMT
server: cloudflare
etag: W/"0b0c633d59ab0af9553a98c0e7d97349"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-meta-created-unix-time-millis: 1612537463320
content-type: text/css
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-cf-pop: IAD89-C1
cf-ray: 61d5c39a6fb63140-FRA
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11

GET
H2 200 style.css
blog.cymulate.com/hs-fs/hub/4347852/hub_generated/template_assets/9514997204/1612198652617/Cymulate_May2019_Theme/ 83 KB
14 KB 367ms
366ms Stylesheet
text/css 199.60.103.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.cymulate.com/hs-fs/hub/4347852/hub_generated/template_assets/9514997204/1612198652617/Cymulate_May2019_Theme/style.css
Requested by: Host: blog.cymulate.com
URL: https://blog.cymulate.com/abusing-microsoft-office-online-video
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.30 , Canada, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 864b8707cd72323dd2d64b94718d2f24344905c72bdd40d4464d215d21794187

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:31 GMT
via: 1.1 814e6200dbb5865e94b7b0c1ba6129fe.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 6T2V6P3SEYBW0X4Y
x-amz-id-2: pQt//8cpaLL96K4LiUtzh68Mphbp2jRv5XkJGiH5avLZPUhDGpQuo4EETKGOizuVO51PfjN4dc0=
last-modified: Mon, 01 Feb 2021 16:57:33 GMT
server: cloudflare
etag: W/"3dde7a3f529e68fb79b052c8f994d4cc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-meta-created-unix-time-millis: 1612198652617
content-type: text/css
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: lcQtF4Lkh6WtZi1mamHjI3jF5wEsRyro
cf-request-id: 081978947e000072930a163000000001
cf-ray: 61d5c39a6a9a7293-AMS
x-amz-cf-id: 3dTtKffqbeCzkt76Yfim-EpEqYrhECoi1DII7m-2nJA8wrpVgjQbAw==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 23ms
22ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: blog.cymulate.com
URL: https://blog.cymulate.com/abusing-microsoft-office-online-video

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 232375
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5631
cf-request-id: 081978947e0000d705e7946000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iv4A3hRYVRnVNoEsS1b4y%2BwhzbX5P2FlrVWqxBTYaVa14hm3bFiLq1vthug1%2B9zPI5Aw99glaFJjsbOMiREmO8MX9DB6CVs%2B2lxN3h8ujXjel6dpQpfJCuKrYcvHn651Ow%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 61d5c39a6977d705-FRA
expires: Thu, 27 Jan 2022 15:04:31 GMT

GET
H2 200 logo%20navbar%20sticky_-01-1.svg
blog.cymulate.com/hubfs/ 5 KB
3 KB 48ms
41ms Image
image/svg+xml 199.60.103.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.cymulate.com/hubfs/logo%20navbar%20sticky_-01-1.svg
Requested by: Host: blog.cymulate.com
URL: https://blog.cymulate.com/abusing-microsoft-office-online-video
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.30 , Canada, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c8f72f231f90815a3ac8bb2f2df915df57f7ddaca44ca5cc4d0dd361e50add0

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:31 GMT
via: 1.1 2e0227ef3f0af98f7b4e1f8452f59f84.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-meta-cache-tag: F-10417865463,P-4347852,FLS-ALL
age: 523438
edge-cache-tag: F-10417865463,P-4347852,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: DA6F4DD2B130D076
cf-request-id: 08197896180000729320126000000001
x-amz-id-2: JiTl1KBPvPLAa+WEXxdc+sstUj7Xm2RP8P2rDEeuFLfMdODJAzfG5SZ2pvECumXtsBugKrhC0Os=
last-modified: Wed, 12 Jun 2019 04:57:38 GMT
server: cloudflare
etag: W/"503c96e041414e1b57b37866d390e4be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: vmXzKZ.J0MwONK7wvpgpkKi2hGCNAPWc
x-amz-cf-pop: AMS54-C1
cf-ray: 61d5c39cfb757293-AMS
x-amz-cf-id: XNv6PhZ6anW1fobXDDjAEymWjTrU56XAaQRsVaeS-nF4o-H78uf0Eg==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11

GET
H2 200 jquery.fancybox.min.css
cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/ 12 KB
3 KB 12ms
12ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css

Requested by

Host: blog.cymulate.com
URL: https://blog.cymulate.com/abusing-microsoft-office-online-video

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 240779
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2695
cf-request-id: 08197895ea0000d705ceb68000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:00 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e58-31fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xhve5qadT0RAm5X4sCNnY6JLrdXTk%2BNIG8qLoKBzqDv21kZFJulu%2BWVe5CggAV8BrANdnC8JzDXGe7ceoM75dYAFc%2FuZxpkVO31VpS4ViKNJDy1g0XIfDsxtUH4iOAxzXQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 61d5c39cad3bd705-FRA
expires: Thu, 27 Jan 2022 15:04:31 GMT

GET
H2 200 jquery.fancybox.min.js Show response
cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/ 67 KB
19 KB 12ms
12ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js

Requested by

Host: blog.cymulate.com
URL: https://blog.cymulate.com/abusing-microsoft-office-online-video

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1022410
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19249
cf-request-id: 08197895f40000d705a991a000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:00 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e58-10a9d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Yf9qLdT5bSPuTQ4nTzVfeO4eWfNUal6Z9FeEh4xfHFHTjqwGk2ItQ%2FQFTDH1VzCFZGtvhPQdFklnKL9%2BhAg1MwQepCjtRNwSDWbXLWboe96aHwyiXal66adxnR3cCWaAxw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 61d5c39cbd58d705-FRA
expires: Thu, 27 Jan 2022 15:04:31 GMT

GET
H2 200 Blog%20-25-1.png
blog.cymulate.com/hubfs/ 1 MB
1 MB 879ms
872ms Image
image/png 199.60.103.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.cymulate.com/hubfs/Blog%20-25-1.png
Requested by: Host: blog.cymulate.com
URL: https://blog.cymulate.com/abusing-microsoft-office-online-video
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.30 , Canada, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc488dfd42f9683e353e3afb4bf03ea9b135f42f55c69941cff0d6833a363afc

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:32 GMT
via: 1.1 6e44e48abc671a9155ea845c36f68921.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cache-tag: F-29235304023,P-4347852,FLS-ALL
x-amz-cf-pop: AMS54-C1
x-amz-server-side-encryption: AES256
cf-ray: 61d5c39cfb767293-AMS
edge-cache-tag: F-29235304023,P-4347852,FLS-ALL
x-amz-meta-index-tag: all
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 525073FB5E6555B8
cf-request-id: 0819789618000072930aa31000000001
accept-ranges: bytes
last-modified: Mon, 11 May 2020 16:53:45 GMT
server: cloudflare
etag: "c696c98da128d960f5589275beb593a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
x-amz-id-2: XfksW7vu7cnWBNhox8KPbjsf5I5FVEg8TUokgDX2xN7fYWeBprQv5faGIQkHx2YmKBD9wZPAXL8=
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: bl6oF25uutNTOcVJtyagzxdHqMQmUGHa
content-length: 1090081
x-robots-tag: all
x-amz-cf-id: P1tInBtrelxFemx6K3W1TNaEtPzWaROvSBHFslou25RWG0hlo714iA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11

GET
H2 200 Microsoft-Office_Pic1.png
blog.cymulate.com/hs-fs/hubfs/ 29 KB
29 KB 322ms
316ms Image
image/png 199.60.103.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.cymulate.com/hs-fs/hubfs/Microsoft-Office_Pic1.png?width=1560&name=Microsoft-Office_Pic1.png
Requested by: Host: blog.cymulate.com
URL: https://blog.cymulate.com/abusing-microsoft-office-online-video
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.30 , Canada, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9a378521c3ae908ddec654b184e54d219162aed71e92dcbe802b46e082ed7cf

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:31 GMT
via: 1.1 14d757a67b913f1bc93427e69819362d.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: IAD89-C1
edge-cache-tag: F-6389332455,P-4347852,FLS-ALL
x-cache: Miss from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29264
cf-request-id: 081978961900007293110d8000000001
last-modified: Thu, 25 Oct 2018 13:52:41 GMT
server: cloudflare
etag: "cd724fc122f759e19a3bdd5455ac72ff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 61d5c39cfb777293-AMS
x-amz-cf-id: wTS-JgsKHYPbrnqhyWBp8JTqHQYeYIxDZmBw6DKW7msp2435VkcOMQ==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11

GET
H2 200 Microsoft-Office_Pic2.png
blog.cymulate.com/hs-fs/hubfs/ 106 KB
106 KB 362ms
356ms Image
image/png 199.60.103.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.cymulate.com/hs-fs/hubfs/Microsoft-Office_Pic2.png?width=533&name=Microsoft-Office_Pic2.png
Requested by: Host: blog.cymulate.com
URL: https://blog.cymulate.com/abusing-microsoft-office-online-video
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.30 , Canada, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2a26767a06d5bff8d6e44bb43f9de930fa73eadb3a48bcd538c49ce2a03f814

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:31 GMT
via: 1.1 f2c051917a765f1d1a1cd2ce1622adb9.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: IAD89-C1
x-amz-server-side-encryption: AES256
edge-cache-tag: F-6389333002,P-4347852,FLS-ALL
x-amz-replication-status: COMPLETED
x-cache: Miss from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 108055
cf-request-id: 0819789623000072930b94e000000001
last-modified: Thu, 28 Jan 2021 11:27:12 GMT
server: cloudflare
etag: "c1712f3999ba34dba89cde9677a3d93e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 61d5c39d0b807293-AMS
x-amz-cf-id: hNLh0UjQTuIjsu2vhaeOwRtqGLazZCZ7ncMvN_6yP9tZu-d2VMIV7A==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11

GET
H2 200 Microsoft-Office_Pic3.png
blog.cymulate.com/hs-fs/hubfs/ 7 KB
7 KB 388ms
382ms Image
image/png 199.60.103.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.cymulate.com/hs-fs/hubfs/Microsoft-Office_Pic3.png?width=263&name=Microsoft-Office_Pic3.png
Requested by: Host: blog.cymulate.com
URL: https://blog.cymulate.com/abusing-microsoft-office-online-video
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.30 , Canada, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e6d7f9acccf48d98a70464c7e0053d7fe2a5ddfd9c29efe88d878b6dd7c6893

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:31 GMT
via: 1.1 b5e757a7da6f6fe6261f56a8a9646881.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: IAD89-C1
edge-cache-tag: F-6389114506,P-4347852,FLS-ALL
x-cache: Miss from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7369
cf-request-id: 0819789623000072930c13b000000001
last-modified: Thu, 25 Oct 2018 13:54:10 GMT
server: cloudflare
etag: "44ac7b0d4ee86c56096f8327bf57d27b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 61d5c39d0b827293-AMS
x-amz-cf-id: lTitqnGN1WJn1J1C6UY2dzpdGsvK_xUNKf6cSot7tNNuo0hJi_KFpQ==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11

GET
H2 200 Microsoft-Office_Pic4.png
blog.cymulate.com/hs-fs/hubfs/ 129 KB
130 KB 57ms
51ms Image
image/png 199.60.103.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.cymulate.com/hs-fs/hubfs/Microsoft-Office_Pic4.png?width=1908&name=Microsoft-Office_Pic4.png
Requested by: Host: blog.cymulate.com
URL: https://blog.cymulate.com/abusing-microsoft-office-online-video
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.30 , Canada, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 658450265dca307ea621905710fd2d9cca1ba06c3abe16d46e4a882b24b9548d

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:31 GMT
via: 1.1 c9bc0840da506c3f9fd4715a063463a7.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 496609
cf-polished: origSize=133425, status=webp_bigger
edge-cache-tag: F-6389334235,P-4347852,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 132421
cf-request-id: 08197896240000729319b8f000000001
last-modified: Thu, 25 Oct 2018 13:54:57 GMT
server: cloudflare
etag: "2f2b532233e46f87601648da1df22552"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cf-bgj: imgq:85,h2pri
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
x-amz-cf-pop: IAD89-C1
accept-ranges: bytes
cf-ray: 61d5c39d0b837293-AMS
x-amz-cf-id: VAGh101s6ZBv0u6gz5TdFVXTprFXVwwQ2k6O4TQTpua9N4N6zmo7Ww==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11

GET
H2

200

70fe0b7a1dfa635997d921.jpg
cdn.vidyard.com/thumbnails/8OBuged-8AIWByCv7Vbrdw/
Redirect Chain

https://play.vidyard.com/oEeGKEsoqd995kKu6vS7RG.jpg
https://cdn.vidyard.com/thumbnails/8OBuged-8AIWByCv7Vbrdw/70fe0b7a1dfa635997d921.jpg

35 KB
35 KB

75ms
18ms

Image
image/jpeg

93.184.221.26
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.vidyard.com/thumbnails/8OBuged-8AIWByCv7Vbrdw/70fe0b7a1dfa635997d921.jpg
Requested by: Host: blog.cymulate.com
URL: https://blog.cymulate.com/abusing-microsoft-office-online-video
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.26 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/8A8E) /
Resource Hash: 0c255ee55786844ef620977da89a0824f32e4f28e606a7a4a6cd2b8f0d44e33f

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:31 GMT
age: 418187
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-request-id: 2Q9S8SFN1K6Y8G5M
x-amz-id-2: kSoweuoykAb0qK8T8zqI1u+NEguQRoihr2JhiUopdflUAwV0Lfh4Ggoe78SM6FLN7wtxYJtwVjE=
accept-ranges: bytes
last-modified: Thu, 25 Oct 2018 13:20:37 GMT
server: ECAcc (ama/8A8E)
etag: "1b668f2152d35096d673a73c91c07a30"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST
content-type: image/jpeg
access-control-allow-origin: *
x-amz-version-id: 0yiEgfQDsHkG9XLZqXkwbeHRd2jBXm4Z
content-length: 35503

Redirect headers

date: Sat, 06 Feb 2021 15:04:31 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
content-length: 106
x-served-by: cache-hhn4078-HHN
x-china: 0
referrer-policy: no-referrer-when-downgrade
location: https://cdn.vidyard.com/thumbnails/8OBuged-8AIWByCv7Vbrdw/70fe0b7a1dfa635997d921.jpg
x-timer: S1612623872.559500,VS0,VE109
x-frame-options: ALLOWALL
vary: Accept, X-ThumbnailAB, X-China, accept-language
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 24061485-015e-43ba-a3bb-877a1134ee08.png
no-cache.hubspot.com/cta/default/4347852/ 777 B
1 KB 205ms
183ms Image
image/png 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://no-cache.hubspot.com/cta/default/4347852/24061485-015e-43ba-a3bb-877a1134ee08.png

Requested by

Host: blog.cymulate.com
URL: https://blog.cymulate.com/abusing-microsoft-office-online-video

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7d32c6bbb85a00b4b318379c9ae55e15525c1440e9d0df9e37d56c07a9d60db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:31 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 092429FAA0D93AB0
x-amz-server-side-encryption: AES256
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 777
x-amz-id-2: 18Lcs4g1PrOf8+SB/B/wcsFjV2vRhsf0CUnMkpHsGhl9QdxpFEDxaJsXVw0JeGbXodWbhyTJUKE=
last-modified: Fri, 18 Sep 2020 15:15:25 GMT
server: cloudflare
etag: "85a91622629d4870a419a53d4a4269d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KVYtXgCDZ%2F7O6txjP16bpsyjrd4q1XJdngkrXqd1mdK6LmMmshD94%2F82mmPRSs3ZyPM%2FNj7nSuGlYMgiYS24ywFnhwR%2BzoApW37s9TzWh99vv78rHRPZM7y1mbVn%2BX3xeQ%3D%3D"}],"max_age":604800}
content-type: image/png
cache-control: no-cache, no-store
cf-request-id: 081978962100004a8cb8348000000001
accept-ranges: bytes
cf-ray: 61d5c39d0d704a8c-FRA

GET
H2 200 current.js Show response
blog.cymulate.com/hs/cta/cta/ 9 KB
4 KB 215ms
207ms Script
application/javascript 199.60.103.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.cymulate.com/hs/cta/cta/current.js
Requested by: Host: blog.cymulate.com
URL: https://blog.cymulate.com/abusing-microsoft-office-online-video
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.30 , Canada, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d537c73a183af229ef7622aff821e6989b2af4aec2ec5c94b0feb880ccf9ff43

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:31 GMT
via: 1.1 ac28147bf6a75debb0811f62b6224e6f.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-cf-pop: IAD89-C3
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=cta-embed-js/static-1.13/bundles/current.js&cfRay=61d5c39d06ad7293-IAD
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0819789618000072930c13a000000001
cf-ray: 61d5c39ceb6e7293-AMS
last-modified: Thu, 17 Dec 2020 10:02:59 UTC
server: cloudflare
etag: W/"e2b6ea57f1792d2ac9d3d00f2e4a08a0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: f35WRlnM5g3wg9pH.9BpK5UaA_5BzvJ_
cache-control: max-age=600
access-control-allow-credentials: false
x-hs-cache-status: HIT
content-type: application/javascript; charset=utf-8
x-amz-cf-id: zaPCoSTn_kltT_UjktqqlVmBLf60VIM-7tU1kl9u3iRPROi3wdVdSA==

