urlscan.io logo urlscan.io
SecurityTrails logo

www.threatfabric.com Open in urlscan Pro
199.60.103.2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc.html
Effective URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Submission: On April 13 via api from LU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 3 countries across 20 domains to perform 64 HTTP transactions. The main IP is 199.60.103.2, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is www.threatfabric.com.
TLS certificate: Issued by GTS CA 1P5 on March 12th 2024. Valid for: 3 months.
This is the only time www.threatfabric.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 28 199.60.103.2 209242 (CLOUDFLAR...)
6 104.17.25.14 13335 (CLOUDFLAR...)
2 104.18.88.62 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 6 2606:4700::68... 13335 (CLOUDFLAR...)
1 2001:4860:480... 15169 (GOOGLE)
4 4 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2606:4700:440... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 104.18.160.125 13335 (CLOUDFLAR...)
1 104.16.192.117 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
64 19
28    199.60.103.2 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
www.threatfabric.com
6    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    104.18.88.62 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn2.hubspot.net
1    2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2606:4700::6811:ae5b (United States)

ASN13335 (CLOUDFLARENET, US)
static.hsappstatic.net
1    2606:4700::6810:8dd1 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-scripts.com
1    2a02:26f0:3500:16::215:1490 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
6    2606:4700::6810:7574 (United States)

ASN13335 (CLOUDFLARENET, US)
app.hubspot.com
js.hubspot.com
cta-service-cms2.hubspot.com
track.hubspot.com
static.hubspot.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
4    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
1    2606:4700::6810:a0a8 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
2    2606:4700::6810:6efe (United States)

ASN13335 (CLOUDFLARENET, US)
js.hscollectedforms.net
forms.hscollectedforms.net
1    2606:4700::6811:e4a3 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsadspixel.net
4    2606:4700:4400::6812:22e5 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
1    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    104.18.160.125 (None, )

ASN13335 (CLOUDFLARENET, US)
perf-na1.hsforms.com
1    104.16.192.117 (None, )

ASN13335 (CLOUDFLARENET, US)
threatfabric-6701575.hs-sites.com
2    2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
28 threatfabric.com
www.threatfabric.com
430 KB
6 hubspot.com
app.hubspot.com — Cisco Umbrella Rank: 5604
js.hubspot.com — Cisco Umbrella Rank: 4232
cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 4182
track.hubspot.com — Cisco Umbrella Rank: 2418
static.hubspot.com — Cisco Umbrella Rank: 21036
29 KB
6 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 239
65 KB
5 linkedin.com
platform.linkedin.com Failed
px.ads.linkedin.com — Cisco Umbrella Rank: 340
www.linkedin.com — Cisco Umbrella Rank: 609
px4.ads.linkedin.com — Cisco Umbrella Rank: 6380
3 KB
4 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 2232
25 KB
2 gstatic.com
fonts.gstatic.com
46 KB
2 hsforms.com
perf-na1.hsforms.com — Cisco Umbrella Rank: 4554
1 KB
2 hscollectedforms.net
js.hscollectedforms.net — Cisco Umbrella Rank: 4586
forms.hscollectedforms.net — Cisco Umbrella Rank: 4713
26 KB
2 hsappstatic.net
static.hsappstatic.net — Cisco Umbrella Rank: 5635
6 KB
2 hubspot.net
cdn2.hubspot.net — Cisco Umbrella Rank: 8599
4 KB
1 hs-sites.com
threatfabric-6701575.hs-sites.com
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
865 B
1 hsadspixel.net
js.hsadspixel.net — Cisco Umbrella Rank: 3170
4 KB
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 2238
22 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2548
257 B
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 822
17 KB
1 hs-scripts.com
js.hs-scripts.com — Cisco Umbrella Rank: 2510
1 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 42
88 KB
0 twitter.com Failed
platform.twitter.com Failed
0 facebook.net Failed
connect.facebook.net Failed
64 20
Domain Requested by
28 www.threatfabric.com 1 redirects www.threatfabric.com
6 cdnjs.cloudflare.com www.threatfabric.com
4 js.hs-banner.com js.hs-scripts.com
js.hs-banner.com
3 px.ads.linkedin.com 3 redirects snap.licdn.com
2 fonts.gstatic.com fonts.googleapis.com
2 perf-na1.hsforms.com www.threatfabric.com
2 cta-service-cms2.hubspot.com 1 redirects js.hubspot.com
2 static.hsappstatic.net www.threatfabric.com
2 cdn2.hubspot.net www.threatfabric.com
1 static.hubspot.com 1 redirects
1 track.hubspot.com
1 threatfabric-6701575.hs-sites.com js.hubspot.com
1 fonts.googleapis.com js.hs-banner.com
1 forms.hscollectedforms.net js.hscollectedforms.net
1 js.hsadspixel.net js.hs-scripts.com
1 js.hubspot.com js.hs-scripts.com
1 js.hscollectedforms.net js.hs-scripts.com
1 js.hs-analytics.net js.hs-scripts.com
1 px4.ads.linkedin.com www.threatfabric.com
1 www.linkedin.com 1 redirects
1 region1.google-analytics.com www.googletagmanager.com
1 app.hubspot.com www.threatfabric.com
1 snap.licdn.com www.threatfabric.com
1 js.hs-scripts.com www.threatfabric.com
1 www.googletagmanager.com www.threatfabric.com
0 platform.twitter.com Failed www.threatfabric.com
0 connect.facebook.net Failed www.threatfabric.com
0 platform.linkedin.com Failed www.threatfabric.com
64 28
Subject Issuer Validity Valid
www.threatfabric.com
GTS CA 1P5		 2024-03-12 -
2024-06-10		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
hubspot.net
Cloudflare Inc ECC CA-3		 2024-03-06 -
2024-12-31		 10 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
hsappstatic.net
E1		 2024-03-10 -
2024-06-08		 3 months crt.sh
hs-scripts.com
E1		 2024-04-01 -
2024-06-30		 3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-12-13 -
2024-12-12		 a year crt.sh
hubspot.com
Cloudflare Inc ECC CA-3		 2024-01-06 -
2024-12-31		 a year crt.sh
hs-analytics.net
GTS CA 1P5		 2024-04-13 -
2024-07-12		 3 months crt.sh
hscollectedforms.net
E1		 2024-03-29 -
2024-06-27		 3 months crt.sh
hs-banner.com
E1		 2024-04-01 -
2024-06-30		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
hs-sites.com
Cloudflare Inc ECC CA-3		 2024-03-10 -
2024-12-31		 10 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Frame ID: 0B5412938E8C389F04AC5AF8BB13BB04
Requests: 62 HTTP requests in this frame