GET
H2 200 Profile%20pics_0001_simu218.jpg
blog.cymulate.com/hubfs/ 38 KB
38 KB 888ms
883ms Image
image/jpeg 199.60.103.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.cymulate.com/hubfs/Profile%20pics_0001_simu218.jpg
Requested by: Host: blog.cymulate.com
URL: https://blog.cymulate.com/abusing-microsoft-office-online-video
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.30 , Canada, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24b11144e4fa24a678ff1086916331aa413d191afe03c50ae63ebe08253f453b

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:32 GMT
via: 1.1 c149c6b8a4d6f497cac6f2d9e9e6be41.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cache-tag: F-28625306826,P-4347852,FLS-ALL
x-amz-cf-pop: AMS54-C1
x-amz-server-side-encryption: AES256
edge-cache-tag: F-28625306826,P-4347852,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: FBC60472CF122070
cf-request-id: 081978962400007293110d9000000001
accept-ranges: bytes
last-modified: Wed, 22 Apr 2020 13:16:36 GMT
server: cloudflare
etag: "960c540f3ffe352f548902302e21c35c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
x-amz-id-2: p4hbOtlyx4SmAOQPEn6nPH0DrR8XPcwhTbMoP7uRhP5J+soBu6rnwQueXTti2mL/AZpRqGuCZVo=
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: .3Os8qoCXPOKAsDPp0EkhvZH68inCkgp
content-length: 38547
cf-ray: 61d5c39d0b847293-AMS
x-amz-cf-id: IfGi0d1GTJYEYPEc3Eqxb07xV0FIL6gXcgDmJPJb6vmj-6Py-PLBoA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11

GET
H2 200 dots.png
blog.cymulate.com/hubfs/ 322 B
881 B 72ms
67ms Image
image/webp 199.60.103.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.cymulate.com/hubfs/dots.png
Requested by: Host: blog.cymulate.com
URL: https://blog.cymulate.com/abusing-microsoft-office-online-video
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.30 , Canada, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9dc2bef932f50381f871a9a9a2c71cab2e652ec8e751c4fdaa63ee4599f17634

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:31 GMT
via: 1.1 697a26790d3ab8292d8546ca9be87bbd.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-meta-cache-tag: F-28086433754,P-4347852,FLS-ALL
age: 767191
cf-polished: origFmt=png, origSize=418
edge-cache-tag: F-28086433754,P-4347852,FLS-ALL
content-disposition: inline; filename="dots.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 3HCPFG9M1T9N5H5M
cf-request-id: 0819789625000072930c966000000001
x-amz-server-side-encryption: AES256
accept-ranges: bytes
last-modified: Tue, 07 Apr 2020 10:49:46 GMT
server: cloudflare
x-cache: RefreshHit from cloudfront
etag: "ef0c75f09fffe8006b823c5a83bf61e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
x-amz-id-2: bgeUf9bXp9nRWN6pYMLyrlP/jBGoVMXOg+02QVBelbYEpVUey9FKidLeKk4gp7hE38tzUWMNXMo=
cf-bgj: imgq:85,h2pri
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: liI5qVXugkBUvaIQ2kixLt4WZwj.qoXG
x-amz-cf-pop: AMS54-C1
content-length: 322
cf-ray: 61d5c39d0b857293-AMS
x-amz-cf-id: NjaP2liDByjcyB5DOjYAgtd4161j4kjyyA8I64EfX-DQOiALIsCKoQ==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11

GET
H2 200 3f4582e4-c1d9-47f2-8f28-5b499731140a.png
no-cache.hubspot.com/cta/default/4347852/ 843 B
1 KB 198ms
176ms Image
image/png 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://no-cache.hubspot.com/cta/default/4347852/3f4582e4-c1d9-47f2-8f28-5b499731140a.png

Requested by

Host: blog.cymulate.com
URL: https://blog.cymulate.com/abusing-microsoft-office-online-video

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8171e927158615ce07dfa965f8c89066755b1d1eaa06486bd7cae9a14608586e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:31 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-amz-request-id: CD5432C0100B1D77
x-amz-server-side-encryption: AES256
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 843
x-amz-id-2: 8yE9tuEgLzR70bfU8jG7l9C6DIfMLuNcXSp6dy9cmFK6eE+Vu/S9o993CSAsO85Hd5RVc6I4bmI=
last-modified: Fri, 18 Sep 2020 15:15:26 GMT
server: cloudflare
etag: "13344b6b25e10593f29f7ed638c0c797"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YY8Ox4n17P1tvS3ikx8gZ8jY0TzZvtEps6PNB3tb%2BmcrR8EzwibSY6LvpiB2iVWSKI8H%2BVXHkgoobWqPKjeEegdyaDipIMSVXzN%2FdtjqX7%2Ff51zy3BsQ7vGrts%2FNVaucCg%3D%3D"}],"max_age":604800}
content-type: image/png
cache-control: no-cache, no-store
cf-request-id: 081978962100004a8ccd094000000001
accept-ranges: bytes
cf-ray: 61d5c39d0d724a8c-FRA

GET
H2 200 69c6963a-9616-43ac-ab7c-b47e23857b06.png
no-cache.hubspot.com/cta/default/4347852/ 2 KB
2 KB 195ms
174ms Image
image/png 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://no-cache.hubspot.com/cta/default/4347852/69c6963a-9616-43ac-ab7c-b47e23857b06.png

Requested by

Host: blog.cymulate.com
URL: https://blog.cymulate.com/abusing-microsoft-office-online-video

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d97e06fde636b7a37c49f4147f922c39aae4b3585e12dce9254a5010cf77c71f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:31 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 3E79E0E942CCB806
x-amz-server-side-encryption: AES256
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1591
x-amz-id-2: jWDaOj2AXiK6r7AG8uyd00Ta3852lqNxFa8fi6LDec1zLKwqC6EIxBFxVekqK4R367ereNdfFvY=
last-modified: Fri, 18 Sep 2020 15:15:33 GMT
server: cloudflare
etag: "78898ba0e02bb221fe62b23da942956b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eVAsKoDYyx23bZRxdTaUTXIjM1NCD1KMvA5V8V3Pec7AkYeDTDz79giMWM9jtR6Vs9DbxYQhkAg%2Bm5I65uHOiN7I2JHM1ehWZpFIav3KKyNui18sjsnmqIm72hPbIfnT5g%3D%3D"}],"max_age":604800}
content-type: image/png
cache-control: no-cache, no-store
cf-request-id: 081978962200004a8c78a38000000001
accept-ranges: bytes
cf-ray: 61d5c39d0d734a8c-FRA

GET
H2 200 Footer_logo.png
blog.cymulate.com/hs-fs/hubfs/ 1 KB
2 KB 72ms
67ms Image
image/webp 199.60.103.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.cymulate.com/hs-fs/hubfs/Footer_logo.png?width=126&name=Footer_logo.png
Requested by: Host: blog.cymulate.com
URL: https://blog.cymulate.com/abusing-microsoft-office-online-video
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.30 , Canada, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c99964f42621481efa8df4184670d19aebb72e96b8cffcff99f77c05d353491

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:31 GMT
via: 1.1 2ad0cde89ab58d454177893ae4447f50.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 505850
cf-polished: origFmt=png, origSize=2932
edge-cache-tag: F-9520932154,P-4347852,FLS-ALL
content-disposition: inline; filename="Footer_logo.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1046
cf-request-id: 0819789629000072930c967000000001
x-cache: RefreshHit from cloudfront
last-modified: Thu, 09 May 2019 12:21:40 GMT
server: cloudflare
etag: "ee82a7fc0a3b9f2503fc3721e0283581"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cf-bgj: imgq:85,h2pri
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
x-amz-cf-pop: IAD89-C1
accept-ranges: bytes
cf-ray: 61d5c39d0b867293-AMS
x-amz-cf-id: ONDnso_6mmtfg6V_7fReBPLnkpyZ9YVTJ66_K69OyHHokIGL-Simyw==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11

GET
H2 200 script.js Show response
blog.cymulate.com/hs-fs/hub/4347852/hub_generated/template_assets/9515047132/1569580580730/Cymulate_May2019_Theme/ 8 KB
2 KB 260ms
253ms Script
application/javascript 199.60.103.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.cymulate.com/hs-fs/hub/4347852/hub_generated/template_assets/9515047132/1569580580730/Cymulate_May2019_Theme/script.js
Requested by: Host: blog.cymulate.com
URL: https://blog.cymulate.com/abusing-microsoft-office-online-video
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.30 , Canada, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: da7d289d6002dc002eab964666c029798c4fe054f3bb7bda6b0438b90961cf45

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:31 GMT
via: 1.1 7b32163caf7e91fe96df7bbeaa58c0f9.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
x-amz-cf-pop: IAD89-C1
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 2A77C0D0C542EF0F
x-amz-id-2: fJ+FXfmD7xN8ad2iB+IAdtSYTlBmRKtdgJrKZfUM8m4XCVjSJ6iECin69GQ8oLPcJqSsvJVnicc=
last-modified: Fri, 27 Sep 2019 10:36:21 GMT
server: cloudflare
etag: W/"8060f9bc2d68880bb8a5ed232661ab4a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: SKwdVfmiJXYHy.hgTQtXTFkQED2uwGJ6
cf-request-id: 08197896160000729310288000000001
cf-ray: 61d5c39ceb6f7293-AMS
x-amz-cf-id: cxmb9gJJy8JaFyGLgsLIYDRyo4Dt2wwk2MG3TEhfcnqbYYuPy_CjVg==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11

GET
H2 200 project.js Show response
blog.cymulate.com/hs/hsstatic/cos-i18n/static-1.27/bundles/ 1 KB
748 B 79ms
72ms Script
application/javascript 199.60.103.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.cymulate.com/hs/hsstatic/cos-i18n/static-1.27/bundles/project.js

Requested by

Host: blog.cymulate.com
URL: https://blog.cymulate.com/abusing-microsoft-office-online-video

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.60.103.30 , Canada, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3f99c65ea3d6186991a21add80eeea6d79500fcb3c9d8263680e0de270e0753

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:31 GMT
via: 1.1 3649c20f8adf8628b43dbef00864e392.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
age: 558534
x-amz-server-side-encryption: AES256
cf-ray: 61d5c39ceb707293-AMS
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0819789616000072930da1f000000001
last-modified: Wed, 19 Aug 2020 22:31:39 GMT
server: cloudflare
etag: W/"d0cd32f08bf823a0389da03beed61887"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-version-id: 2tzxWhBqhFrbWNOKYsoHIauxtaBoTuuO
cache-control: public, max-age=31536000
x-amz-cf-pop: AMS54-C1
content-type: application/javascript
x-amz-cf-id: soQ7PyQo2fFN9Stdqd30woinh7DLaCWFu-rFJShmrUbyH0lwVAxi8g==
expires: Sun, 06 Feb 2022 15:04:31 GMT

GET
H2 200 project.js Show response
blog.cymulate.com/hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/ 2 KB
891 B 47ms
40ms Script
application/javascript 199.60.103.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.cymulate.com/hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/project.js

Requested by

Host: blog.cymulate.com
URL: https://blog.cymulate.com/abusing-microsoft-office-online-video

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.60.103.30 , Canada, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb56af9f7623a55839dfb9cf019b05664a62e1b41671d925f3ed587c506443b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:31 GMT
via: 1.1 4cc2a0a7eb7d5483edc69be298297f9e.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
age: 2288452
x-amz-server-side-encryption: AES256
cf-ray: 61d5c39ceb717293-AMS
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0819789617000072930e34a000000001
last-modified: Wed, 19 Aug 2020 22:24:11 GMT
server: cloudflare
etag: W/"ef84f26c310485299d6b75777414eddb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-version-id: gEenO44eZUewxnIWfgj9q6LB.g9OszNv
cache-control: public, max-age=31536000
x-amz-cf-pop: AMS54-C1
content-type: application/javascript
x-amz-cf-id: V8bjcBzqcCl0hLPw7abTrhzadYDzEc-jLvkdhTlPXQW83BLQNP49zw==
expires: Sun, 06 Feb 2022 15:04:31 GMT

GET
H2 200 v4.umd.js Show response
static.hsappstatic.net/vidyard-embed/static-1.38/js/ 65 KB
21 KB 45ms
21ms Script
application/javascript 2606:4700::6811:7d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/vidyard-embed/static-1.38/js/v4.umd.js

Requested by

Host: blog.cymulate.com
URL: https://blog.cymulate.com/abusing-microsoft-office-online-video

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1abacd83c2489f4007138d51612677a9ed38b2f7b08f626f2c9acf0566e6a184

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:31 GMT
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2365065
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 081978962200002c36399aa000000001
last-modified: Mon, 04 Jan 2021 20:00:52 GMT
server: cloudflare
etag: W/"ef95bdbbe9927055699499b98035303c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rM1l3GPO%2BfFODAxjA9uvaBvZtBHnbIgJUXy7px4CRBLdh1CEI5ujGh4d0rosWHKVwVK00qoGZhfD6SYbAE9jJOwIJ4McKlB3QOztfPToh1VRlZ5%2BVXAp2CP1429yK8uREagZ"}],"max_age":604800}
x-amz-version-id: y4Eo1x_OLgJ29MYrJOx1R7.iPKtRa9cS
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
cf-ray: 61d5c39d0ee52c36-FRA
x-amz-cf-id: Axhe4OdTJO28MamnbNKDhxLP74SBME6mjPTF11RBKJmBqGTBZ-i0uQ==
expires: Sun, 06 Feb 2022 15:04:31 GMT

GET
H2 200 v2.js Show response
blog.cymulate.com/_hcms/forms/ 520 KB
127 KB 75ms
68ms Script
application/javascript 199.60.103.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.cymulate.com/_hcms/forms/v2.js

Requested by

Host: blog.cymulate.com
URL: https://blog.cymulate.com/abusing-microsoft-office-online-video

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.60.103.30 , Canada, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6f31a335ef4afee665755556d8d50cfb3239d80601283c56af47c339f887a7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:31 GMT
via: 1.1 4db130e87be66fce9731567ae0669c56.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
age: 107
x-amz-server-side-encryption: AES256
cf-ray: 61d5c39ceb727293-AMS
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0819789617000072930b94d000000001
last-modified: Wed, 03 Feb 2021 03:28:54 UTC
server: cloudflare
etag: W/"2b49c17e03a5c2f522eedf069cfb79a0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-version-id: qFuEFzmMzpEnwV6.DIVDel5RqtXWWdE5
access-control-allow-origin: *
cache-control: s-maxage=600, max-age=0
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-C3
content-type: application/javascript; charset=utf-8
x-amz-cf-id: qRuZDicd_Rf1j_mCwYJu1oDker039a2OFf2qR8udKsMWE2VyySzYfw==

GET
H2 200 post_listing_asset.js Show response
blog.cymulate.com/hs/hsstatic/AsyncSupport/static-1.94/js/ 3 KB
2 KB 48ms
42ms Script
application/javascript 199.60.103.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.cymulate.com/hs/hsstatic/AsyncSupport/static-1.94/js/post_listing_asset.js

Requested by

Host: blog.cymulate.com
URL: https://blog.cymulate.com/abusing-microsoft-office-online-video

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.60.103.30 , Canada, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a7d6a52225baae5c38ae3c75b025f025798ab05aed480fa2d4650fb94efc90e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:31 GMT
via: 1.1 4a239bcf6999860d9ff48f3a45dc801d.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
age: 149360
x-amz-server-side-encryption: AES256
cf-ray: 61d5c39cfb737293-AMS
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0819789617000072930c964000000001
last-modified: Thu, 04 Feb 2021 19:41:00 GMT
server: cloudflare
etag: W/"a058929d27817bc3ab980554f0b7b6b6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-version-id: vw6NHeRjFw2qMsQaM2YHLdRjrqNqs.9g
cache-control: public, max-age=31536000
x-amz-cf-pop: BRU50-C1
content-type: application/javascript
x-amz-cf-id: o8dS13LcaOpScCBUp7G14W7dZejGvvb3RKCUjUwYQdKoqP-lxa7hNg==
expires: Sun, 06 Feb 2022 15:04:31 GMT

GET
H2 200 module_9515693035_Site_Search_Input_-_CYM_Blog_2019.min.js Show response
blog.cymulate.com/hs-fs/hub/4347852/hub_generated/module_assets/1557395645777/ 3 KB
1 KB 313ms
307ms Script
application/javascript 199.60.103.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.cymulate.com/hs-fs/hub/4347852/hub_generated/module_assets/1557395645777/module_9515693035_Site_Search_Input_-_CYM_Blog_2019.min.js
Requested by: Host: blog.cymulate.com
URL: https://blog.cymulate.com/abusing-microsoft-office-online-video
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.30 , Canada, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6cd7852f01450b7b252b0cb6c20d46cc5c66fd38e389f9d5a6acfd56450a05a9