Frame: https://threatfabric-6701575.hs-sites.com/hs-web-interactive-6701575-139494617102
Frame ID: 9C40A2577F867C3D8CD06929862AF8C8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Vultur, with a V for VNC

Page URL History Show full URLs

  1. https://www.threatfabric.com/blogs/vultur-v-for-vnc.html HTTP 301
    https://www.threatfabric.com/blogs/vultur-v-for-vnc Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

64
Requests

91 %
HTTPS

68 %
IPv6

20
Domains

28
Subdomains

19
IPs

3
Countries

763 kB
Transfer

2082 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.threatfabric.com/blogs/vultur-v-for-vnc.html HTTP 301
    https://www.threatfabric.com/blogs/vultur-v-for-vnc Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3969834&time=1712984118653&li_adsId=51548eae-57ac-4a9e-83de-287cf2d43187&url=https%3A%2F%2Fwww.threatfabric.com%2Fblogs%2Fvultur-v-for-vnc HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3969834&time=1712984118653&li_adsId=51548eae-57ac-4a9e-83de-287cf2d43187&url=https%3A%2F%2Fwww.threatfabric.com%2Fblogs%2Fvultur-v-for-vnc&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3969834%26time%3D1712984118653%26li_adsId%3D51548eae-57ac-4a9e-83de-287cf2d43187%26url%3Dhttps%253A%252F%252Fwww.threatfabric.com%252Fblogs%252Fvultur-v-for-vnc%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3969834&time=1712984118653&li_adsId=51548eae-57ac-4a9e-83de-287cf2d43187&url=https%3A%2F%2Fwww.threatfabric.com%2Fblogs%2Fvultur-v-for-vnc&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3969834&time=1712984118653&li_adsId=51548eae-57ac-4a9e-83de-287cf2d43187&url=https%3A%2F%2Fwww.threatfabric.com%2Fblogs%2Fvultur-v-for-vnc&cookiesTest=true&liSync=true&e_ipv6=AQIk9ttLHV8CLQAAAY7Vz1iK-5DH7DcsjtyS0tJTZqaWXLt72FsdzHG0PLUNGDhiE8GKMHo
Request Chain 61
  • https://cta-service-cms2.hubspot.com/web-interactives/public/v1/track/view?webInteractiveId=266333855879&containerType=SLIDE_IN&portalId=6701575&audienceId=null&campaignId=7436f6e2-b46a-4ea1-9c6e-4aa7d59b7348&isLoaded=true&pageUrl=https%3A%2F%2Fwww.threatfabric.com%2Fblogs%2Fvultur-v-for-vnc&pageTitle=Vultur%2C+with+a+V+for+VNC&userAgent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F92.0.4515.107+Safari%2F537.36&hutk=413b0906b53d6e70acbf753afd155459&hssc=167810878.1.1712984122769&hstc=167810878.413b0906b53d6e70acbf753afd155459.1712984122769.1712984122769.1712984122769.1&pageId=104202776721&analyticsPageId=104202776721&hsfp=2478958663&canonicalUrl=https%3A%2F%2Fwww.threatfabric.com%2Fblogs%2Fvultur-v-for-vnc&contentType=blog-post HTTP 307
  • https://static.hubspot.com/img/trackers/blank001.gif HTTP 301
  • https://static.hsappstatic.net/static-hubspot-com/static-1.270519761/img/trackers/blank001.gif

64 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request vultur-v-for-vnc
www.threatfabric.com/blogs/
Redirect Chain
  • https://www.threatfabric.com/blogs/vultur-v-for-vnc.html
  • https://www.threatfabric.com/blogs/vultur-v-for-vnc
73 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.threatfabric.com/blogs/vultur-v-for-vnc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
199.60.103.2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
62837a59bd4f970b87ab8e17e13820d4a84f031e02fe441e158435536d272c2a
Security Headers
Name Value
Content-Security-Policy default-src 'self' static.hsappstatic.net; script-src 'self' 'unsafe-inline' *.hubspot.com cdnjs.cloudflare.com *.hubspot.net *.hs-scripts.com *.hubspotfeedback.com www.googletagmanager.com www.google.com/recaptcha/ www.gstatic.com/recaptcha/ maps.googleapis.com static.hsappstatic.net *.hs-banner.com *.hs-analytics.net *.hsadspixel.net js.hscta.net *.hscollectedforms.net *.hsleadflows.net *.hsforms.com *.hsforms.net feedback.hubapi.com *.usemessages.com snap.licdn.com *.doubleclick.net; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.hubspot.net static.hsappstatic.net fonts.googleapis.com; img-src 'self' data: *.hubspot.com *.hubspot.net static.hsappstatic.net *.hsforms.com *.hsforms.net js.hscta.net *.linkedin.com www.google.com maps.gstatic.com maps.googleapis.com; font-src 'self' cdnjs.cloudflare.com *.hs-banner.com fonts.gstatic.com; connect-src 'self' *.hubspot.com *.hubapi.com *.hs-banner.com *.hscollectedforms.net *.hsforms.com js.hscta.net *.google-analytics.com www.google.com maps.googleapis.com *.doubleclick.net; child-src 'self' *.hsforms.com; frame-src 'self' *.hubspot.com *.hubspot.net *.hs-sites.com *.hsforms.com *.hsforms.net play.hubspotvideo.com www.google.com; frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.107 Safari/537.36

Response headers

access-control-allow-credentials
false
alt-svc
h3=":443"; ma=86400
cache-control
s-maxage=7200,max-age=5
cache-tag
CT-103188325253,CT-103904753074,CT-104202776721,CT-104928448929,CG-101307487134,CG-6701575,P-6701575,CW-100565704804,CW-100566503743,CW-101038360946,CW-101039839309,CW-102233451816,CW-102407694414,E-100565705870,E-100565738928,E-100565880677,E-100565906251,E-100565938482,E-100565944445,E-100566507657,E-101038360928,E-101040014386,E-101040140217,E-101294760764,E-101294760784,E-101312928029,MENU-101041626940,MENU-110583778143,PGS-ALL,SW-2,B-101307487134,GC-101041468817,GC-101042470934,GC-101758895261,GC-101962663308,TS-101040118157
cf-cache-status
HIT
cf-ray
8738dcec1b3f451c-TXL
content-encoding
br
content-security-policy
default-src 'self' static.hsappstatic.net; script-src 'self' 'unsafe-inline' *.hubspot.com cdnjs.cloudflare.com *.hubspot.net *.hs-scripts.com *.hubspotfeedback.com www.googletagmanager.com www.google.com/recaptcha/ www.gstatic.com/recaptcha/ maps.googleapis.com static.hsappstatic.net *.hs-banner.com *.hs-analytics.net *.hsadspixel.net js.hscta.net *.hscollectedforms.net *.hsleadflows.net *.hsforms.com *.hsforms.net feedback.hubapi.com *.usemessages.com snap.licdn.com *.doubleclick.net; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.hubspot.net static.hsappstatic.net fonts.googleapis.com; img-src 'self' data: *.hubspot.com *.hubspot.net static.hsappstatic.net *.hsforms.com *.hsforms.net js.hscta.net *.linkedin.com www.google.com maps.gstatic.com maps.googleapis.com; font-src 'self' cdnjs.cloudflare.com *.hs-banner.com fonts.gstatic.com; connect-src 'self' *.hubspot.com *.hubapi.com *.hs-banner.com *.hscollectedforms.net *.hsforms.com js.hscta.net *.google-analytics.com www.google.com maps.googleapis.com *.doubleclick.net; child-src 'self' *.hsforms.com; frame-src 'self' *.hubspot.com *.hubspot.net *.hs-sites.com *.hsforms.com *.hsforms.net play.hubspotvideo.com www.google.com; frame-ancestors 'self'; upgrade-insecure-requests
content-type
text/html;charset=utf-8
date
Sat, 13 Apr 2024 04:55:18 GMT
edge-cache-tag
CT-103188325253,CT-103904753074,CT-104202776721,CT-104928448929,CG-101307487134,CG-6701575,P-6701575,CW-100565704804,CW-100566503743,CW-101038360946,CW-101039839309,CW-102233451816,CW-102407694414,E-100565705870,E-100565738928,E-100565880677,E-100565906251,E-100565938482,E-100565944445,E-100566507657,E-101038360928,E-101040014386,E-101040140217,E-101294760764,E-101294760784,E-101312928029,MENU-101041626940,MENU-110583778143,PGS-ALL,SW-2,B-101307487134,GC-101041468817,GC-101042470934,GC-101758895261,GC-101962663308,TS-101040118157
last-modified
Sat, 13 Apr 2024 03:38:42 GMT
link
</hs/hsstatic/cos-i18n/static-1.53/bundles/project.js>; rel=preload; as=script
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer-when-downgrade
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nFGNqAnnqXnkRDc1zFmF3G9wq%2F3o2oSdLoKhyE3Myb%2Bl%2FItJxBEwG2RL%2Fic5YLhqJ41A9JYa0pqCTHp2UiusHDF5qt9H1056Ub1fRn49CopS86HKus9lKCA%2Bfwyq9rk9D%2BPMky1U"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
origin, Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
475
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
iad02/cms-20-29-td/envoy-proxy-66947f8f6c-l4n74
x-evy-trace-virtual-host
all
x-hs-cache-config
BrowserCache-5s-EdgeCache-7200s
x-hs-content-id
104202776721
x-hs-hub-id
6701575
x-hubspot-correlation-id
f999865d-7c04-4940-8c7e-5c8b214f0264
x-request-id
f999865d-7c04-4940-8c7e-5c8b214f0264

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=120
cf-ray
8738dce2eb3e451c-TXL
content-length
0
content-security-policy
upgrade-insecure-requests
date
Sat, 13 Apr 2024 04:55:17 GMT
location
https://www.threatfabric.com/blogs/vultur-v-for-vnc
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VS%2FDGFyaOK1TDYHbje1ExOG3YRHeTJD6cmFdmqEPoRxsM8UzKwD0RPllXQeLdhOM85OKFVDcgFjD4q8fYutipeoMrZuQPqIvXAjkFkxgIAyrMNsoRHVAuZR4pSAI85eSLYPEVuST"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-hs-mapping-id
119345756784
x-hs-mapping-only-after-not-found
no
x-hs-prerendered
Tue, 09 Apr 2024 22:19:02 GMT
x-hs-route-prefix
http://www.threatfabric.com/blogs/vultur-v-for-vnc.html
project.js
www.threatfabric.com/hs/hsstatic/cos-i18n/static-1.53/bundles/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.threatfabric.com/hs/hsstatic/cos-i18n/static-1.53/bundles/project.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
199.60.103.2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.threatfabric.com/blogs/vultur-v-for-vnc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.107 Safari/537.36