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:31 GMT
via: 1.1 baddfcb4f2a6876b4fcc03bcd62427ef.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
x-amz-cf-pop: IAD89-C1
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 73C4865E42283857
x-amz-id-2: YgrPlMP5NdMWbpxnLfMkIjK5I2BcQOTsd77tGR6I8rIA23KsjmuY76tl9T/cHRWbg36wGEjQ56o=
last-modified: Thu, 09 May 2019 09:54:06 GMT
server: cloudflare
etag: W/"4fffad5f12792422cca81aef5d4e20c1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: IPFQrz1CfnbdQODnvWNRNfXf210W_7vP
cf-request-id: 08197896180000729319b8e000000001
cf-ray: 61d5c39cfb747293-AMS
x-amz-cf-id: pBjAYfVm1Sonl72ugE5nXjW5iXtI9F-c_Evrkv3AAbMvUAiRX_3VRQ==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11

GET
H2 200 4347852.js Show response
blog.cymulate.com/hs/scriptloader/ 2 KB
690 B 169ms
165ms Script
application/javascript 199.60.103.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.cymulate.com/hs/scriptloader/4347852.js
Requested by: Host: blog.cymulate.com
URL: https://blog.cymulate.com/abusing-microsoft-office-online-video
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.30 , Canada, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 903b13132264cac0b9bd9550b7d3cda93a619f8f3a1f41a83a5743d31dde1f91

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:31 GMT
content-encoding: br
cf-cache-status: EXPIRED
server: cloudflare
x-trace: 2BC35EE7C94EC422060A0D8F1F9589AF30FAF0E604000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-max-age: 3600
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 61d5c39d0b877293-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08197896250000729315a1c000000001
expires: Sat, 06 Feb 2021 15:05:31 GMT

GET
H2 200 index.js Show response
blog.cymulate.com/hs/hsstatic/HubspotToolsMenu/static-1.79/js/ 10 KB
4 KB 72ms
68ms Script
application/javascript 199.60.103.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.cymulate.com/hs/hsstatic/HubspotToolsMenu/static-1.79/js/index.js

Requested by

Host: blog.cymulate.com
URL: https://blog.cymulate.com/abusing-microsoft-office-online-video

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.60.103.30 , Canada, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd3eb59038a5df086653388d9394fed2f2f1d72d9c01cfdc4920247a9d371e83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:31 GMT
via: 1.1 3649c20f8adf8628b43dbef00864e392.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
age: 654547
x-amz-server-side-encryption: AES256
cf-ray: 61d5c39d0b887293-AMS
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 081978962a0000729315a1d000000001
last-modified: Mon, 14 Sep 2020 20:19:23 GMT
server: cloudflare
etag: W/"e669ca94e2fffafc96a88184dda30834"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-version-id: RcBG9DPSu_6ZVzKnktPJ4cTzKi_y_4VM
cache-control: public, max-age=31536000
x-amz-cf-pop: AMS54-C1
content-type: application/javascript
x-amz-cf-id: vWHekJma-Eq_TH-bJgYFx3y5DXarM-nh1X4rfnK6ukB3szdLbYfpmw==
expires: Sun, 06 Feb 2022 15:04:31 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 143 KB
49 KB 38ms
34ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5Q2VT3C

Requested by

Host: blog.cymulate.com
URL: https://blog.cymulate.com/abusing-microsoft-office-online-video

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1db14aeaa014c82f321c124ea0c9c6076d57fa5e280cd778dfa0bb83c2a7c2ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:31 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50152
x-xss-protection: 0
expires: Sat, 06 Feb 2021 15:04:31 GMT

GET
H2 200 tracking.js Show response
cdn.livechatinc.com/ 76 KB
24 KB 117ms
38ms Script
application/javascript 72.247.179.145
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/tracking.js
Requested by: Host: blog.cymulate.com
URL: https://blog.cymulate.com/abusing-microsoft-office-online-video
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.179.145 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a72-247-179-145.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: b54f7147a709caad6b5fc1189f210290ddcc3d10e5702953b57cc6e36bcea99b

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: yzswOH2Ovq1HpGwRYH1utap.ZZplSc3e
content-encoding: gzip
last-modified: Thu, 04 Feb 2021 14:58:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: W/"a48e63cde05fd9c0562552e31f3f66a1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=28800
date: Sat, 06 Feb 2021 15:04:31 GMT
content-length: 23867
x-amz-cf-id: wiv17wkUI-Ej-YiY0l0FqyIcMUucaEoCeruaXAo7PEUE-wZr2IuhGg==
expires: Sat, 06 Feb 2021 23:04:31 GMT

GET
H2 200 font-awesome.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.6.3/css/ 34 KB
6 KB 12ms
12ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.6.3/css/font-awesome.css

Requested by

Host: blog.cymulate.com
URL: https://blog.cymulate.com/hs-fs/hub/4347852/hub_generated/template_assets/9514997204/1612198652617/Cymulate_May2019_Theme/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b977f453450222a069d89dd2e776f6f21f9fa42f6e15c03c7fe6ff34d9a2c159

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.cymulate.com/hs-fs/hub/4347852/hub_generated/template_assets/9514997204/1612198652617/Cymulate_May2019_Theme/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 239215
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5565
cf-request-id: 08197896060000d7050796f000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-893e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0NBMsHyIPrfkPbKDgeGle5Rtld7I8PqZWUEY3Jc2Pxw5uylmg3stF0evRFaohXAMey7tq%2FDanICPMRgwfge1DEzR1X9UTbSUFhaixLVdN4Q1N5kpAcx%2Fg51AFlO757tONA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 61d5c39cdd80d705-FRA
expires: Thu, 27 Jan 2022 15:04:31 GMT

GET
H2 200 css
fonts.googleapis.com/ 12 KB
995 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700,700i

Requested by

Host: blog.cymulate.com
URL: https://blog.cymulate.com/hs-fs/hub/4347852/hub_generated/template_assets/9514997204/1612198652617/Cymulate_May2019_Theme/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dc1c85eb3766b923eb1898f16d2f09541f2f94523929e58154ce17b0d71bded

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://blog.cymulate.com/hs-fs/hub/4347852/hub_generated/template_assets/9514997204/1612198652617/Cymulate_May2019_Theme/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 06 Feb 2021 15:01:29 GMT
server: ESF
date: Sat, 06 Feb 2021 15:04:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 06 Feb 2021 15:04:31 GMT

GET
H2 200 CYM_blog_shape.png
cdn2.hubspot.net/hubfs/4347852/Cymulate_May2019/Images/ 364 B
1 KB 24ms
21ms Image
image/webp 2606:4700::6811:f2cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.hubspot.net/hubfs/4347852/Cymulate_May2019/Images/CYM_blog_shape.png
Requested by: Host: blog.cymulate.com
URL: https://blog.cymulate.com/hs-fs/hub/4347852/hub_generated/template_assets/9514997204/1612198652617/Cymulate_May2019_Theme/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ba89dba8839ab2bbaee4cf70a05c5b2fa173d20840e314df5a88b3161123c77

Request headers

Referer: https://blog.cymulate.com/hs-fs/hub/4347852/hub_generated/template_assets/9514997204/1612198652617/Cymulate_May2019_Theme/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:31 GMT
via: 1.1 3c2fca5c3988bc152e874a83fac74f4a.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-meta-cache-tag: F-9549879512,FD-9515375031,P-4347852,FLS-ALL
age: 752344
cf-polished: origFmt=png, origSize=2244
edge-cache-tag: F-9549879512,FD-9515375031,P-4347852,FLS-ALL
content-disposition: inline; filename="CYM_blog_shape.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
x-amz-request-id: 8A475C477EF6A6A3
cf-request-id: 0819789622000031400ca3a000000001
x-cache: RefreshHit from cloudfront
accept-ranges: bytes
last-modified: Fri, 10 May 2019 06:12:56 GMT
server: cloudflare
etag: "18d52e43ff8280fda12d95dcba53af90"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
x-amz-id-2: uNEENAmbNztosD0N1wHbUiJt1GYI3Uog+YxMt3jAjw7dNbuIpe+NL1c/66houUJSRu4vlzQKZag=
cf-bgj: imgq:85,h2pri
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: Mncc_aVabxsZyqkHwqHmwOi5kCldDCgF
x-amz-cf-pop: DUS51-C1
content-length: 364
cf-ray: 61d5c39d0d9e3140-FRA
x-amz-cf-id: qsLiLJIGjPcaCu7Z431P9BQAJ5TwsvByHMfmWOpFeTIN3r0p-e3-lg==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11

GET
H2 200 left-curve.png
cdn2.hubspot.net/hubfs/4347852/Cymulate_May2019/Images/ 6 KB
7 KB 24ms
22ms Image
image/webp 2606:4700::6811:f2cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.hubspot.net/hubfs/4347852/Cymulate_May2019/Images/left-curve.png
Requested by: Host: blog.cymulate.com
URL: https://blog.cymulate.com/hs-fs/hub/4347852/hub_generated/template_assets/9514997204/1612198652617/Cymulate_May2019_Theme/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69e8c8ba12080155fcbc4363da974556439841f23600b4d92aab07262a06cd65

Request headers

Referer: https://blog.cymulate.com/hs-fs/hub/4347852/hub_generated/template_assets/9514997204/1612198652617/Cymulate_May2019_Theme/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:31 GMT
via: 1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-meta-cache-tag: F-9551282860,FD-9515375031,P-4347852,FLS-ALL
age: 752344
cf-polished: origFmt=png, origSize=13928
edge-cache-tag: F-9551282860,FD-9515375031,P-4347852,FLS-ALL
content-disposition: inline; filename="left-curve.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
x-amz-request-id: 479FB4321E53B585
cf-request-id: 0819789622000031404d8de000000001
x-cache: Miss from cloudfront
accept-ranges: bytes
last-modified: Fri, 10 May 2019 08:49:31 GMT
server: cloudflare
etag: "eee1e44e061e8b7e7f8a820d1b315c96"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
x-amz-id-2: FtUX5YuXXFEoo9NLawcdTTsnN9jb5Xv8iAQobaFCulR63A837G1d8iS3sgXprzp+bO//qTM9a8k=
cf-bgj: imgq:85,h2pri
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: OeEnO2rGf2UUHIpKI9odsBDLLFIT6bg.
x-amz-cf-pop: DUS51-C1
content-length: 6584
cf-ray: 61d5c39d0da13140-FRA
x-amz-cf-id: Inkx2OxxeBVXcIFpfe6QX8gpKjacleKUrbL1nl6eKP5ge3kHwM9KCA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11

GET
H2 200 DINPro-Regular.woff2
cdn2.hubspot.net/hubfs/4347852/Cymulate_May2019/Fonts/ 28 KB
28 KB 50ms
30ms Font
application/font-woff2 2606:4700::6811:f2cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hubfs/4347852/Cymulate_May2019/Fonts/DINPro-Regular.woff2
Requested by: Host: blog.cymulate.com
URL: https://blog.cymulate.com/hs-fs/hub/4347852/hub_generated/template_assets/9514997204/1612198652617/Cymulate_May2019_Theme/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 586448340ecc1127dcd487d166b8db746ffb3d085d39b1134824cf3b72e7d71b

Request headers

Origin: https://blog.cymulate.com
Referer: https://blog.cymulate.com/hs-fs/hub/4347852/hub_generated/template_assets/9514997204/1612198652617/Cymulate_May2019_Theme/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:31 GMT
via: 1.1 8b8626ca944cc316c9f369d8a33098d6.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-meta-cache-tag: F-9520146673,FD-9520062884,P-4347852,FLS-ALL
age: 1148271
edge-cache-tag: F-9520146673,FD-9520062884,P-4347852,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
x-amz-request-id: D13DE431A693B71A
cf-request-id: 081978963400001762528e9000000001
x-amz-id-2: mhrdUmDVtDbrgDywa8bd8gyNWfAa9vGyFPNNh/D0fSI3ZJjhHPpGfIw8wl7UxAGdqJyv0jMeaRg=
accept-ranges: bytes
last-modified: Thu, 09 May 2019 10:59:55 GMT
server: cloudflare
etag: "0a10d7fdad4821bd368c8a089db235cd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: yn1SSeb5s5o9lBfmJx5NJk3gF9t5ZtHg
x-amz-cf-pop: MXP64-C2
content-length: 28160
cf-ray: 61d5c39d1d3a1762-FRA
x-amz-cf-id: 4JZx8UebdQX72a9dEEvUpBNHMHIKtbtJj9Ef6zVPhq9bYMwTgdukrA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11

GET
H2 200 DINPro-Medium.woff2
cdn2.hubspot.net/hubfs/4347852/Cymulate_May2019/Fonts/ 28 KB
29 KB 49ms
30ms Font
application/font-woff2 2606:4700::6811:f2cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hubfs/4347852/Cymulate_May2019/Fonts/DINPro-Medium.woff2
Requested by: Host: blog.cymulate.com
URL: https://blog.cymulate.com/hs-fs/hub/4347852/hub_generated/template_assets/9514997204/1612198652617/Cymulate_May2019_Theme/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a396b1b16cea7f65e7756049c43a4a0dfeed78710acf556059836665597410bb

Request headers

Origin: https://blog.cymulate.com
Referer: https://blog.cymulate.com/hs-fs/hub/4347852/hub_generated/template_assets/9514997204/1612198652617/Cymulate_May2019_Theme/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:31 GMT
via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-meta-cache-tag: F-9520248113,FD-9520062884,P-4347852,FLS-ALL
age: 742578
edge-cache-tag: F-9520248113,FD-9520062884,P-4347852,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
x-amz-request-id: 17F1379C94F881ED
cf-request-id: 081978963400001762f6a4e000000001
x-amz-id-2: lAH+Rjt5oZAOCbR+f8xkNaaAtOlqW0o/5y1ZskQCpWPNGPw4fQbFvop4Wrp+5Gw1ausZzWFY9zA=
accept-ranges: bytes
last-modified: Thu, 09 May 2019 10:59:55 GMT
server: cloudflare
etag: "80ca698ba1ed0a59606059eb18c840c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: 9_p_rDy6TvCz2w9LSI6qeyiApTkhlJq5
x-amz-cf-pop: FRA50-C1
content-length: 28392
cf-ray: 61d5c39d1d401762-FRA
x-amz-cf-id: YZeP8_cwx7Vwevsf-eFBXi9l9kPuJJHn90Ikl0OZbyMwV8A5v6TJJA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://blog.cymulate.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700,700i
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 22:00:39 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 234232
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Thu, 03 Feb 2022 22:00:39 GMT

GET
H2 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 16ms
16ms Font
application/octet-stream 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://blog.cymulate.com
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 839701
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
cf-request-id: 081978964d0000175619b27000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-12d68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GTIrfpmrP%2FYj22As1Yg8hl2t69nCwiqm6InfyXfFOFBX2sA%2BNDVqMi3pSGrrnOdGmZd7AmFh6Jmih1nPKlGSz7Rmhrj9Sc4wDqE1Le1gfYTnV%2FBgiRhWTg0dETMpwpcFqw%3D%3D"}],"max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 61d5c39d4b3c1756-FRA
expires: Thu, 27 Jan 2022 15:04:31 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 30 KB
13 KB 97ms
46ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Q2VT3C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

c4eb51f22f568120cf9ab08fbeae1a5369ec10fd7dba0ceba07038b07a9a9975

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 12189
x-xss-protection: 0
server: cafe
etag: 7685221537260973389
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 06 Feb 2021 15:04:31 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 6ms
6ms Script
application/x-javascript 2a02:26f0:6c00:28c::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Q2VT3C
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28c::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 06 Feb 2021 15:04:31 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Jan 2021 22:14:03 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=51477
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1855

GET
H2 200 hotjar-1311496.js Show response
static.hotjar.com/c/ 3 KB
2 KB 53ms
53ms Script
application/javascript 13.225.78.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1311496.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Q2VT3C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.69 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-69.fra2.r.cloudfront.net

Software

Resource Hash

a8c880dd0790e800303e6dc5f7b36bb80c43f77a48162ffb1e5c8f5b0c2af938

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:31 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA2-C2
etag: W/1fa0750ac53c24e79e529c1582d7b9d4
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
x-cache-hit: 1
content-length: 1559
via: 1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
x-amz-cf-id: -Ctv-y7fMcw9435bJUDI9ReuCsxrw1uRZxDvBZ3ocRGj131k0oPvMw==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 91 KB
23 KB 12ms
12ms Script
application/x-javascript 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: t.co
URL: https://t.co/mq0rMBQDJ2?amp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f045:10:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23762
x-fb-rlafr: 0
pragma: public
x-fb-debug: JFhjEZzKg7muLU5RoKeYt4b3Z2GJByj2KkJ589PdG0hhfdx90qHkNuEEKoTQ+wQTvD+yQw2slqEUDN9eWQqZcA==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Sat, 06 Feb 2021 15:04:31 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 4347852.js Show response
js.hs-scripts.com/ 2 KB
968 B 149ms
132ms Script
application/javascript 2606:4700::6811:d2cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/4347852.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Q2VT3C
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:d2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: debf9be5fa27a943e18e84b697f530c0e0f98be467093e4d2b95fe4184394fe8

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:31 GMT
content-encoding: br
cf-cache-status: EXPIRED
server: cloudflare
x-trace: 2B2765E34D64F6854B5AB1F04AE9F24A016D4CAA45000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://blog.cymulate.com
access-control-max-age: 3600
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 61d5c39ddb20dff3-FRA
cf-request-id: 08197896a50000dff33b34a000000001
expires: Sat, 06 Feb 2021 15:05:31 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
38 KB 62ms
46ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-859674832

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Q2VT3C

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

472e8c0c00549be6e21cdd1aada60f6d623b5fe0711bcfe31382c41f1aa81e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:31 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38987
x-xss-protection: 0
expires: Sat, 06 Feb 2021 15:04:31 GMT

GET
H2 200 tracker Show response
www.influ2.com/ 6 KB
2 KB 449ms
424ms Script
application/javascript 2a00:1450:4001:812::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.influ2.com/tracker?clid=1c42c346-fd98-4322-b42c-ffbb21f3f3ec

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Q2VT3C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

d105d6ec90c9471c9df8b097df27225098d028461b4c062f29e9c12cb6dd1b75

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 06 Feb 2021 15:04:32 GMT
x-frame-options: DENY
content-type: application/javascript
via: 1.1 google
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=120269&time=1612623871641&url=https%3A%2F%2Fblog.cymulate.com%2Fabusing-microsoft-office-online-video
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D120269%26time%3D1612623871641%26url%3Dhttps%253A%252F%252Fblog.cymulate.com%252Fa...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=120269&time=1612623871641&url=https%3A%2F%2Fblog.cymulate.com%2Fabusing-microsoft-office-online-video&liSync=true

0
81 B

211ms
211ms

Image
application/javascript

2a05:f500:11:101::b93f:9005
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=120269&time=1612623871641&url=https%3A%2F%2Fblog.cymulate.com%2Fabusing-microsoft-office-online-video&liSync=true
Requested by: Host: blog.cymulate.com
URL: https://blog.cymulate.com/abusing-microsoft-office-online-video
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:32 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-proto: http/2
x-li-pop: prod-tln1
content-type: application/javascript
content-length: 0
x-li-uuid: jzYXHd4wYRaguQkslysAAA==

Redirect headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
linkedin-action: 1
content-length: 0
x-li-uuid: 7ORxFd4wYRbweQQ0USsAAA==
pragma: no-cache
x-li-pop: afd-prod-lor1
x-msedge-ref: Ref A: 8E80625014984975BBBB35717EBB93A7 Ref B: FRAEDGE0815 Ref C: 2021-02-06T15:04:31Z
date: Sat, 06 Feb 2021 15:04:31 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options: sameorigin
x-li-fabric: prod-lor1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=120269&time=1612623871641&url=https%3A%2F%2Fblog.cymulate.com%2Fabusing-microsoft-office-online-video&liSync=true
cache-control: no-cache, no-store
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK get_dynamic_config.js Show response
secure.livechatinc.com/licence/8604904/v2/ 1 KB
1 KB 195ms
147ms Script
application/javascript 104.126.37.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.livechatinc.com/licence/8604904/v2/get_dynamic_config.js?t=1612623871645&url=https%3A%2F%2Fblog.cymulate.com%2Fabusing-microsoft-office-online-video&referrer=https%3A%2F%2Ft.co%2Fmq0rMBQDJ2%3Famp%3D1&channel_type=code&jsonp=__75sqiorfts
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.25 , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-25.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: eb172aa971d8ce31afac5516fda40d5a4a5caa04d857beac7e2fe312a9ec8a33

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 06 Feb 2021 15:04:31 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 554
Expires: Sat, 06 Feb 2021 15:04:31 GMT

GET
H2 200 201397790656822 Show response
connect.facebook.net/signals/config/ 240 KB
70 KB 61ms
61ms Script
application/x-javascript 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/201397790656822?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f045:10:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

15e1bbb8bbc9cbe4c847b189ad6785528821069d1e060a5eb2ee45310f04d83b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: OYUeW9k2+v3uDfzjn7qNMUB0isAJrwTutEiRl/0YGmzlc0ElOvvzbiEpikmPdCUl4oeP9Lx4wKe9SfRCjlXZUg==
x-fb-trip-id: 664085054
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sat, 06 Feb 2021 15:04:31 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 1946363824
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 modules.a688a4aac2767469ffa8.js Show response
script.hotjar.com/ 223 KB
59 KB 29ms
29ms Script
application/javascript 13.224.194.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.a688a4aac2767469ffa8.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1311496.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.194.79 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-194-79.fra2.r.cloudfront.net

Software

Resource Hash

c4f2cf347897564c6ff41e3fc763a35be2640c03958b9b13f00acb6e6502e78d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 14:32:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 88332
x-cache: Hit from cloudfront
content-length: 59922
access-control-allow-origin: *
last-modified: Fri, 05 Feb 2021 14:29:04 GMT
etag: "e7b82a18126cbe85cded24fd39a16300"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 172e63b20fb363ed969de28ae3937e21.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: QdrAto0KPav4X5bBIt_1eBNtpYrVNbeiIHzC_wO9W1gDY9IN-kHCjg==

GET
H2 200 search.png
cdn2.hubspot.net/hubfs/4347852/Cymulate_May2019/Images/ 248 B
977 B 24ms
23ms Image
image/webp 2606:4700::6811:f2cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.hubspot.net/hubfs/4347852/Cymulate_May2019/Images/search.png
Requested by: Host: blog.cymulate.com
URL: https://blog.cymulate.com/hs-fs/hub/4347852/hub_generated/template_assets/9514997204/1612198652617/Cymulate_May2019_Theme/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: edd15540e9703d4d9f9d76ebf010ca7ecea9c82f7fdcd7e3a7002f3c55d26c81

Request headers

Referer: https://blog.cymulate.com/hs-fs/hub/4347852/hub_generated/template_assets/9514997204/1612198652617/Cymulate_May2019_Theme/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:31 GMT
via: 1.1 7c3241a948c4d88d2b9d7793615eaf0c.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-meta-cache-tag: F-9549878887,FD-9515375031,P-4347852,FLS-ALL
age: 742578
cf-polished: origFmt=png, origSize=1215
edge-cache-tag: F-9549878887,FD-9515375031,P-4347852,FLS-ALL
content-disposition: inline; filename="search.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
x-amz-request-id: EBDA3B078C8BFD5D
cf-request-id: 08197896eb000031405fb1c000000001
x-cache: RefreshHit from cloudfront
accept-ranges: bytes
last-modified: Fri, 10 May 2019 05:52:07 GMT
server: cloudflare
etag: "a2985766578b2a65cdeef0ce32c63a4f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
x-amz-id-2: EI1C54TrLVjrPGxw6DeK/70cD3V8ZFfvYmodG1+rpw95CWMsRl5VRRA/vlSEGidrQxY4IWrIxhc=
cf-bgj: imgq:85,h2pri
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: ZNAuIlccIH.nE7mW0zhkVyX09enPDvqS
x-amz-cf-pop: MXP64-C2
content-length: 248
cf-ray: 61d5c39e48803140-FRA
x-amz-cf-id: JfHDAAk3qfHa8yarmHCcK5CRwkyXq6232DoVsodtXTR1g7-t5NHSaA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11

GET
H2 200 DINPro-Light.woff2
cdn2.hubspot.net/hubfs/4347852/Cymulate_May2019/Fonts/ 27 KB
27 KB 23ms
23ms Font
application/font-woff2 2606:4700::6811:f2cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hubfs/4347852/Cymulate_May2019/Fonts/DINPro-Light.woff2
Requested by: Host: blog.cymulate.com
URL: https://blog.cymulate.com/hs-fs/hub/4347852/hub_generated/template_assets/9514997204/1612198652617/Cymulate_May2019_Theme/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbe23ba186c08e6fe4e8a81ef68d43634849a889d592e8803b81ec6280fb7430

Request headers

Origin: https://blog.cymulate.com
Referer: https://blog.cymulate.com/hs-fs/hub/4347852/hub_generated/template_assets/9514997204/1612198652617/Cymulate_May2019_Theme/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:31 GMT
via: 1.1 aa89236c3ef628703c4b8322e4ce6d96.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-meta-cache-tag: F-9520146672,FD-9520062884,P-4347852,FLS-ALL
age: 742578
edge-cache-tag: F-9520146672,FD-9520062884,P-4347852,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
x-amz-request-id: AB05935A80471B83
cf-request-id: 08197896eb00001762fe1cc000000001
x-amz-id-2: U1JEHbUbAHIU7UI72XfrCL5bUStCVoMSHqNdaSxHJqISJ1/KrDYW48YgtCeto1jddTwPX2Ez/co=
accept-ranges: bytes
last-modified: Thu, 09 May 2019 10:59:55 GMT
server: cloudflare
etag: "9e897c13ed87038d0060eba71edda081"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: se4fWqi83zB4OuBEZXt2_PTCelfuKU5x
x-amz-cf-pop: MXP64-C2
content-length: 27456
cf-ray: 61d5c39e4f561762-FRA
x-amz-cf-id: rXdbfR552SAlucSsmIBVm_fc9ZeBlMJueCn87sQfjg0ViPEnxcYlBg==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/859674832/ 2 KB
1 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/859674832/?random=1612623871767&cv=9&fst=1612623871767&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg1r0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fblog.cymulate.com%2Fabusing-microsoft-office-online-video&ref=https%3A%2F%2Ft.co%2Fmq0rMBQDJ2%3Famp%3D1&tiba=Abusing%20Microsoft%20Office%20Online%20Video&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

92deebbe766a1c87d652dbffd62afba6e1ad7e8feae7536bfd6d838ed5631f96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Feb 2021 15:04:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1057
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 7ec5e130-82c7-4475-a51d-b0f2f70b341b Show response
blog.cymulate.com/_hcms/forms/embed/v3/form/4347852/ 44 KB
6 KB 424ms
423ms Script
application/javascript 199.60.103.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.cymulate.com/_hcms/forms/embed/v3/form/4347852/7ec5e130-82c7-4475-a51d-b0f2f70b341b?callback=hs_reqwest_0&hutk=

Requested by

Host: blog.cymulate.com
URL: https://blog.cymulate.com/_hcms/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.60.103.30 , Canada, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f89d212a3195ce5ad940348fd58d62c5bed91bfc3846b498b04b0f849514efe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-disposition: attachment; filename=no-rfd.txt
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0819789742000072930a180000000001
server: cloudflare
x-trace: 2B5EA6331D187A7EF6B56F7E6BC83DF2F835E68B8F000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 61d5c39edc2e7293-AMS

GET
H2 200 /
www.facebook.com/tr/ 44 B
260 B 13ms
13ms Image
image/gif 2a03:2880:f145:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=201397790656822&ev=PageView&dl=https%3A%2F%2Fblog.cymulate.com%2Fabusing-microsoft-office-online-video&rl=https%3A%2F%2Ft.co%2Fmq0rMBQDJ2%3Famp%3D1&if=false&ts=1612623871820&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1612623871819.627312101&it=1612623871659&coo=false&rqm=GET

Requested by

Host: blog.cymulate.com
URL: https://blog.cymulate.com/abusing-microsoft-office-online-video

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f145:82:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:31 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sat, 06 Feb 2021 15:04:31 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/859674832/ 42 B
108 B 22ms
20ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/859674832/?random=1612623871767&cv=9&fst=1612623600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg1r0&sendb=1&frm=0&url=https%3A%2F%2Fblog.cymulate.com%2Fabusing-microsoft-office-online-video&ref=https%3A%2F%2Ft.co%2Fmq0rMBQDJ2%3Famp%3D1&tiba=Abusing%20Microsoft%20Office%20Online%20Video&async=1&fmt=3&is_vtc=1&random=3685116125&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: blog.cymulate.com
URL: https://blog.cymulate.com/abusing-microsoft-office-online-video

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Feb 2021 15:04:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/859674832/ 42 B
108 B 24ms
22ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/859674832/?random=1612623871767&cv=9&fst=1612623600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg1r0&sendb=1&frm=0&url=https%3A%2F%2Fblog.cymulate.com%2Fabusing-microsoft-office-online-video&ref=https%3A%2F%2Ft.co%2Fmq0rMBQDJ2%3Famp%3D1&tiba=Abusing%20Microsoft%20Office%20Online%20Video&async=1&fmt=3&is_vtc=1&random=3685116125&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: blog.cymulate.com
URL: https://blog.cymulate.com/abusing-microsoft-office-online-video

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Feb 2021 15:04:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 5 KB
3 KB 29ms
12ms Script
application/javascript 2606:4700::6811:71b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4347852.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:71b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3399b34b280df0bae72875db0c8920320cc6b8ce3e64413541fdcb7fd53a2a8f

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:31 GMT
via: 1.1 f37f104903bda438e8b0547be6e0c193.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 511
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.222/bundles/pixels-release.js&cfRay=61d5b7204cb61f25-IAD
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
cf-request-id: 0819789787000006148ea28000000001
last-modified: Fri, 29 Jan 2021 04:30:45 UTC
server: cloudflare
etag: W/"c8d54dcba2e9466890079ae550d834bf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: tMGfNCDI8YaArCWxgAwYbahB1RP10YKq
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-C3
cf-ray: 61d5c39f3a850614-FRA
x-amz-cf-id: M_FRrvs_v6tzpGhzpRp2SSFZjbDl3C0iTaPWToKFD52w2WX9RqVzBA==

GET
H2 200 4347852.js Show response
js.hs-analytics.net/analytics/1612623600000/ 61 KB
19 KB 174ms
157ms Script
text/javascript 2606:4700::6811:47b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1612623600000/4347852.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4347852.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:47b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6facbd4f4309baacf2be6355eccebf06db24b7c83b3b2fe8ecdb54d84bd3ab3e

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:32 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: B52C7ABD9CA677B1
x-amz-server-side-encryption: AES256
cf-ray: 61d5c39f58e618e5-FRA
x-amz-id-2: hDq1Lj7CJOadj6HCY76HvLdCtDAWm74QEjtN9m1kDWTBJT05m7FKAgwzspzs1i/3KjFNFHHFjIQ=
last-modified: Tue, 02 Feb 2021 22:17:09 GMT
server: cloudflare
etag: W/"5d3c3a497aaba9edc2085d448e459c47"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
cf-request-id: 0819789794000018e55005c000000001
content-type: text/javascript
expires: Sat, 06 Feb 2021 15:09:31 GMT

GET
H2 200 4347852.js Show response
js.hs-banner.com/ 57 KB
14 KB 83ms
65ms Script
text/javascript 2606:4700::6812:14bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/4347852.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4347852.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:14bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4957959e393bc48b462139b6821d1939e6306026a202aac73ef8d4725663925

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=ErMeug==, md5=Ou7F5ISjsgrR9ehvj7wJWg==
date: Sat, 06 Feb 2021 15:04:31 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-guploader-uploadid: ABg5-Uz_mCEy-9jPFMiQG7KQHhUiRXq3nKiT0qdzkvqZrxXfXaqIRcA3nLRL_UNuf_dpEI5eqT5Noh8RTxazKCzx2-A
x-goog-storage-class: STANDARD
access-control-max-age: 604800
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: text/javascript; charset=UTF-8
cf-request-id: 081978978900002bb95c0d1000000001
timing-allow-origin: *
last-modified: Tue, 05 Jan 2021 17:55:32 GMT
server: cloudflare
etag: W/"3aeec5e484a3b20ad1f5e86f8fbc095a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-goog-generation: 1609869332009841
access-control-allow-origin: https://cymulate.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
x-goog-stored-content-length: 58298
cf-ray: 61d5c39f4b9c2bb9-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Sat, 06 Feb 2021 15:09:31 GMT

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 448 KB
77 KB 148ms
129ms Script
application/javascript 2606:4700::6811:e9cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4347852.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:e9cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91ed6ce02b6c75337190849469779a4bd41848b76017521bf4544f268c011ad4

Request headers

Origin: https://blog.cymulate.com
Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:32 GMT
via: 1.1 368146333bf1a1071e8432a7d4e41e1a.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-cf-pop: IAD89-C3
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.969/bundle/main/lead-flows-release.js&cfRay=61d5c39f4c1fd6c5-IAD
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
cf-request-id: 08197897890000d6c5d4878000000001
last-modified: Thu, 17 Dec 2020 10:03:39 UTC
server: cloudflare
etag: W/"a566ab0a8f74bc7424c04febd0ea0ce7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: rhp8gAMuDbTLsXApeWVaA5lKkewB4A5p
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: HIT
cf-ray: 61d5c39f4c1fd6c5-FRA
x-amz-cf-id: nbunsyzQHONOFk6yYRFUldHVz8MGIKAZ3harxl6roK8BMxCh9yeRBA==

GET
H2 200 all.js Show response
connect.facebook.net/en_GB/ 3 KB
2 KB 13ms
12ms Script
application/x-javascript 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/all.js

Requested by

Host: blog.cymulate.com
URL: https://blog.cymulate.com/abusing-microsoft-office-online-video

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f045:10:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