Response headers

date
Sat, 13 Apr 2024 04:55:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy
upgrade-insecure-requests
age
12112008
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-amz-version-id
P9ES7sOpFzrLl1QoRwjEAy5outPo5_GO
content-encoding
br
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 09 Nov 2021 16:12:42 GMT
server
cloudflare
etag
W/"61ca66de658cab9587e4636894680d5d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vi3xlHgAm3VkYQAcNJevB8G6DpluEbs8%2F3eAS9wBK3bL8IR7FKbjzwQqUGVNz7aQI4QeelVs6tToNhykZ83k%2BrGH9LyPCvvTR1StPPTlt8Uvm1LeznH%2FJKraYnX7H%2F91%2BRSemojq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8738dcf2cf25451c-TXL
x-amz-cf-id
vMxH2clCDRRjd7emHmifSLXhLc2TFOGFc0VsUqlcTSiVQmWY_1aUGQ==
expires
Sun, 13 Apr 2025 04:55:18 GMT
100.woff2
www.threatfabric.com/_hcms/googlefonts/Kanit/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.threatfabric.com/_hcms/googlefonts/Kanit/100.woff2
Requested by
Host: www.threatfabric.com
URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
199.60.103.2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa7fe4fd0aef1b94a3910f43b99060d1fcf2b12302726c4f52146ca1f613e516
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.threatfabric.com/blogs/vultur-v-for-vnc
Origin
https://www.threatfabric.com
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.107 Safari/537.36

Response headers

expires
Sat, 27 Apr 2024 04:55:18 GMT
date
Sat, 13 Apr 2024 04:55:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 1c3fd360f9180df951de65a1652b5b5a.cloudfront.net (CloudFront)
cf-cache-status
REVALIDATED
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
CDG53-C1
x-amz-request-id
QCJQ7H46J9GN80RQ
x-amz-server-side-encryption
AES256
x-amz-version-id
Ex_PSmZfVx9KiCmfDr58lb1Qor1iW7rw
x-cache
Miss from cloudfront
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
alt-svc
h3=":443"; ma=86400
content-length
25596
x-amz-id-2
EiiBt/OXu5Kmxjzlx4llz1806IwEagpQ3gkFDMOSPA4mztnMHa/SBxlmXTq0Rgu33YslA/B/HgE=
last-modified
Tue, 12 Sep 2023 20:06:52 GMT
server
cloudflare
etag
"bd6ef5dfe3fb409deb99fd2dfa07649a"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QAkNXYkHZug9ttP%2BnfdiHeK%2FnjH2ex4G1MmNHSX6F2kS7bxXnZfN2zPXX3g3wFxC5ORF%2FMPI%2Feswdsjvt4CFlaNaQzqhFlrvw2QeZaQ02UMJPlRh9QQ13yY7vUQMyE%2B9fKioZamx"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=1209600
accept-ranges
bytes
cf-ray
8738dcf2cf2a451c-TXL
x-amz-cf-id
rWML3RFsuG5TRnNFO4ULXrgHWLm4S00QOlZ2TGqQeTU3Bo3g9Q_TyQ==
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
regular.woff2
www.threatfabric.com/_hcms/googlefonts/Kanit/ 		26 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.threatfabric.com/_hcms/googlefonts/Kanit/regular.woff2
Requested by
Host: www.threatfabric.com
URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
199.60.103.2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b023c3b26ca69356ad0aa6b6296d5e6a337ec10ca1f8275483437202a03c381c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.threatfabric.com/blogs/vultur-v-for-vnc
Origin
https://www.threatfabric.com
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.107 Safari/537.36

Response headers

expires
Sat, 27 Apr 2024 04:55:19 GMT
date
Sat, 13 Apr 2024 04:55:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 7d775f7e444ed74169f0db8decde7d20.cloudfront.net (CloudFront)
cf-cache-status
REVALIDATED
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
MUC50-P5
x-amz-request-id
Z8RKKD4K0JZ2YB05
x-amz-server-side-encryption
AES256
x-amz-version-id
R8IBymNhr0oWzfN7i1miwZxu391_6F8B
x-cache
RefreshHit from cloudfront
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
alt-svc
h3=":443"; ma=86400
content-length
26352
x-amz-id-2
wCvUy/dk/A50l3UuIzTKAop2zJmc5MeUDT9ztehSvN8sWhRtomEj84Jvmjk3tyN8OFkg1hmI+lY=
last-modified
Tue, 12 Sep 2023 20:06:55 GMT
server
cloudflare
etag
"d4d741d6401097b23f04835fd935ddb4"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NxfvmgerLxVmtEZlejMfBQHb2HM3TmCjV9Pk3Meg4Bq4ZzHEQzp%2F94aAKbzEx4Np0%2BqUXti%2BzF8zJX7UW5Kpt863SAUxv62sW1uPH8evamjqsRxsZmQfk%2FEPC6fuebZ9xjewAymy"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=1209600
accept-ranges
bytes
cf-ray
8738dcf2df2e451c-TXL
x-amz-cf-id
2hHVHCDVl5CfPJx_w3r_XaodLRfL08whubho1Iu5YBhTGoBECd0mUQ==
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
200.woff2
www.threatfabric.com/_hcms/googlefonts/Kanit/ 		26 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.threatfabric.com/_hcms/googlefonts/Kanit/200.woff2
Requested by
Host: www.threatfabric.com
URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
199.60.103.2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0adb227efa2074c6ae2b5e686cf4d1949a6edfc05bd56fa81e34c9a2c69fb50a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.threatfabric.com/blogs/vultur-v-for-vnc
Origin
https://www.threatfabric.com
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.107 Safari/537.36