42ae69e4b46e4d54d697eb5bd33277fcdb888537d05d8f29bf5b654d32f87c24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: PayTO/nfiecCm21RUJFwDg==
cross-origin-resource-policy: cross-origin
expires: Sat, 06 Feb 2021 15:15:10 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1780
x-fb-rlafr: 0
x-fb-debug: MBnHtPpmldZ4b7Ri97IVM3N88l6Km4qq34KFRFsvEiQx7ZI+RFWB/vMa8wiGSto5LSesGRbMxMh20ByOj2Vovw==
x-fb-trip-id: 664085054
x-fb-content-md5: bde8a4f821ee571ab267e5f5345ed275
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sat, 06 Feb 2021 15:04:31 GMT
x-frame-options: DENY
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "fc1718dfc6423da42ed0410d47a417fc"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 60ms
14ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: blog.cymulate.com
URL: https://blog.cymulate.com/abusing-microsoft-office-online-video
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B90) /
Resource Hash: 2b418a10ba4680c77fa07fb0e736eec6306cba0dbbbc8deac94a25e679178e15

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 06 Feb 2021 15:04:31 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 1344
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Content-Length: 28698
x-tw-cdn: VZ
Last-Modified: Thu, 01 Oct 2020 21:52:09 GMT
Server: ECS (amb/6B90)
Etag: "a671d4d584ef50954e5cebb21da17065+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 200 postlisting Show response
blog.cymulate.com/_hcms/ 2 B
209 B 159ms
159ms XHR
application/json 199.60.103.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.cymulate.com/_hcms/postlisting?blogId=9514745502&maxLinks=5&listingType=popular_all_time&orderByViews=true&hs-expires=1644141546&hs-version=2&hs-signature=AJ2IBuE_tj9lYgVyfdFih_McYLIDjN1J0g&currentUrl=https%3A%2F%2Fblog.cymulate.com%2Fabusing-microsoft-office-online-video&referrer=https%3A%2F%2Ft.co%2Fmq0rMBQDJ2%3Famp%3D1
Requested by: Host: blog.cymulate.com
URL: https://blog.cymulate.com/hs/hsstatic/AsyncSupport/static-1.94/js/post_listing_asset.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.30 , Canada, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray: 61d5c39f4c547293-AMS
date: Sat, 06 Feb 2021 15:04:32 GMT
cf-cache-status: MISS
server: cloudflare
x-trace: 2BAF7DD9EABA4B5BC970F11B9A4324F1F4DAF6020B000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: none
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2
cf-request-id: 081978978a00007293110e6000000001

GET
H2 204 has-permission Show response
app.hubspot.com/content-tools-menu/api/v1/tools-menu/ 0
379 B 129ms
127ms Script
text/plain 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/content-tools-menu/api/v1/tools-menu/has-permission?portalId=4347852&callback=jsonpHandler

Requested by

Host: blog.cymulate.com
URL: https://blog.cymulate.com/hs/hsstatic/HubspotToolsMenu/static-1.79/js/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:32 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-trace: 2B31F4A64B3BDC4984B77BBB2FEC7A94931935D81A000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BC4OjtzKOUqU89kVcygvWsC%2F8JwWIrJX3gL8LwQDlg%2F6RoVMobXIjMh6wGA3XuPdgtbUlb5LOedomDIlTH%2FFY2Iwus%2B8KG4fsY%2B6Jx19Q9g1fP3U5MX5u2hExsA%3D"}],"max_age":604800}
cache-control: max-age=0
access-control-allow-credentials: false
cf-ray: 61d5c39f3aca4a8c-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 081978978800004a8ccdb18000000001

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/859674832/ 2 KB
2 KB 62ms
47ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/859674832/?random=1612623871895&cv=9&fst=1612623871895&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa1r0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.cymulate.com%2Fabusing-microsoft-office-online-video&ref=https%3A%2F%2Ft.co%2Fmq0rMBQDJ2%3Famp%3D1&tiba=Abusing%20Microsoft%20Office%20Online%20Video&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1734d4621abc92f690f833950140db49c8e4af7fc8b3b849a4677ca0b36ce8ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Feb 2021 15:04:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1085
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 all.js Show response
connect.facebook.net/en_GB/ 191 KB
58 KB 37ms
13ms Script
application/x-javascript 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/all.js?hash=26d09f1db77c25892cc700626c580caa&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/all.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f045:10:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

616e352c6521d217a4a55a8121a61a3c4de45f54a395bf805c26700d7b981b15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://blog.cymulate.com
Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: jQ74/93vqiwccz5ggrXnMQ==
cross-origin-resource-policy: cross-origin
expires: Sun, 06 Feb 2022 13:27:38 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 58481
x-fb-rlafr: 0
x-fb-debug: NvrCWObgKoI1IrdvhxEfEgDkKzNMqhy9hs6Pg86xzpacHdamvhWvHEEtXbsmd5V8hyUhA8Zp1ziFcnL8S1W5fg==
x-fb-trip-id: 664085054
x-fb-content-md5: cac57dfc31085c081679eb2773fa5e62
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sat, 06 Feb 2021 15:04:31 GMT
x-frame-options: DENY
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "e8c51e1cc6e9efde5b17df3145942002"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 80EB 0
0 32ms
31ms Document
text/html 13.224.194.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1311496.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.11 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-11.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video

Response headers

content-type: text/html
content-length: 851
date: Mon, 23 Nov 2020 17:01:03 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "d594f1d4c3e5dbd6b556c60d34e0daea"
last-modified: Mon, 23 Nov 2020 15:41:01 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: Tmd12SC0dKEXtyL17iKrk0JjYhTS1HgiNHBF6NrSDYAd2e8Qv02pWw==
age: 6473008

GET
H/1.1 200
OK widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html
platform.twitter.com/widgets/ Frame E1F5 0
0 14ms
14ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html?origin=https%3A%2F%2Fblog.cymulate.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B94) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 718272
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sat, 06 Feb 2021 15:04:31 GMT
Etag: "9fa476ae827f556d5b037fe43632370d+gzip"
Last-Modified: Thu, 01 Oct 2020 21:50:01 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6B94)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 5825

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/859674832/ 42 B
289 B 51ms
51ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/859674832/?random=1612623871895&cv=9&fst=1612623600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa1r0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.cymulate.com%2Fabusing-microsoft-office-online-video&ref=https%3A%2F%2Ft.co%2Fmq0rMBQDJ2%3Famp%3D1&tiba=Abusing%20Microsoft%20Office%20Online%20Video&async=1&fmt=3&is_vtc=1&random=3543503717&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: blog.cymulate.com
URL: https://blog.cymulate.com/abusing-microsoft-office-online-video

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Feb 2021 15:04:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/859674832/ 42 B
530 B 48ms
34ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/859674832/?random=1612623871895&cv=9&fst=1612623600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa1r0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.cymulate.com%2Fabusing-microsoft-office-online-video&ref=https%3A%2F%2Ft.co%2Fmq0rMBQDJ2%3Famp%3D1&tiba=Abusing%20Microsoft%20Office%20Online%20Video&async=1&fmt=3&is_vtc=1&random=3543503717&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: blog.cymulate.com
URL: https://blog.cymulate.com/abusing-microsoft-office-online-video

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Feb 2021 15:04:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/1311496/ 152 B
305 B 107ms
39ms XHR
application/json 18.203.1.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/1311496/visit-data?sv=7
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.a688a4aac2767469ffa8.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.203.1.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-1-140.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: c4dc799d09b15e57ee98e3c3866ca16f53354cb79838d3aa6c9c961292151858

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 06 Feb 2021 15:04:32 GMT
content-encoding: br
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/859674832/ 2 KB
1 KB 131ms
131ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/859674832/?random=1612623871975&cv=9&fst=1612623871975&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa1r0&sendb=1&ig=1&data=event%3Doptimize.callback&frm=0&url=https%3A%2F%2Fblog.cymulate.com%2Fabusing-microsoft-office-online-video&ref=https%3A%2F%2Ft.co%2Fmq0rMBQDJ2%3Famp%3D1&tiba=Abusing%20Microsoft%20Office%20Online%20Video&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc3cbe04a215d7fc5e1d7bd79c9b1c7b343e7a95eacfdf47a53794ed0964878

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Feb 2021 15:04:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1088
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 FollowCompany.js Show response
www.linkedin.com/pages-extensions/ 1 KB
2 KB 221ms
221ms Script
application/javascript 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.linkedin.com/pages-extensions/FollowCompany.js?version=0.1.154

Requested by

Host: platform.linkedin.com
URL: https://platform.linkedin.com/in.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

275fb4a7bdeab3c59caff1c0ea88bf1adc9f4cfc377a9bec7b28517d13e2fd37

Security Headers

Name	Value
Content-Security-Policy	default-src ; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://.linkedin.com dms.licdn.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: ; font-src data: ; child-src blob: ; style-src 'unsafe-inline' 'self' static-src.linkedin.com .licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com .ads.linkedin.com .licdn.com www.google-analytics.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; report-uri https://www.linkedin.com/platform-telemetry/csp?f=nf
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: default-src 'none'; connect-src 'self' www.linkedin.com www.google-analytics.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://linkedin.sc.omtrdc.net/b/ss/ static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; script-src 'sha256-THuVhwbXPeTR0HszASqMOnIyxqEgvGyBwSPBKBF/iMc=' 'sha256-iC8MPqNLw0FDnsBf4DlSkFLNTwhkI85aouiAEB819ic=' 'sha256-y5uW69VItKj51mcc7UD9qfptDVUqicZL+bItEpvVNDw=' 'sha256-PyCXNcEkzRWqbiNr087fizmiBBrq9O6GGD8eV3P09Ik=' 'sha256-2SQ55Erm3CPCb+k03EpNxU9bdV3XL9TnVTriDs7INZ4=' 'sha256-S/KSPe186K/1B0JEjbIXcCdpB97krdzX05S+dHnQjUs=' platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'self' 'unsafe-inline' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; media-src dms.licdn.com; child-src blob: *; frame-src 'self' lnkd.demdex.net linkedin.cdn.qualaroo.com; manifest-src 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=g
content-length: 487
x-li-uuid: 8uXLGt4wYRaQ041aJCsAAA==
pragma: no-cache
last-modified: Fri, 01 Feb 1980 00:00:00 GMT
x-li-pop: afd-prod-lor1
x-msedge-ref: Ref A: 0C471F2AB52A48BB98576154284E95DA Ref B: FRAEDGE0815 Ref C: 2021-02-06T15:04:31Z
date: Sat, 06 Feb 2021 15:04:31 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store
etag: "0d5996903a338db3f8b9a98aa27af4bf99008627"
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; child-src blob: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com www.google-analytics.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; report-uri https://www.linkedin.com/platform-telemetry/csp?f=nf
accept-ranges: bytes
x-li-proto: http/2
x-li-fabric: prod-lor1
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 / Show response
t.influ2.com/u/ 63 B
284 B 160ms
136ms XHR
text/plain 2a00:1450:4001:812::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.influ2.com/u/?cb=1612623872092
Requested by: Host: www.influ2.com
URL: https://www.influ2.com/tracker?clid=1c42c346-fd98-4322-b42c-ffbb21f3f3ec
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: b2db3b4baa9412ef8a513e8a82a1a5997c90d30022ed883003fe7d446dd7b2be

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: https://blog.cymulate.com
date: Sat, 06 Feb 2021 15:04:32 GMT
content-encoding: gzip
access-control-allow-credentials: true
vary: Accept-Encoding
via: 1.1 google
content-type: text/plain; charset=utf-8

GET
H2 200 /
t.influ2.com/p/vt/ 597 B
797 B 144ms
120ms Image
image/jpeg 2a00:1450:4001:812::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.influ2.com/p/vt/?a=&clid=1c42c346-fd98-4322-b42c-ffbb21f3f3ec&caid=&cb=1612623872092&s=&dt=Abusing%20Microsoft%20Office%20Online%20Video&ref=https%3A%2F%2Fblog.cymulate.com%2Fabusing-microsoft-office-online-video
Requested by: Host: blog.cymulate.com
URL: https://blog.cymulate.com/abusing-microsoft-office-online-video
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d267998c3594ce7f02341a5a8ef2b2705627f2552960e332d73747022406a30b

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 06 Feb 2021 15:04:32 GMT
via: 1.1 google
access-control-allow-credentials: true
content-length: 597
content-type: image/jpeg

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/859674832/ 42 B
79 B 23ms
22ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/859674832/?random=1612623871975&cv=9&fst=1612623600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa1r0&sendb=1&data=event%3Doptimize.callback&frm=0&url=https%3A%2F%2Fblog.cymulate.com%2Fabusing-microsoft-office-online-video&ref=https%3A%2F%2Ft.co%2Fmq0rMBQDJ2%3Famp%3D1&tiba=Abusing%20Microsoft%20Office%20Online%20Video&async=1&fmt=3&is_vtc=1&random=3584632638&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: blog.cymulate.com
URL: https://blog.cymulate.com/abusing-microsoft-office-online-video

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Feb 2021 15:04:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/859674832/ 42 B
66 B 22ms
21ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/859674832/?random=1612623871975&cv=9&fst=1612623600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa1r0&sendb=1&data=event%3Doptimize.callback&frm=0&url=https%3A%2F%2Fblog.cymulate.com%2Fabusing-microsoft-office-online-video&ref=https%3A%2F%2Ft.co%2Fmq0rMBQDJ2%3Famp%3D1&tiba=Abusing%20Microsoft%20Office%20Online%20Video&async=1&fmt=3&is_vtc=1&random=3584632638&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: blog.cymulate.com
URL: https://blog.cymulate.com/abusing-microsoft-office-online-video

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Feb 2021 15:04:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 blank.png
cdn2.hubspot.net/hubfs/2240956/Lobtec-2016/Image/ 0
0 270ms
269ms Image
text/html 2606:4700::6811:f2cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.hubspot.net/hubfs/2240956/Lobtec-2016/Image/blank.png
Requested by: Host: blog.cymulate.com
URL: https://blog.cymulate.com/hs-fs/hub/4347852/hub_generated/template_assets/9514997204/1612198652617/Cymulate_May2019_Theme/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://blog.cymulate.com/hs-fs/hub/4347852/hub_generated/template_assets/9514997204/1612198652617/Cymulate_May2019_Theme/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 DINPro-Bold.woff2
cdn2.hubspot.net/hubfs/4347852/Cymulate_May2019/Fonts/ 27 KB
28 KB 35ms
35ms Font
application/font-woff2 2606:4700::6811:f2cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hubfs/4347852/Cymulate_May2019/Fonts/DINPro-Bold.woff2
Requested by: Host: blog.cymulate.com
URL: https://blog.cymulate.com/hs-fs/hub/4347852/hub_generated/template_assets/9514997204/1612198652617/Cymulate_May2019_Theme/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 294ba1871aa2e4af1af8365cb7b0d8fa583ad958d7b4b5e7e324a949fc8b4749

Request headers

Origin: https://blog.cymulate.com
Referer: https://blog.cymulate.com/hs-fs/hub/4347852/hub_generated/template_assets/9514997204/1612198652617/Cymulate_May2019_Theme/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:32 GMT
via: 1.1 36be2c773789c1382b13900c0a0f5725.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-meta-cache-tag: F-9520248110,FD-9520062884,P-4347852,FLS-ALL
age: 742578
edge-cache-tag: F-9520248110,FD-9520062884,P-4347852,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
x-amz-request-id: A2A843AA736757C7
cf-request-id: 08197899060000176209119000000001
x-amz-id-2: StabRfohiQ/BXzhrCH1dbOwrcd/RjTag5e41qRRlhQKsEp/Dspa2X53qWowna2gXw/S3laNInQY=
accept-ranges: bytes
last-modified: Thu, 09 May 2019 10:59:54 GMT
server: cloudflare
etag: "356ee933f094f17abfbf2cad2e23ad7e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: kCMGbOT8vi451mRjcoquR.PVX1G1n0Hw
x-amz-cf-pop: MXP64-C2
content-length: 28088
cf-ray: 61d5c3a1ad7b1762-FRA
x-amz-cf-id: 4WIRehwfrncHZnUvcaUPAPfLU5i5GqVoCAADTXfwmsAv6UjaUdTq4w==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11

GET FollowCompany
www.linkedin.com/pages-extensions/ Frame FBC9 0
0

GET
H2 200 FollowCompany
www.linkedin.com/pages-extensions/ Frame 4D25 0
0 236ms
236ms Document
text/html 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.linkedin.com/pages-extensions/FollowCompany?id=10868396&counter=bottom&xdOrigin=https%3A%2F%2Fblog.cymulate.com&xdChannel=2019a45a-5709-4964-b04a-552c26ceba78&xd_origin_host=https%3A%2F%2Fblog.cymulate.com

Requested by

Host: platform.linkedin.com
URL: https://platform.linkedin.com/in.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src ; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://.linkedin.com dms.licdn.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: ; font-src data: ; child-src blob: ; style-src 'unsafe-inline' 'self' static-src.linkedin.com .licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com .ads.linkedin.com .licdn.com www.google-analytics.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; report-uri https://www.linkedin.com/platform-telemetry/csp?f=nf
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: www.linkedin.com
:scheme: https
:path: /pages-extensions/FollowCompany?id=10868396&counter=bottom&xdOrigin=https%3A%2F%2Fblog.cymulate.com&xdChannel=2019a45a-5709-4964-b04a-552c26ceba78&xd_origin_host=https%3A%2F%2Fblog.cymulate.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: UserMatchHistory=AQIDDM1b2YqJ3QAAAXd3338kZfhQFyZ3eBjanSsKLfr0oNrgrBONeElzbvvhkn2URXHikvz1cD4; bcookie="v=2&60f627b0-6ff9-45a4-867b-f854f54b2caa"; lidc="b=OGST07:s=O:r=O:g=1925:u=1:i=1612623871:t=1612710271:v=1:sig=AQGXjj8cSryaJrZH4DUkYK3k_7kGMNJX"; lang=v=2&lang=en-us; bscookie="v=1&20210206150432b0a93e10-205e-49cb-8573-d6b56f385774AQF6ZKPFEAErBVyRqmQwqaHIPg-2SCqb"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video

Response headers

cache-control: no-cache, no-store
pragma: no-cache
content-length: 867
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: Thu, 01 Jan 1970 00:00:00 GMT
vary: Accept-Encoding
set-cookie: JSESSIONID=ajax:3450894883296864129; SameSite=None; Path=/; Domain=.www.linkedin.com; Secure
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; child-src blob: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com www.google-analytics.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; report-uri https://www.linkedin.com/platform-telemetry/csp?f=nf
content-security-policy-report-only: default-src 'none'; connect-src 'self' www.linkedin.com www.google-analytics.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://linkedin.sc.omtrdc.net/b/ss/ static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; script-src 'sha256-THuVhwbXPeTR0HszASqMOnIyxqEgvGyBwSPBKBF/iMc=' 'sha256-iC8MPqNLw0FDnsBf4DlSkFLNTwhkI85aouiAEB819ic=' 'sha256-y5uW69VItKj51mcc7UD9qfptDVUqicZL+bItEpvVNDw=' 'sha256-PyCXNcEkzRWqbiNr087fizmiBBrq9O6GGD8eV3P09Ik=' 'sha256-2SQ55Erm3CPCb+k03EpNxU9bdV3XL9TnVTriDs7INZ4=' 'sha256-S/KSPe186K/1B0JEjbIXcCdpB97krdzX05S+dHnQjUs=' platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'self' 'unsafe-inline' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; media-src dms.licdn.com; child-src blob: *; frame-src 'self' lnkd.demdex.net linkedin.cdn.qualaroo.com; manifest-src 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=g
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1
x-li-proto: http/2
x-li-uuid: x8RJL94wYRYQ3gyFEysAAA==
x-msedge-ref: Ref A: 456CF6F6B8EB4C1584C916EE0E9AA535 Ref B: FRAEDGE0815 Ref C: 2021-02-06T15:04:32Z
date: Sat, 06 Feb 2021 15:04:32 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 13ms
13ms Image
image/gif 2a03:2880:f145:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=201397790656822&ev=Microdata&dl=https%3A%2F%2Fblog.cymulate.com%2Fabusing-microsoft-office-online-video&rl=https%3A%2F%2Ft.co%2Fmq0rMBQDJ2%3Famp%3D1&if=false&ts=1612623872324&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Abusing%20Microsoft%20Office%20Online%20Video%22%2C%22meta%3Adescription%22%3A%22%20Cymulate%E2%80%99s%20research%20team%20has%20discovered%20a%20way%20to%20abuse%20the%20Online%20Video%20feature%20on%20Microsoft%20Word%20to%20execute%20malicious%20code.%20Attackers%20could%20use%20this%20for%20malicious%20purposes%20such%20as%20phishing%2C%20as%20the%20document%20will%20show%20the%20embedded%20online%20video%20with%20a%20link%20to%20YouTube%2C%20while%20in%20fact%20a%20html%2Fjavascript%20code%20is%20running%20in%20the%20background%20that%20potentially%20could%20lead%20to%20further%20code%20execution%20scenarios.%22%7D&cd[OpenGraph]=%7B%22og%3Adescription%22%3A%22%20Cymulate%E2%80%99s%20research%20team%20has%20discovered%20a%20way%20to%20abuse%20the%20Online%20Video%20feature%20on%20Microsoft%20Word%20to%20execute%20malicious%20code.%20Attackers%20could%20use%20this%20for%20malicious%20purposes%20such%20as%20phishing%2C%20as%20the%20document%20will%20show%20the%20embedded%20online%20video%20with%20a%20link%20to%20YouTube%2C%20while%20in%20fact%20a%20html%2Fjavascript%20code%20is%20running%20in%20the%20background%20that%20potentially%20could%20lead%20to%20further%20code%20execution%20scenarios.%22%2C%22og%3Atitle%22%3A%22Abusing%20Microsoft%20Office%20Online%20Video%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fblog.cymulate.com%2Fhubfs%2FBlog%2520-25-1.png%23keepProtocol%22%2C%22og%3Aimage%3Awidth%22%3A%221920%22%2C%22og%3Aimage%3Aheight%22%3A%22629%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fblog.cymulate.com%2Fabusing-microsoft-office-online-video%22%2C%22og%3Atype%22%3A%22article%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&fbp=fb.1.1612623871819.627312101&it=1612623871659&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: blog.cymulate.com
URL: https://blog.cymulate.com/abusing-microsoft-office-online-video

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f145:82:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:32 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sat, 06 Feb 2021 15:04:32 GMT

GET
H2 200 loader-v2.js Show response
blog.cymulate.com/hs/cta/ctas/v2/public/cs/ 7 KB
3 KB 416ms
416ms Script
text/javascript 199.60.103.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.cymulate.com/hs/cta/ctas/v2/public/cs/loader-v2.js?cos=1&__hsfp=2978788718&__hssc=145613419.1.1612623872720&__hstc=145613419.e865f67f72c2a58d7a903e7594374def.1612623872720.1612623872720.1612623872720.1&canon=https%3A%2F%2Fblog.cymulate.com%2Fabusing-microsoft-office-online-video&hsutk=e865f67f72c2a58d7a903e7594374def&pageId=6389069793&contentType=blog-post&pg=24061485-015e-43ba-a3bb-877a1134ee08&pid=4347852&sv=cta-embed-js-static-1.13&utm_referrer=https%3A%2F%2Ft.co%2Fmq0rMBQDJ2%3Famp%3D1&lag=1010&rdy=1&cos=1&df=a
Requested by: Host: blog.cymulate.com
URL: https://blog.cymulate.com/hs/cta/cta/current.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.30 , Canada, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5a66cb6d986d38c53cea5680e12f847dfc6c13e5c6c912cbd648528c9fa8f03

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:33 GMT
content-encoding: gzip
cf-cache-status: MISS
cf-ray: 61d5c3a49e797293-AMS
content-disposition: attachment; name="loaderJS" filename="loader-v2.js"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2541
cf-request-id: 0819789ada000072930c9a3000000001
server: cloudflare
x-trace: 2BBD7A8522591B4029DEE95D83B3902037B20A7797000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: noindex, follow

GET
H2 200 loader-v2.js Show response
blog.cymulate.com/hs/cta/ctas/v2/public/cs/ 6 KB
2 KB 172ms
172ms Script
text/javascript 199.60.103.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.cymulate.com/hs/cta/ctas/v2/public/cs/loader-v2.js?cos=1&__hsfp=2978788718&__hssc=145613419.1.1612623872720&__hstc=145613419.e865f67f72c2a58d7a903e7594374def.1612623872720.1612623872720.1612623872720.1&canon=https%3A%2F%2Fblog.cymulate.com%2Fabusing-microsoft-office-online-video&hsutk=e865f67f72c2a58d7a903e7594374def&pageId=6389069793&contentType=blog-post&pg=3f4582e4-c1d9-47f2-8f28-5b499731140a&pid=4347852&sv=cta-embed-js-static-1.13&utm_referrer=https%3A%2F%2Ft.co%2Fmq0rMBQDJ2%3Famp%3D1&lag=1008&rdy=1&cos=1&df=a
Requested by: Host: blog.cymulate.com
URL: https://blog.cymulate.com/hs/cta/cta/current.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.30 , Canada, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5db37681bdb6303a1aef0b7cdfc12539e4cd2148886a959205aaa03bc9332d79

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:32 GMT
content-encoding: gzip
cf-cache-status: MISS
cf-ray: 61d5c3a49e7a7293-AMS
content-disposition: attachment; name="loaderJS" filename="loader-v2.js"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2190
cf-request-id: 0819789adb000072930b134000000001
server: cloudflare
x-trace: 2BB912C6D641340FEAC198CB60FE63B599355AAC7B000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: noindex, follow

GET
H2 200 loader-v2.js Show response
blog.cymulate.com/hs/cta/ctas/v2/public/cs/ 7 KB
2 KB 181ms
181ms Script
text/javascript 199.60.103.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.cymulate.com/hs/cta/ctas/v2/public/cs/loader-v2.js?cos=1&__hsfp=2978788718&__hssc=145613419.1.1612623872720&__hstc=145613419.e865f67f72c2a58d7a903e7594374def.1612623872720.1612623872720.1612623872720.1&canon=https%3A%2F%2Fblog.cymulate.com%2Fabusing-microsoft-office-online-video&hsutk=e865f67f72c2a58d7a903e7594374def&pageId=6389069793&contentType=blog-post&pg=69c6963a-9616-43ac-ab7c-b47e23857b06&pid=4347852&sv=cta-embed-js-static-1.13&utm_referrer=https%3A%2F%2Ft.co%2Fmq0rMBQDJ2%3Famp%3D1&lag=1007&rdy=1&cos=1&df=a
Requested by: Host: blog.cymulate.com
URL: https://blog.cymulate.com/hs/cta/cta/current.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.30 , Canada, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13a769505250cb46fb801186d9d03466cdf9ec04bb7ef815fb1f47db6daa09bd

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:32 GMT
content-encoding: gzip
cf-cache-status: MISS
cf-ray: 61d5c3a49e7b7293-AMS
content-disposition: attachment; name="loaderJS" filename="loader-v2.js"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2224
cf-request-id: 0819789adb0000729319bcb000000001
server: cloudflare
x-trace: 2BC8A2538FF36FDABAA96FE0D97896234D74D498A1000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: noindex, follow

GET
H2 200 oEeGKEsoqd995kKu6vS7RG
play.vidyard.com/ 0
2 KB 217ms
173ms Other
text/html 151.101.113.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/oEeGKEsoqd995kKu6vS7RG?disable_popouts=1&v=4.2.27&viral_sharing=0&embed_button=0&hide_playlist=1&color=FFFFFF&playlist_color=FFFFFF&play_button_color=2A2A2A&gdpr_enabled=1&type=inline&autoplay=0&loop=0&muted=0&hidden_controls=0&pomo=2&vydata%5Butk%5D=e865f67f72c2a58d7a903e7594374def&vydata%5Bportal_id%5D=4347852&vydata%5Bcontent_type%5D=blog-post&vydata%5Bcanonical_url%5D=https%3A%2F%2Fblog.cymulate.com%2Fabusing-microsoft-office-online-video&vydata%5Bpage_id%5D=6389069793&vydata%5Bcontent_page_id%5D=6389069793&vydata%5Blegacy_page_id%5D=6389069793&vydata%5Bcontent_folder_id%5D=null&vydata%5Bcontent_group_id%5D=5759690221&vydata%5Bab_test_id%5D=null&vydata%5Blanguage_code%5D=null

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/vidyard-embed/static-1.38/js/v4.umd.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.181 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Origin: https://blog.cymulate.com
Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:32 GMT
content-encoding: gzip
age: 0
x-cache: HIT
content-length: 1451
x-served-by: cache-hhn4080-HHN
x-china: 0
access-control-allow-origin: *
referrer-policy: no-referrer-when-downgrade
x-timer: S1612623873.779412,VS0,VE148
x-frame-options: ALLOWALL
etag: W/"dc1-pI7GQnAFI7qUov1U7tDLs/HFJm0"
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
content-type: text/html; charset=utf-8
via: 1.1 varnish
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 oEeGKEsoqd995kKu6vS7RG
play.vidyard.com/ Frame 7B60 0
0 210ms
210ms Document
text/html 151.101.113.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/vidyard-embed/static-1.38/js/v4.umd.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.181 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

:method: GET
:authority: play.vidyard.com
:scheme: https
:path: /oEeGKEsoqd995kKu6vS7RG?disable_popouts=1&v=4.2.27&viral_sharing=0&embed_button=0&hide_playlist=1&color=FFFFFF&playlist_color=FFFFFF&play_button_color=2A2A2A&gdpr_enabled=1&type=inline&autoplay=0&loop=0&muted=0&hidden_controls=0&pomo=2&vydata%5Butk%5D=e865f67f72c2a58d7a903e7594374def&vydata%5Bportal_id%5D=4347852&vydata%5Bcontent_type%5D=blog-post&vydata%5Bcanonical_url%5D=https%3A%2F%2Fblog.cymulate.com%2Fabusing-microsoft-office-online-video&vydata%5Bpage_id%5D=6389069793&vydata%5Bcontent_page_id%5D=6389069793&vydata%5Blegacy_page_id%5D=6389069793&vydata%5Bcontent_folder_id%5D=null&vydata%5Bcontent_group_id%5D=5759690221&vydata%5Bab_test_id%5D=null&vydata%5Blanguage_code%5D=null
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video

Response headers

content-type: text/html; charset=utf-8
access-control-allow-origin: *
referrer-policy: no-referrer-when-downgrade
x-frame-options: ALLOWALL
cache-control: no-store, no-cache, must-revalidate
etag: W/"dc1-pI7GQnAFI7qUov1U7tDLs/HFJm0"
x-china: 0
content-encoding: gzip
accept-ranges: bytes
date: Sat, 06 Feb 2021 15:04:32 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-hhn4078-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1612623873.741031,VS0,VE187
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
content-length: 1451

GET
H2 200 style.js Show response
play.vidyard.com/v4/oEeGKEsoqd995kKu6vS7RG/ 176 B
235 B 24ms
24ms Script
text/javascript 151.101.113.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/v4/oEeGKEsoqd995kKu6vS7RG/style.js?callback=window.VidyardV4.jsonp.style_oEeGKEsoqd995kKu6vS7RG.done

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/vidyard-embed/static-1.38/js/v4.umd.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.181 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

bc073752999c743f38e35d6fab2dd224379199e35d3db16479c0c6a18bedf27c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1470423
x-cache: HIT
content-length: 136
via: 1.1 varnish
x-served-by: cache-hhn4078-HHN
x-china: 0
referrer-policy: no-referrer-when-downgrade
x-timer: S1612623873.741000,VS0,VE1
x-frame-options: ALLOWALL
etag: W/"b0-sj98vrts0oopiE6bXf9zv2bpQEY"
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 integrations.js Show response
play.vidyard.com/v4/oEeGKEsoqd995kKu6vS7RG/ 176 B
357 B 23ms
23ms Script
text/javascript 151.101.113.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/v4/oEeGKEsoqd995kKu6vS7RG/integrations.js?callback=window.VidyardV4.jsonp.integrations_oEeGKEsoqd995kKu6vS7RG.done

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/vidyard-embed/static-1.38/js/v4.umd.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.181 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

25f139fd9041c3ed29c67df657f5820090a39290be6140fb292863789f08f92b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 239920
x-cache: HIT
content-length: 132
via: 1.1 varnish
x-served-by: cache-hhn4078-HHN
x-china: 0
referrer-policy: no-referrer-when-downgrade
x-timer: S1612623873.740991,VS0,VE1
x-frame-options: ALLOWALL
etag: W/"b0-vkdAGg9R+W4CmLv3LCTJa4As8+g"
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 details.js Show response
play.vidyard.com/v4/oEeGKEsoqd995kKu6vS7RG/ 152 B
215 B 23ms
23ms Script
text/javascript 151.101.113.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/v4/oEeGKEsoqd995kKu6vS7RG/details.js?callback=window.VidyardV4.jsonp.details_oEeGKEsoqd995kKu6vS7RG.done

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/vidyard-embed/static-1.38/js/v4.umd.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.181 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ab26e769f61c1d6a31159ae4afe8955dd7cfb0495488ff1cd4e2f03b7869f396