Response headers

expires
Sat, 27 Apr 2024 04:55:19 GMT
date
Sat, 13 Apr 2024 04:55:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 f1e707a645d1b585e3b6fc5ef39d2e56.cloudfront.net (CloudFront)
cf-cache-status
REVALIDATED
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
WAW51-P1
x-amz-request-id
W04H2EDHNM9SK46X
x-amz-server-side-encryption
AES256
x-amz-version-id
.Y4_sica4_7w7dZrWB8zUo33LkbHGzIv
x-cache
RefreshHit from cloudfront
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
alt-svc
h3=":443"; ma=86400
content-length
26228
x-amz-id-2
VIiAsxT9Ti2OUn/FWeCTGiTBQ3WR6rwyzNam/2VXjMwdMlB/8F58DjLHq4TsVskN2SOm08XQBjw=
last-modified
Tue, 12 Sep 2023 20:07:00 GMT
server
cloudflare
etag
"a3acdea9b09d1ffdf16868a322d89c6c"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O6U62%2FCA9bMpUBJ%2BToqgFKhmTEtB8n%2BUhBXWdmdnSsi%2BDqBnpPIMpq450hx9%2BddgMoJ5%2FCLAo92CBh%2FFaEcAmgHdbRTQUH5ctpHZkqnvmOg%2BT8H9HO%2FNfNCHStGK1PTK0X8Wn8XV"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=1209600
accept-ranges
bytes
cf-ray
8738dcf2df32451c-TXL
x-amz-cf-id
jxuNSu-BPdTfU3jbiTLnk24RmbooqRDUAuWmyLmet_Ak4yhl7iVg8Q==
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
main.min.css
www.threatfabric.com/hs-fs/hub/6701575/hub_generated/template_assets/100565938482/1712566991562/Threatfabric_Hatch/css/ 		474 KB
65 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.threatfabric.com/hs-fs/hub/6701575/hub_generated/template_assets/100565938482/1712566991562/Threatfabric_Hatch/css/main.min.css
Requested by
Host: www.threatfabric.com
URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
199.60.103.2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c564955dad803a6139bc52a7d05b9fcceeec494e5aced6e9db08d20d8ff076ee
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.threatfabric.com/blogs/vultur-v-for-vnc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.107 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
x-amz-request-id
F8GFMR082JRH9WRE
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
x-evy-trace-listener
listener_https
etag
W/"859ddc6bb854f252af8367f7f2788fef"
vary
origin, Accept-Encoding
x-amz-meta-created-unix-time-millis
1712566993905
content-type
text/css
x-evy-trace-virtual-host
all
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
date
Sat, 13 Apr 2024 04:55:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 281687fdef6568ba75a1a090e3b48e2a.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
uV201nZDhB1C0jUSHWbSv3F_kObyKinu
x-amz-cf-pop
IAD61-P1
x-hs-alternate-content-type
text/plain
x-hubspot-correlation-id
d8e357cc-a44a-4359-8219-2bf54cb2957c
x-cache
Miss from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
x-envoy-upstream-service-time
198
alt-svc
h3=":443"; ma=86400
x-amz-id-2
tUirR0gEqgSY1kldtqlD93mPdRWcpKr6YJPCDA4YGwyhzsHDXB8rrDS2GVYoiUED4XJAoNB/xGbPT04Or+meqhna0q6nJIfCX6ul7wGWhL4=
x-evy-trace-route-configuration
listener_https/all
x-request-id
d8e357cc-a44a-4359-8219-2bf54cb2957c
last-modified
Mon, 08 Apr 2024 09:03:14 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ndjM%2B3fpEWowDi5L5OjwanZxaop8cs%2FMt7Tzpsak888%2Bsj3qFPCOh%2FzG3U2Yq%2BWI4rXKq%2FtsoFvyxvLmLXvFNZryr7qdudb2e5CbNTeKJaJ7BVau5q4tQIGQFTobDBdqRCmoGUd%2F"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/cms-hubfs-td/envoy-proxy-666dffc5d9-787tz
access-control-allow-credentials
false
cf-ray
8738dcf2df33451c-TXL
timing-allow-origin
www.threatfabric.com
x-amz-cf-id
-0bzkWZi6IZHPHOEzhtbH4cSyvHEgXVosWNfMfNbMUPV-v3nKUoN_w==
child.min.css
www.threatfabric.com/hs-fs/hub/6701575/hub_generated/template_assets/101040140217/1690200714709/Threatfabric_Hatch/ 		18 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.threatfabric.com/hs-fs/hub/6701575/hub_generated/template_assets/101040140217/1690200714709/Threatfabric_Hatch/child.min.css
Requested by
Host: www.threatfabric.com
URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
199.60.103.2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4554c59ffaf9a86e08194f2af04f58a31cc3eff5fc829869cfcaf1b90e7fda5c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.threatfabric.com/blogs/vultur-v-for-vnc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.107 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
x-amz-request-id
Y5N1XP4R43BM67Q3
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
x-evy-trace-listener
listener_https
etag
W/"375e2d364559758f00f4672f2337f027"
vary
origin, Accept-Encoding
x-amz-meta-created-unix-time-millis
1690200715438
content-type
text/css
x-evy-trace-virtual-host
all
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
date
Sat, 13 Apr 2024 04:55:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 6b7e1e42d74fd61097787cc6c1a37c34.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
YHUGG0qRBVQlbkubNRJeOinKfbxX5XfR
x-amz-cf-pop
IAD89-C1
x-hs-alternate-content-type
text/plain
x-hubspot-correlation-id
dd5488cb-9508-4ac8-a97e-64ddd1db7b26
x-cache
Miss from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
x-envoy-upstream-service-time
240
alt-svc
h3=":443"; ma=86400
x-amz-id-2
AbH3e+EQm8UGqpTt2O/TSMiLtSe5OVoQfHGZI0o0pVH4dU8Gc6tqLpTwebeWbK7ZOWJ8OzaVYMg=
x-evy-trace-route-configuration
listener_https/all
x-request-id
dd5488cb-9508-4ac8-a97e-64ddd1db7b26
last-modified