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1103923
x-cache: HIT
content-length: 115
via: 1.1 varnish
x-served-by: cache-hhn4078-HHN
x-china: 0
referrer-policy: no-referrer-when-downgrade
x-timer: S1612623873.741938,VS0,VE1
x-frame-options: ALLOWALL
etag: W/"98-Tl/JaRWZaqGN2pyIqik8Rkh05uM"
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
536 B 22ms
21ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2978788718&v=1.1&a=4347852&pi=6389069793&ct=blog-post&ccu=https%3A%2F%2Fblog.cymulate.com%2Fabusing-microsoft-office-online-video&cpi=6389069793&cgi=5759690221&lpi=6389069793&lvi=6389069793&lvc=en&r=https%3A%2F%2Ft.co%2Fmq0rMBQDJ2%3Famp%3D1&pu=https%3A%2F%2Fblog.cymulate.com%2Fabusing-microsoft-office-online-video&t=Abusing+Microsoft+Office+Online+Video&cts=1612623872731&vi=e865f67f72c2a58d7a903e7594374def&nc=true&ce=false&pt=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:32 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 61d5c3a4b9c74a8c-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
cf-request-id: 0819789aee00004a8c7434d000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VjywaCriQZGPUHlo%2B5yoWOHQjHmx9jFkF0P45w0C%2FJGEsWdBb96UwUI6sRh69KiuwXOYDZe0kIhdLhRbCxdhviGkJMr4Qoz3U5rz6CzO1mkfuVYDUEUSAVxogpKiKg%3D%3D"}],"max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
471 B 25ms
23ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=17&fi=7ec5e130-82c7-4475-a51d-b0f2f70b341b&fci=454a734c-8ef3-4989-8d72-d6558c270454&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2978788718&v=1.1&a=4347852&pi=6389069793&ct=blog-post&ccu=https%3A%2F%2Fblog.cymulate.com%2Fabusing-microsoft-office-online-video&cpi=6389069793&cgi=5759690221&lpi=6389069793&lvi=6389069793&lvc=en&r=https%3A%2F%2Ft.co%2Fmq0rMBQDJ2%3Famp%3D1&pu=https%3A%2F%2Fblog.cymulate.com%2Fabusing-microsoft-office-online-video&t=Abusing+Microsoft+Office+Online+Video&cts=1612623872734&vi=e865f67f72c2a58d7a903e7594374def&nc=true&ce=false&pt=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:32 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 61d5c3a4b9c94a8c-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
cf-request-id: 0819789aef00004a8cad30d000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qB3ab5M0KspX%2F4DT8yrx2uI5bEnGwRzi90rryBK9HqiaxdB7rPF0fm6fgsibQ5NORbxSrIuQzS6LdDWCiDJ0w8y5XkA8f4%2FeAn4laSdKOq0EHf6GJ1zTR0MQ426nQQ%3D%3D"}],"max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
433 B 36ms
35ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=7ec5e130-82c7-4475-a51d-b0f2f70b341b&fci=454a734c-8ef3-4989-8d72-d6558c270454&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2978788718&v=1.1&a=4347852&pi=6389069793&ct=blog-post&ccu=https%3A%2F%2Fblog.cymulate.com%2Fabusing-microsoft-office-online-video&cpi=6389069793&cgi=5759690221&lpi=6389069793&lvi=6389069793&lvc=en&r=https%3A%2F%2Ft.co%2Fmq0rMBQDJ2%3Famp%3D1&pu=https%3A%2F%2Fblog.cymulate.com%2Fabusing-microsoft-office-online-video&t=Abusing+Microsoft+Office+Online+Video&cts=1612623872747&vi=e865f67f72c2a58d7a903e7594374def&nc=true&ce=false&pt=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:32 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 61d5c3a4b9ca4a8c-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
cf-request-id: 0819789aef00004a8caa936000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WT5sjFaeR0MxfQePd8phbC2FezETFsNgDDZTHd0gWaMXevRLgJk5jly4EkrvDoZrMDGI8zDkvJ2fCdT9ylPzlTHg7ZELb%2FQaRebWLSCrlxcuWKn7EvoZ%2FHwyrFaJ%2BQ%3D%3D"}],"max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
335 B 33ms
32ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=12&aij=%5B%223f4582e4-c1d9-47f2-8f28-5b499731140a%22%2C%22c10ba2d2-d07e-489c-bb93-d161c4509a75%22%5D&rfc=8&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2978788718&v=1.1&a=4347852&pi=6389069793&ct=blog-post&ccu=https%3A%2F%2Fblog.cymulate.com%2Fabusing-microsoft-office-online-video&cpi=6389069793&cgi=5759690221&lpi=6389069793&lvi=6389069793&lvc=en&r=https%3A%2F%2Ft.co%2Fmq0rMBQDJ2%3Famp%3D1&pu=https%3A%2F%2Fblog.cymulate.com%2Fabusing-microsoft-office-online-video&t=Abusing+Microsoft+Office+Online+Video&cts=1612623872897&vi=e865f67f72c2a58d7a903e7594374def&nc=true&ce=false&pt=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:32 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 61d5c3a59bfe4a8c-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
cf-request-id: 0819789b8300004a8cd28c8000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=P%2BgEPvmMEEqTRBYsPYCGae1ExSU7dn8R2RTDiTQd9i5Pv8U8ZBTcBxeSlgtU7Il0YeIf4861dFb7PoWuVmXYMYmbVWF74y6%2Fk9gTOVKSeT7qzmxAvjukOqQ8tzOoTg%3D%3D"}],"max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
342 B 32ms
32ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=12&aij=%5B%2269c6963a-9616-43ac-ab7c-b47e23857b06%22%2C%22232b301b-11f7-4680-89b3-add4b7af33fe%22%5D&rfc=8&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2978788718&v=1.1&a=4347852&pi=6389069793&ct=blog-post&ccu=https%3A%2F%2Fblog.cymulate.com%2Fabusing-microsoft-office-online-video&cpi=6389069793&cgi=5759690221&lpi=6389069793&lvi=6389069793&lvc=en&r=https%3A%2F%2Ft.co%2Fmq0rMBQDJ2%3Famp%3D1&pu=https%3A%2F%2Fblog.cymulate.com%2Fabusing-microsoft-office-online-video&t=Abusing+Microsoft+Office+Online+Video&cts=1612623872906&vi=e865f67f72c2a58d7a903e7594374def&nc=true&ce=false&pt=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:32 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 61d5c3a5ac314a8c-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
cf-request-id: 0819789b8d00004a8cc7900000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Yf%2FXy%2Flq1JglgvkZEizEeEd7vFfZrnCzl%2FmfZugUCuD9D%2FY57mIKhzDZoHIjc3QstPkiPfN%2B3xVnkF1yVDBp3ndVfcrtWJgqJ%2Flzf3YXcRCuokygzc5XxLb0KVQEKg%3D%3D"}],"max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 cta-loaded.js Show response
blog.cymulate.com/hs/cta/ctas/v2/public/cs/ 0
118 B 170ms
170ms Script
text/plain 199.60.103.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.cymulate.com/hs/cta/ctas/v2/public/cs/cta-loaded.js?pid=4347852&pg=3f4582e4-c1d9-47f2-8f28-5b499731140a&lt=1612623871714&dt=1612623872722&at=1612623872907&ae=1&sl=1&an=1
Requested by: Host: blog.cymulate.com
URL: https://blog.cymulate.com/hs/cta/cta/current.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.30 , Canada, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:33 GMT
cf-cache-status: MISS
server: cloudflare
x-trace: 2BC42229E84E4F82FAE4A46E6ABACB9C0AEA0D71FB000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cache-control: no-cache, no-store, no-transform, max-age=0
access-control-allow-credentials: false
cf-ray: 61d5c3a5befc7293-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0819789b95000072930e390000000001
x-robots-tag: noindex, follow

GET
H2 200 cta-loaded.js Show response
blog.cymulate.com/hs/cta/ctas/v2/public/cs/ 0
173 B 141ms
141ms Script
text/plain 199.60.103.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.cymulate.com/hs/cta/ctas/v2/public/cs/cta-loaded.js?pid=4347852&pg=69c6963a-9616-43ac-ab7c-b47e23857b06&lt=1612623871715&dt=1612623872722&at=1612623872916&ae=1&sl=1&an=1
Requested by: Host: blog.cymulate.com
URL: https://blog.cymulate.com/hs/cta/cta/current.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.30 , Canada, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:33 GMT
cf-cache-status: MISS
server: cloudflare
x-trace: 2BA270F90DDC6564D167BF92643FF9EF2E60AE02F1000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cache-control: no-cache, no-store, no-transform, max-age=0
access-control-allow-credentials: false
cf-ray: 61d5c3a5ceff7293-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0819789b9d000072930c184000000001
x-robots-tag: noindex, follow

GET
H2

200

70fe0b7a1dfa635997d921.jpg
cdn.vidyard.com/thumbnails/8OBuged-8AIWByCv7Vbrdw/
Redirect Chain

https://play.vidyard.com/oEeGKEsoqd995kKu6vS7RG.jpg
https://cdn.vidyard.com/thumbnails/8OBuged-8AIWByCv7Vbrdw/70fe0b7a1dfa635997d921.jpg

35 KB
35 KB

16ms
16ms

Image
image/jpeg

93.184.221.26
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.vidyard.com/thumbnails/8OBuged-8AIWByCv7Vbrdw/70fe0b7a1dfa635997d921.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.26 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/8A8E) /
Resource Hash: 0c255ee55786844ef620977da89a0824f32e4f28e606a7a4a6cd2b8f0d44e33f

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:33 GMT
age: 418189
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-request-id: 2Q9S8SFN1K6Y8G5M
x-amz-id-2: kSoweuoykAb0qK8T8zqI1u+NEguQRoihr2JhiUopdflUAwV0Lfh4Ggoe78SM6FLN7wtxYJtwVjE=
accept-ranges: bytes
last-modified: Thu, 25 Oct 2018 13:20:37 GMT
server: ECAcc (ama/8A8E)
etag: "1b668f2152d35096d673a73c91c07a30"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST
content-type: image/jpeg
access-control-allow-origin: *
x-amz-version-id: 0yiEgfQDsHkG9XLZqXkwbeHRd2jBXm4Z
content-length: 35503

Redirect headers

date: Sat, 06 Feb 2021 15:04:32 GMT
via: 1.1 varnish
age: 1
x-cache: HIT
content-length: 106
x-served-by: cache-hhn4078-HHN
x-china: 0
referrer-policy: no-referrer-when-downgrade
location: https://cdn.vidyard.com/thumbnails/8OBuged-8AIWByCv7Vbrdw/70fe0b7a1dfa635997d921.jpg
x-timer: S1612623873.995799,VS0,VE0
x-frame-options: ALLOWALL
vary: Accept, X-ThumbnailAB, X-China, accept-language
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 trends.min.js Show response
assets.trendemon.com/tag/ 182 KB
37 KB 118ms
28ms Script
application/javascript 143.204.215.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.trendemon.com/tag/trends.min.js
Requested by: Host: t.co
URL: https://t.co/mq0rMBQDJ2?amp=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.125 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-125.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6d8a4cd6eedafa1528d568ad052d53cdc611f7fd8bd3a57662994b0fee6acabf

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 06:52:24 GMT
content-encoding: gzip
last-modified: Mon, 01 Feb 2021 07:53:28 GMT
server: AmazonS3
age: 67569
etag: "9179493d23bb398ab61b3a522c056116"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 37637
x-amz-cf-id: 3KKadUinu870rV1DPDB1oXVTnzb4R8s6vV1HaQKFWCH84w_8H5-_5g==

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
465 B 31ms
30ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=12&aij=%5B%2224061485-015e-43ba-a3bb-877a1134ee08%22%2C%2239853995-dcd9-4cc4-b5f4-67bb3d6365ca%22%5D&rfc=8&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2978788718&v=1.1&a=4347852&pi=6389069793&ct=blog-post&ccu=https%3A%2F%2Fblog.cymulate.com%2Fabusing-microsoft-office-online-video&cpi=6389069793&cgi=5759690221&lpi=6389069793&lvi=6389069793&lvc=en&r=https%3A%2F%2Ft.co%2Fmq0rMBQDJ2%3Famp%3D1&pu=https%3A%2F%2Fblog.cymulate.com%2Fabusing-microsoft-office-online-video&t=Abusing+Microsoft+Office+Online+Video&cts=1612623873140&vi=e865f67f72c2a58d7a903e7594374def&nc=true&ce=false&pt=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:33 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 61d5c3a72ff84a8c-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
cf-request-id: 0819789c7600004a8ccd14c000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=e7DbQwD%2BUW0GoUTOcOGQFFNKdQaMNMltds1vFCLJyg70NkvrqBkxYHJ8v4Xx%2BnXtKlT4yHSqLuHi9Tk5FMEJ5BAsyjvubukG0%2B92AQifvzVarIwhpagYqr0VDkiogg%3D%3D"}],"max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 cta-loaded.js Show response
blog.cymulate.com/hs/cta/ctas/v2/public/cs/ 0
118 B 389ms
388ms Script
text/plain 199.60.103.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.cymulate.com/hs/cta/ctas/v2/public/cs/cta-loaded.js?pid=4347852&pg=24061485-015e-43ba-a3bb-877a1134ee08&lt=1612623871711&dt=1612623872721&at=1612623873150&ae=1&sl=1&an=1
Requested by: Host: blog.cymulate.com
URL: https://blog.cymulate.com/hs/cta/cta/current.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.30 , Canada, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:33 GMT
cf-cache-status: MISS
server: cloudflare
x-trace: 2B60740EA8E8DC9EC77ECA27BE42647F6851180DED000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cache-control: no-cache, no-store, no-transform, max-age=0
access-control-allow-credentials: false
cf-ray: 61d5c3a73f617293-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0819789c870000729319bd6000000001
x-robots-tag: noindex, follow

GET
H2 200 2148 Show response
trackingapi.trendemon.com/api/settings/ 488 B
627 B 333ms
115ms Script
application/x-javascript 54.158.202.0
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trackingapi.trendemon.com/api/settings/2148?callback=jsonp528691&vid=
Requested by: Host: assets.trendemon.com
URL: https://assets.trendemon.com/tag/trends.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.158.202.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-202-0.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: f3aefaf498ef108cbfc38fced194ba7aeed01cdb8e9f8e108f4560f43e328371

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Feb 2021 15:04:33 GMT
cache-control: no-store,no-cache
server: Kestrel
content-length: 488
content-type: application/x-javascript; charset=UTF-8

GET
H2 200 fingerprint.min.js Show response
assets.trendemon.com/global/ 29 KB
11 KB 24ms
23ms Script
application/javascript 143.204.215.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.trendemon.com/global/fingerprint.min.js
Requested by: Host: assets.trendemon.com
URL: https://assets.trendemon.com/tag/trends.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.125 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-125.fra53.r.cloudfront.net
Software: / Express
Resource Hash: 55c933ffc7905ff89121dbc195178e54e99cd3b19a4c5b87895b91e6d5473651

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 12:03:28 GMT
content-encoding: gzip
age: 10865
x-powered-by: Express
x-cache: Hit from cloudfront
access-control-allow-origin: *
trd-ts: 2021-02-06T12:03:28.465Z
last-modified: Mon, 01 Feb 2021 07:52:33 GMT
etag: W/"77f4-1775c9435e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: _TspUzHbU6W0G1Pj0dz3ai6Uoc1NktkbGvrzIFUJ9Vdr3tesAe81EA==

GET
H2 200 me Show response
trackingapi.trendemon.com/api/Identity/ 94 B
507 B 112ms
112ms Script
application/x-javascript 54.158.202.0
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trackingapi.trendemon.com/api/Identity/me?accountId=2148&DomainCookie=16126238736098970&fingerPrint=7dc5328a71f41489638f193f937d5dcc&callback=jsonp735415&vid=
Requested by: Host: assets.trendemon.com
URL: https://assets.trendemon.com/tag/trends.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.158.202.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-202-0.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: cb316b60acf0f7229ec352f4f9d4e7a74583218f10addea76a1f689003e41ebd

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Feb 2021 15:04:33 GMT
cache-control: no-store,no-cache
server: Kestrel
content-length: 94
content-type: application/x-javascript; charset=UTF-8

GET
H2 200 personal Show response
trackingapi.trendemon.com/api/experience/ 15 B
114 B 122ms
122ms Script
application/x-javascript 54.158.202.0
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trackingapi.trendemon.com/api/experience/personal?AccountId=2148&ClientUrl=https%3A%2F%2Fblog.cymulate.com%2Fabusing-microsoft-office-online-video&MarketingAutomationCookie=undefined&ExcludeUnitsJson=%5B%5D&callback=jsonp525087&vid=2148:16126238736098970
Requested by: Host: assets.trendemon.com
URL: https://assets.trendemon.com/tag/trends.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.158.202.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-202-0.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: 41c798eb56a2baf583af9769ed9c8f5abb09f01f049d636e0d96b0cd221dfb3a

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:33 GMT
server: Kestrel
content-length: 15
content-type: application/x-javascript; charset=UTF-8

GET
H2 200 pageview
trackingapi.trendemon.com/api/events/ 43 B
234 B 298ms
297ms Image
image/gif 54.158.202.0
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trackingapi.trendemon.com/api/events/pageview?accountId=2148&url=aHR0cHM6Ly9ibG9nLmN5bXVsYXRlLmNvbS9hYnVzaW5nLW1pY3Jvc29mdC1vZmZpY2Utb25saW5lLXZpZGVv&cookie=16126238736098970&referral=aHR0cHM6Ly90LmNvL21xMHJNQlFESjI%2FYW1wPTE%3D&vid=2148:16126238736098970&r=1612623873818
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.158.202.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-202-0.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Feb 2021 15:04:34 GMT
server: Kestrel
age: 1691358
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 perf Show response
blog.cymulate.com/_hcms/ 2 B
188 B 162ms
161ms XHR
text/plain 199.60.103.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.cymulate.com/_hcms/perf
Requested by: Host: blog.cymulate.com
URL: https://blog.cymulate.com/abusing-microsoft-office-online-video
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.30 , Canada, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/json

Response headers

cf-ray: 61d5c3b73dd17293-AMS
date: Sat, 06 Feb 2021 15:04:35 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-trace: 2B519F42A7BF455E025BFFE371CB9E6FFE17C96FFF000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-credentials: false
x-robots-tag: none
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2
cf-request-id: 081978a685000072930dad8000000001