Mon, 24 Jul 2023 12:11:56 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2e3Ry%2FSmxx2V2yzzUfCiNPxnEnDEZSwwyyd5hTF9FuXNRsgWEjZtZg9PSKBIsO2SoW0dLV%2B%2BOk9NoEsy6JC8D2HZAT5p3w07pBzdINar4iIAfl0yj%2FMIMwIhyIpQc%2BeAvuYTtdZ6"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/cms-hubfs-td/envoy-proxy-649c5bbc6c-zjtxl
access-control-allow-credentials
false
cf-ray
8738dcf2df35451c-TXL
timing-allow-origin
www.threatfabric.com
x-amz-cf-id
H9fnggg8nvi9OHVAzHlVL-mMLSWVypvYn9EBATTtcHjSH65087ThtQ==
icons.css
www.threatfabric.com/hs-fs/hub/6701575/hub_generated/template_assets/101294760764/1688634016207/Threatfabric_Hatch/css/ 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.threatfabric.com/hs-fs/hub/6701575/hub_generated/template_assets/101294760764/1688634016207/Threatfabric_Hatch/css/icons.css
Requested by
Host: www.threatfabric.com
URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
199.60.103.2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b754a50214c3af13ad5b80267b36a52a379030f4cdf28ea62bdc23121fb63963
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.threatfabric.com/blogs/vultur-v-for-vnc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.107 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
x-amz-request-id
5584RSC073WNCSFH
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
x-evy-trace-listener
listener_https
etag
W/"f485b62b545a7fcece25c8883be79caa"
vary
origin, Accept-Encoding
x-amz-meta-created-unix-time-millis
1688634016207
content-type
text/css
x-evy-trace-virtual-host
all
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
date
Sat, 13 Apr 2024 04:55:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 50f5f6b4e0025748bb74dce1db44c750.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
5nj8DyG_fzY9UD_XVa9rI2VVLKA_WOmB
x-amz-cf-pop
IAD89-C1
x-hs-alternate-content-type
text/plain
x-hubspot-correlation-id
37821bc1-54d0-4cdf-b7a8-c560e033b3c3
x-cache
Miss from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
x-envoy-upstream-service-time
149
alt-svc
h3=":443"; ma=86400
x-amz-id-2
HbmxQuhMc4rtXoZ3S6IhLHVi7I/lYikfOE8pTumlLaJD8c3PZysQ7VTkzS6emFzwcFsHJhrXPe5YSktAm6aZgGuccY3xo5m2
x-evy-trace-route-configuration
listener_https/all
x-request-id
37821bc1-54d0-4cdf-b7a8-c560e033b3c3
last-modified
Thu, 06 Jul 2023 09:00:17 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UKYGOkH1OSwrdOIO8NiFO8A0xAmPxbV%2B9kaluMAlqfCinnGctjGn5hsLwfEMfyhlbruFuOm8kjI4MaTs98RBsTN2dcQFgB8ATnJlOX8jRXG%2BzxWEC5u2R%2BZKszH6JtKQz2gKRCyK"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/cms-hubfs-td/envoy-proxy-5c8495489f-fmgh5
access-control-allow-credentials
false
cf-ray
8738dcf2df38451c-TXL
timing-allow-origin
www.threatfabric.com
x-amz-cf-id
DcxWupYD7fVGHznxhOvugBt7vIU5vFHwb8Jyob03ezHapSQw_GaaPw==
nucleo.min.css
www.threatfabric.com/hs-fs/hub/6701575/hub_generated/template_assets/101294760784/1688634017698/Threatfabric_Hatch/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.threatfabric.com/hs-fs/hub/6701575/hub_generated/template_assets/101294760784/1688634017698/Threatfabric_Hatch/css/nucleo.min.css
Requested by
Host: www.threatfabric.com
URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
199.60.103.2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
74c17452683150ad0f623fdd9a849ba85d73fb9d221cebe9aa11db52969dbe23
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.threatfabric.com/blogs/vultur-v-for-vnc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.107 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
x-amz-request-id
6SN1CYWR6DEYTBBN
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
x-evy-trace-listener
listener_https
etag
W/"49397c87250109646a57314c716d8517"
vary
origin, Accept-Encoding
x-amz-meta-created-unix-time-millis
1688634018325
content-type
text/css
x-evy-trace-virtual-host
all
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
date
Sat, 13 Apr 2024 04:55:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 b4f7307b0bd82e33fcc14ab1b84bcd7c.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
izNRL5rIQmPgjsTIc9ETzUXSIAYDVuDR
x-amz-cf-pop
IAD12-P2
x-hs-alternate-content-type
text/plain
x-hubspot-correlation-id
e2310a41-cb8e-4987-a5d0-1ae18dfea9f9
x-cache
Miss from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
x-envoy-upstream-service-time
232
alt-svc
h3=":443"; ma=86400
x-amz-id-2
rdoIqToodeUcTRW3omyLpg3jLN/E4EWVJnerdIwS7JL8RGnKdfRniGqxk8nIuDCYKCDJrX4KjQY=
x-evy-trace-route-configuration
listener_https/all
x-request-id
e2310a41-cb8e-4987-a5d0-1ae18dfea9f9
last-modified
Thu, 06 Jul 2023 09:00:19 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=trG2a1YO6bX47In92EBLSXs1PB62OzPTc6TyaD2gVfp351tWaPBQnpFWlE6QI%2FujyeIC82wTZDvi3xP6M5XiKcB6lGQ9pmT4ODSoH8gebWGgcTTdlUS0g7v0vUeamSY1Q%2B4%2BF4az"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/cms-hubfs-td/envoy-proxy-6c8d5c7998-b6rgr
access-control-allow-credentials
false
cf-ray
8738dcf2df3a451c-TXL
timing-allow-origin
www.threatfabric.com
x-amz-cf-id
A5wNf1K5KkS8Ef-MeigXzd_WEr-DUPtLNN9lOfFK8jQGBYVhOoAsMg==
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/ 		58 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css
Requested by
Host: www.threatfabric.com
URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.threatfabric.com/blogs/vultur-v-for-vnc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.107 Safari/537.36