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 23 KB
5 KB 202ms
186ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=4347852&referrer=https%3A%2F%2Ft.co%2Fmq0rMBQDJ2%3Famp%3D1&contentId=6389069793&currentUrl=https%3A%2F%2Fblog.cymulate.com%2Fabusing-microsoft-office-online-video

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d185339286b9716e100143f4ac55dbc9c7898ace0cbb6382b96f6a5da4ed1bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:42 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 081978bf3e0000178623171000000001
x-robots-tag: none
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=j%2FoWXQyv0UvpwtxKy0Del46XwlnjrHvTKTxCjybVpYwCQAf0CjQDIlckC2BLoaGRPM84ODLS%2FmEj7K%2BuusfKJW1FdJ2jz%2BVXA%2FUk1lYZQjknoQVJoRC0rPF8VyYP%2FA%3D%3D"}],"max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://blog.cymulate.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 61d5c3decbf11786-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
497 B 24ms
24ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=16&fi=808acbcf-c67c-4c2a-b721-b08514976b58&lfi=1015769&ft=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2978788718&v=1.1&a=4347852&pi=6389069793&ct=blog-post&ccu=https%3A%2F%2Fblog.cymulate.com%2Fabusing-microsoft-office-online-video&cpi=6389069793&cgi=5759690221&lpi=6389069793&lvi=6389069793&lvc=en&r=https%3A%2F%2Ft.co%2Fmq0rMBQDJ2%3Famp%3D1&pu=https%3A%2F%2Fblog.cymulate.com%2Fabusing-microsoft-office-online-video&t=Abusing+Microsoft+Office+Online+Video&cts=1612623882234&vi=e865f67f72c2a58d7a903e7594374def&nc=true&ce=false&pt=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:04:42 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 61d5c3dffe354a8c-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
cf-request-id: 081978bffd00004a8c6eb58000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=itoj8BZdIV%2BhAMjnn6gXx7Sf9O40Tty5rXDMpbKWf96023agXDS2x0SYpPdstbRvnCkyW%2BO%2FngtXXU4w%2FMz7hlqVU7zD7gGlOmGliO8%2FeExVgTWceK7wbnXjmup%2BpA%3D%3D"}],"max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 Tshirt%20Thumbnail-2.png
l.cymulate.com/hubfs/ 271 KB
273 KB 168ms
114ms Image
image/webp 199.60.103.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.cymulate.com/hubfs/Tshirt%20Thumbnail-2.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.30 , Canada, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27f5a9c7906073cad21441fbdc0b65291c35a91a28b9cdd0bc1042abd43e6dfe

Request headers

Referer: https://blog.cymulate.com/abusing-microsoft-office-online-video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-request-id: 081978c41f00001feab8904000000001
x-amz-meta-cache-tag: F-41254565238,P-4347852,FLS-ALL
age: 186036
x-amz-server-side-encryption: AES256
edge-cache-tag: F-41254565238,P-4347852,FLS-ALL
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="Tshirt%20Thumbnail-2.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
x-amz-request-id: DC3302050282DB0D
cf-bgj: imgq:85,h2pri
etag: "689d23777b424a74ac586e72ab4b9962"
vary: Accept, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1612434493437
content-type: image/webp
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: none
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11
date: Sat, 06 Feb 2021 15:04:43 GMT
via: 1.1 4b3bed207ec72204ebc89ae818e573ef.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: AMS54-C1
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=385415
x-cache: RefreshHit from cloudfront
x-amz-meta-index-tag: none
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 277612
x-amz-id-2: OHNwjA+BMpuT/3RnW5HLm7lzQ6bIw4/oyzGzm6YOUghr55Oe9n/lC7JRmOh9u6z/2EMNg4iJdFU=
last-modified: Thu, 04 Feb 2021 10:28:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-version-id: bKtqMZY2VwDQUsx6JSyepqqKLZ5Cep8W
accept-ranges: bytes
cf-ray: 61d5c3e69de11fea-AMS
x-amz-cf-id: uAtkk9QULcHosVEt8dFUxCdbGdJVmNe_pAbnyj_oq_Sabdt0033C0g==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.linkedin.com
URL: https://www.linkedin.com/pages-extensions/FollowCompany?id=10868396&counter=bottom&xdOrigin=https%3A%2F%2Fblog.cymulate.com&xdChannel=2019a45a-5709-4964-b04a-552c26ceba78&xd_origin_host=https%3A%2F%2Fblog.cymulate.com

Verdicts & Comments Add Verdict or Comment

165 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.linkedin.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: ajax:3450894883296864129
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-19 15:58:30	Name: lidc Value: "b=OGST07:s=O:r=O:g=1925:u=1:i=1612623871:t=1612710271:v=1:sig=AQGXjj8cSryaJrZH4DUkYK3k_7kGMNJX"
blog.cymulate.com/	1970-01-19 15:57:03	Name: _hjIncludedInPageviewSample Value: 1
.cymulate.com/	1970-01-20 00:42:39	Name: _hjid Value: dd91e020-1ce9-4ef1-8450-d22039132d3b
.linkedin.com/	1970-01-20 09:28:57	Name: bcookie Value: "v=2&60f627b0-6ff9-45a4-867b-f854f54b2caa"
.cymulate.com/	1970-01-19 15:57:05	Name: _hjAbsoluteSessionInProgress Value: 0
.cymulate.com/	1970-01-19 18:06:39	Name: _fbp Value: fb.1.1612623871819.627312101
.linkedin.com/	1970-01-19 16:40:15	Name: UserMatchHistory Value: AQIDDM1b2YqJ3QAAAXd3338kZfhQFyZ3eBjanSsKLfr0oNrgrBONeElzbvvhkn2URXHikvz1cD4
.cymulate.com/	1970-01-19 15:57:05	Name: _hjFirstSeen Value: 1
.cymulate.com/	1969-12-31 23:59:59	Name: _hjTLDTest Value: 1
.cymulate.com/	1970-01-19 18:06:39	Name: _gcl_au Value: 1.1.1655269711.1612623872
.www.linkedin.com/	1970-01-20 09:28:57	Name: bscookie Value: "v=1&20210206150432b0a93e10-205e-49cb-8573-d6b56f385774AQF6ZKPFEAErBVyRqmQwqaHIPg-2SCqb"
.blog.cymulate.com/	1969-12-31 23:59:59	Name: __cfruid Value: 392c54a92d064b3c07c67c061c3c2c33db9321bf-1612623871
.blog.cymulate.com/	1970-01-19 16:40:15	Name: __cfduid Value: d441c626e927f8a33702139c3024e72691612623870

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.hubspot.com
assets.trendemon.com
blog.cymulate.com
cdn.livechatinc.com
cdn.vidyard.com
cdn2.hubspot.net
cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
forms.hubspot.com
googleads.g.doubleclick.net
in.hotjar.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hsleadflows.net
l.cymulate.com
no-cache.hubspot.com
platform.linkedin.com
platform.twitter.com
play.vidyard.com
px.ads.linkedin.com
script.hotjar.com
secure.livechatinc.com
snap.licdn.com
static.hotjar.com
static.hsappstatic.net
t.co
t.influ2.com
track.hubspot.com
trackingapi.trendemon.com
vars.hotjar.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.influ2.com
www.linkedin.com
www.linkedin.com
104.126.37.25
104.244.42.5
13.224.194.11
13.224.194.79
13.225.78.69
142.250.186.66
143.204.215.125
151.101.113.181
18.203.1.140
199.60.103.30
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700::6810:135e
2606:4700::6811:47b0
2606:4700::6811:71b0
2606:4700::6811:7d2
2606:4700::6811:d2cc
2606:4700::6811:e9cc
2606:4700::6811:f2cc
2606:4700::6812:14bf
2606:4700::6813:9a53
2606:4700::6813:9b53
2620:1ec:21::14
2a00:1450:4001:801::2008
2a00:1450:4001:810::2004
2a00:1450:4001:811::2003
2a00:1450:4001:812::2013
2a00:1450:4001:827::2003
2a00:1450:4001:828::2008
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::200a
2a02:26f0:6c00:28c::25ea
2a02:26f0:6c00::210:ba20
2a03:2880:f045:10:face:b00c:0:3
2a03:2880:f145:82:face:b00c:0:25de
2a05:f500:11:101::b93f:9005
54.158.202.0
72.247.179.145
93.184.221.26
0c255ee55786844ef620977da89a0824f32e4f28e606a7a4a6cd2b8f0d44e33f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13a769505250cb46fb801186d9d03466cdf9ec04bb7ef815fb1f47db6daa09bd
15e1bbb8bbc9cbe4c847b189ad6785528821069d1e060a5eb2ee45310f04d83b
1734d4621abc92f690f833950140db49c8e4af7fc8b3b849a4677ca0b36ce8ab
1abacd83c2489f4007138d51612677a9ed38b2f7b08f626f2c9acf0566e6a184
1db14aeaa014c82f321c124ea0c9c6076d57fa5e280cd778dfa0bb83c2a7c2ea
1e6d7f9acccf48d98a70464c7e0053d7fe2a5ddfd9c29efe88d878b6dd7c6893
24b11144e4fa24a678ff1086916331aa413d191afe03c50ae63ebe08253f453b
25f139fd9041c3ed29c67df657f5820090a39290be6140fb292863789f08f92b
275fb4a7bdeab3c59caff1c0ea88bf1adc9f4cfc377a9bec7b28517d13e2fd37
27f5a9c7906073cad21441fbdc0b65291c35a91a28b9cdd0bc1042abd43e6dfe
294ba1871aa2e4af1af8365cb7b0d8fa583ad958d7b4b5e7e324a949fc8b4749
2b418a10ba4680c77fa07fb0e736eec6306cba0dbbbc8deac94a25e679178e15
2c8f72f231f90815a3ac8bb2f2df915df57f7ddaca44ca5cc4d0dd361e50add0
2dc1c85eb3766b923eb1898f16d2f09541f2f94523929e58154ce17b0d71bded
3399b34b280df0bae72875db0c8920320cc6b8ce3e64413541fdcb7fd53a2a8f
341a4d40ad1b2560db940f906716d0e9539d4c0785399d7e0348fd0d3af00170
3c99964f42621481efa8df4184670d19aebb72e96b8cffcff99f77c05d353491
41c798eb56a2baf583af9769ed9c8f5abb09f01f049d636e0d96b0cd221dfb3a
42ae69e4b46e4d54d697eb5bd33277fcdb888537d05d8f29bf5b654d32f87c24
472e8c0c00549be6e21cdd1aada60f6d623b5fe0711bcfe31382c41f1aa81e32
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
55c933ffc7905ff89121dbc195178e54e99cd3b19a4c5b87895b91e6d5473651
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
586448340ecc1127dcd487d166b8db746ffb3d085d39b1134824cf3b72e7d71b
5ba89dba8839ab2bbaee4cf70a05c5b2fa173d20840e314df5a88b3161123c77
5db37681bdb6303a1aef0b7cdfc12539e4cd2148886a959205aaa03bc9332d79
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
616e352c6521d217a4a55a8121a61a3c4de45f54a395bf805c26700d7b981b15
658450265dca307ea621905710fd2d9cca1ba06c3abe16d46e4a882b24b9548d
69e8c8ba12080155fcbc4363da974556439841f23600b4d92aab07262a06cd65
6cd7852f01450b7b252b0cb6c20d46cc5c66fd38e389f9d5a6acfd56450a05a9
6d8a4cd6eedafa1528d568ad052d53cdc611f7fd8bd3a57662994b0fee6acabf
6facbd4f4309baacf2be6355eccebf06db24b7c83b3b2fe8ecdb54d84bd3ab3e
723fbf8d73cd4e75f64f7d21558585aa1658b11332e87bd288f6987e398ecfb4
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a7d6a52225baae5c38ae3c75b025f025798ab05aed480fa2d4650fb94efc90e
8171e927158615ce07dfa965f8c89066755b1d1eaa06486bd7cae9a14608586e
83edf3ef706d5b6e0356cf4eb9cb2eb549b75629544b5c9a5839574e06f2dda1
864b8707cd72323dd2d64b94718d2f24344905c72bdd40d4464d215d21794187
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
8f89d212a3195ce5ad940348fd58d62c5bed91bfc3846b498b04b0f849514efe
903b13132264cac0b9bd9550b7d3cda93a619f8f3a1f41a83a5743d31dde1f91
91ed6ce02b6c75337190849469779a4bd41848b76017521bf4544f268c011ad4
92deebbe766a1c87d652dbffd62afba6e1ad7e8feae7536bfd6d838ed5631f96
9d185339286b9716e100143f4ac55dbc9c7898ace0cbb6382b96f6a5da4ed1bc
9dc2bef932f50381f871a9a9a2c71cab2e652ec8e751c4fdaa63ee4599f17634
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
a396b1b16cea7f65e7756049c43a4a0dfeed78710acf556059836665597410bb
a594ed19e2a1c508889da563841d1479c5bd43666f6336e26f06cb34f1601842
a6f31a335ef4afee665755556d8d50cfb3239d80601283c56af47c339f887a7d
a7c5f7ef6f56673187bea1ebd252b17428ff70e1344954bd577e44e38841b81d
a8c880dd0790e800303e6dc5f7b36bb80c43f77a48162ffb1e5c8f5b0c2af938
ab26e769f61c1d6a31159ae4afe8955dd7cfb0495488ff1cd4e2f03b7869f396
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2db3b4baa9412ef8a513e8a82a1a5997c90d30022ed883003fe7d446dd7b2be
b4957959e393bc48b462139b6821d1939e6306026a202aac73ef8d4725663925
b54f7147a709caad6b5fc1189f210290ddcc3d10e5702953b57cc6e36bcea99b
b977f453450222a069d89dd2e776f6f21f9fa42f6e15c03c7fe6ff34d9a2c159
bbe23ba186c08e6fe4e8a81ef68d43634849a889d592e8803b81ec6280fb7430
bc073752999c743f38e35d6fab2dd224379199e35d3db16479c0c6a18bedf27c
bc488dfd42f9683e353e3afb4bf03ea9b135f42f55c69941cff0d6833a363afc
bdc3cbe04a215d7fc5e1d7bd79c9b1c7b343e7a95eacfdf47a53794ed0964878
c3f99c65ea3d6186991a21add80eeea6d79500fcb3c9d8263680e0de270e0753
c4dc799d09b15e57ee98e3c3866ca16f53354cb79838d3aa6c9c961292151858
c4eb51f22f568120cf9ab08fbeae1a5369ec10fd7dba0ceba07038b07a9a9975
c4f2cf347897564c6ff41e3fc763a35be2640c03958b9b13f00acb6e6502e78d
cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf
cb316b60acf0f7229ec352f4f9d4e7a74583218f10addea76a1f689003e41ebd
d105d6ec90c9471c9df8b097df27225098d028461b4c062f29e9c12cb6dd1b75
d267998c3594ce7f02341a5a8ef2b2705627f2552960e332d73747022406a30b
d537c73a183af229ef7622aff821e6989b2af4aec2ec5c94b0feb880ccf9ff43
d5a66cb6d986d38c53cea5680e12f847dfc6c13e5c6c912cbd648528c9fa8f03
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
d97e06fde636b7a37c49f4147f922c39aae4b3585e12dce9254a5010cf77c71f
da7d289d6002dc002eab964666c029798c4fe054f3bb7bda6b0438b90961cf45
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dd09ac569606839a91da1ec3b96ffa4e75cf303ffd0ea8a733c4e1befb8c8e12
dd3eb59038a5df086653388d9394fed2f2f1d72d9c01cfdc4920247a9d371e83
debf9be5fa27a943e18e84b697f530c0e0f98be467093e4d2b95fe4184394fe8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7fba3c84cf907b348f7a052e5e6a3d42d75c9105a9e96bde91a64f52f7402b2
eb172aa971d8ce31afac5516fda40d5a4a5caa04d857beac7e2fe312a9ec8a33
edd15540e9703d4d9f9d76ebf010ca7ecea9c82f7fdcd7e3a7002f3c55d26c81
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2a26767a06d5bff8d6e44bb43f9de930fa73eadb3a48bcd538c49ce2a03f814
f3aefaf498ef108cbfc38fced194ba7aeed01cdb8e9f8e108f4560f43e328371
f7d32c6bbb85a00b4b318379c9ae55e15525c1440e9d0df9e37d56c07a9d60db
f9a378521c3ae908ddec654b184e54d219162aed71e92dcbe802b46e082ed7cf
fb1701fe8f79a13f4285dfc5604333aa7a505ca42a16d846d6ba6ba2f474eaaf
fb56af9f7623a55839dfb9cf019b05664a62e1b41671d925f3ed587c506443b5

blog.cymulate.com Open in urlscan Pro 199.60.103.30 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

118 Requests

99 %HTTPS

68 %IPv6

28 Domains

41 Subdomains

42 IPs

7 Countries

2824 kBTransfer

5236 kBSize

15 Cookies

65 Outgoing links

Page URL History

Redirected requests

118 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

blog.cymulate.com Open in urlscan Pro
199.60.103.30 Public Scan

Screenshot
Live screenshot

Full Image

118
Requests

99 %
HTTPS

68 %
IPv6

28
Domains

41
Subdomains

42
IPs

7
Countries

2824 kB
Transfer

5236 kB
Size

15
Cookies

118 HTTP transactions
0 data transactions