Response headers

date
Sat, 13 Apr 2024 04:55:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
119527
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10491
last-modified
Mon, 05 Oct 2020 17:43:59 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f7b5b5f-e7d0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WuSrA%2BCHprrnDl8Skx0dkj3gakhYcUjGXgXCkSvCbFKnBDR%2BZzwcc4RL1rpWgT2vsM6GJuc0jGn7QHMLUM4T2CY53MAhMmoGl30bh%2Biu8tw%2FcLUhyAWcPlZYcK9KHvgdi80qOLvM"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8738dcf31cda9bf2-FRA
expires
Thu, 03 Apr 2025 04:55:18 GMT
module_101038360946_Header.min.css
www.threatfabric.com/hs-fs/hub/6701575/hub_generated/module_assets/101038360946/1688634802882/ 		365 B
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.threatfabric.com/hs-fs/hub/6701575/hub_generated/module_assets/101038360946/1688634802882/module_101038360946_Header.min.css
Requested by
Host: www.threatfabric.com
URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
199.60.103.2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5172f440714da51e243a13e0f93911405618326b2013313b682caa428c47e6ef
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.threatfabric.com/blogs/vultur-v-for-vnc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.107 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
x-amz-request-id
YKXBK2Z1SK2EADJR
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
x-evy-trace-listener
listener_https
etag
W/"9256add48c317a196c6723f7f46739fd"
vary
origin, Accept-Encoding
x-amz-meta-created-unix-time-millis
1688634802882
content-type
text/css
x-evy-trace-virtual-host
all
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
date
Sat, 13 Apr 2024 04:55:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 88b63cb2f8aab28c7291262ffc15282e.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
gVyaXIU3JxB7cR9Hx9mqhXufUagRPpyd
x-amz-cf-pop
IAD89-C1
x-hs-alternate-content-type
text/plain
x-hubspot-correlation-id
609cb73a-1075-47e4-b70e-c863b6ba1ebb
x-cache
RefreshHit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
x-envoy-upstream-service-time
212
alt-svc
h3=":443"; ma=86400
x-amz-id-2
66zyvUol2fT4ZRc+V31etDhl4Xw9gTWnelJvSTiKylvXRJHRMm+k4ZHa4+gxRLeVXCaiMvkS52g=
x-evy-trace-route-configuration
listener_https/all
x-request-id
609cb73a-1075-47e4-b70e-c863b6ba1ebb
last-modified
Thu, 06 Jul 2023 09:13:23 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iPVo6%2BhoEfJb6Zqc41dz8TY%2FLkXSUg7Xfp8JC4Y7UAcdmkJDe2RUa9JIh3LVo3d%2F0oN88KE6TX6guLiNsUPdRIH6dZHK%2Fgny8IQ8p0PurEMEFvSEEoe0SSX6r6MTfgbuJCanTOpz"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/cms-hubfs-td/envoy-proxy-5c8495489f-wvfbh
access-control-allow-credentials
false
cf-ray
8738dcf2df3c451c-TXL
timing-allow-origin
www.threatfabric.com
x-amz-cf-id
hu-3pF4Ais7Dmx9nmUiySraFx66W95u1E1I3qifd3k2cMEhUQJ2HzQ==
module_-2712622_Site_Search_Input.min.css
cdn2.hubspot.net/hub/-1/hub_generated/module_assets/-2712622/1712968600285/ 		612 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn2.hubspot.net/hub/-1/hub_generated/module_assets/-2712622/1712968600285/module_-2712622_Site_Search_Input.min.css
Requested by
Host: www.threatfabric.com
URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.88.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
401925a1114f7003121630392768d35516be54a4028f01024528aeae99a45a56

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.threatfabric.com/blogs/vultur-v-for-vnc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.107 Safari/537.36

Response headers

content-encoding
br
age
15009
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
x-evy-trace-listener
listener_https
etag
W/"c708989561e0cdbfcf996d1b7f47482c"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1712968600285
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-evy-trace-virtual-host
all
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
date
Sat, 13 Apr 2024 04:55:18 GMT
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD89-C1
x-hs-alternate-content-type
text/plain
x-hubspot-correlation-id
edb29f01-2aa9-49ff-b2ed-5271c27403b0
x-amz-storage-class
INTELLIGENT_TIERING
x-envoy-upstream-service-time
149
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-request-id
edb29f01-2aa9-49ff-b2ed-5271c27403b0
last-modified
Sat, 13 Apr 2024 00:36:41 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2OKKQk13j5HabgsqO%2BYS6JreEt2nr1v%2B1UTcVQKbofGjuzp8Zj8eDC7D9I6e90GaijSUES9iJBj6l0AjvprCFO%2FCTx03DhRJx81eEcsrWKGVcH06RfClHtb1Q1aXCasgWl8%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/cms-cdn2-td/envoy-proxy-6f9f79465b-jtb4w
cf-ray
8738dcf32cd74480-TXL
module_102233451816_Blog_Post_01_-_Banner.min.css
www.threatfabric.com/hs-fs/hub/6701575/hub_generated/module_assets/102233451816/1694502536285/ 		208 B
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.threatfabric.com/hs-fs/hub/6701575/hub_generated/module_assets/102233451816/1694502536285/module_102233451816_Blog_Post_01_-_Banner.min.css
Requested by
Host: www.threatfabric.com
URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
199.60.103.2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6685b4f71edb4ae81b8a710e36f8c794c3e731feeb17614e476daf056b06a824
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.threatfabric.com/blogs/vultur-v-for-vnc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.107 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
x-amz-request-id
44DVT2VS7SF98SW1
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
x-evy-trace-listener
listener_https
etag
W/"835a1aea3731b5d0aa01d0cad90f4c2f"
vary
origin, Accept-Encoding
x-amz-meta-created-unix-time-millis
1694502536285
content-type
text/css
x-evy-trace-virtual-host
all
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
date
Sat, 13 Apr 2024 04:55:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 50f5f6b4e0025748bb74dce1db44c750.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
ssRnpRBke62diMBB.QBnNR1bBVg.nduX
x-amz-cf-pop
IAD89-C1
x-hs-alternate-content-type
text/plain
x-hubspot-correlation-id
d78bdc01-0198-466d-b915-80c904c9e76d
x-cache
RefreshHit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
x-envoy-upstream-service-time
171
alt-svc
h3=":443"; ma=86400
x-amz-id-2
5AUUCs9eN4ag4YZaukenj425y6S0aegzeKCXyeaoP3BgMClmwn9r9sjXZ89GRLZVUQgy8FhriQo=
x-evy-trace-route-configuration
listener_https/all
x-request-id
d78bdc01-0198-466d-b915-80c904c9e76d
last-modified
Tue, 12 Sep 2023 07:08:57 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mea7avsk7WJa%2BgGYmMXhAB2%2Bl6B5g8REXC%2FyQCnFHFblmJ%2FzM6p9Xzg1wd2HRnXQla9i6Uuf94wcxJ9xZvaakBZAYsL5O1YRcn4KvtW7F5lGGQFkM8jUr%2B%2Bm7rSRl4rbeq5m9ClZ"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/cms-hubfs-td/envoy-proxy-5c8495489f-tlb9j
access-control-allow-credentials
false
cf-ray
8738dcf2df41451c-TXL
timing-allow-origin
www.threatfabric.com
x-amz-cf-id
6-UZWiaaR6RBLz8-6pIYdSZw6GMhlYTR1zvZCD2nzK-ri-IrjL8LCw==
module_102407694414_Blog_Post_01_-_CTA.css
www.threatfabric.com/hs-fs/hub/6701575/hub_generated/module_assets/1688634804987/ 		749 B
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.threatfabric.com/hs-fs/hub/6701575/hub_generated/module_assets/1688634804987/module_102407694414_Blog_Post_01_-_CTA.css
Requested by
Host: www.threatfabric.com
URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
199.60.103.2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a924c55af6e42515871fdd850703bea91aedd280d30febc3ddc9f674df234785
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.threatfabric.com/blogs/vultur-v-for-vnc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.107 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
x-amz-request-id
0AECSAZJGZA4V4AV
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
x-evy-trace-listener
listener_https
etag
W/"e2815258c7a6f2ee41cbfe804e58e066"
vary
origin, Accept-Encoding
x-amz-meta-created-unix-time-millis
1688634804987
content-type
text/css
x-evy-trace-virtual-host
all
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
date
Sat, 13 Apr 2024 04:55:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 7dc4818c830423900ae855831181d2b8.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
K1nt1Fuq.UumOXfREd8pVf7ARGCOFlEV
x-amz-cf-pop
IAD89-C1
x-hs-alternate-content-type
text/plain
x-hubspot-correlation-id
12b05518-cff2-4da7-89ec-a3b79188fdd2
x-cache
Miss from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
x-envoy-upstream-service-time
229
alt-svc
h3=":443"; ma=86400
x-amz-id-2
SM5BVbKYTGv0BwzfhsnU1y00wWPhwcn/7tH83bUK26OyyqzuZ+FD2tyqDeNq+DhPOobglb4wIuTMHiSPUFNNWdYu2+RY+/WK
x-evy-trace-route-configuration
listener_https/all
x-request-id
12b05518-cff2-4da7-89ec-a3b79188fdd2
last-modified
Thu, 06 Jul 2023 09:13:25 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nTwNUoswPYvgVPTMXJlrt%2BZ%2FiQbA6lvSCUtkqde4ls3xdvy1BtUkZMaCKhuHudksAvgQfEJ9lZCskdA04leYSkpcRjHkZfPxIvW0g31aI8Hwp2yPEBlUvMdtYCLSLpi5ScrHWfx7"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/cms-hubfs-td/envoy-proxy-5c8495489f-tlb9j
access-control-allow-credentials
false
cf-ray
8738dcf2df43451c-TXL
timing-allow-origin
www.threatfabric.com
x-amz-cf-id
UHR4RYD8BBF81A733k8MX4S7bcyEl82U-aRiJ-kyDNj2T-H5_pwXjA==
prism.min.css
cdnjs.cloudflare.com/ajax/libs/prism/1.23.0/themes/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/prism/1.23.0/themes/prism.min.css
Requested by
Host: www.threatfabric.com
URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
928e23e6b9fcef82c5f1d1f05b6f7fc5a6e187c60195e59fbf16fc9d071ee057
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.threatfabric.com/blogs/vultur-v-for-vnc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.107 Safari/537.36

Response headers

date
Sat, 13 Apr 2024 04:55:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
886222
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
563
last-modified
Thu, 31 Dec 2020 20:37:58 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fee36a6-6fd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dLJZYAIZ7V9sPw11SK5KosOJbdf8TKdzBfS%2FFzCnoGTsvBpbhXz%2F132Mr1RBTuIFT3Yu0oD95DLIypD2gIUD6Uj5xAWT%2BzCgfOKC4FkKT%2B5FymmqgZPMmn5w6OX8FiC%2Bp%2Fvr7OO0"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8738dcf31cdb9bf2-FRA
expires
Thu, 03 Apr 2025 04:55:18 GMT
module_101039839309_Footer.min.css
www.threatfabric.com/hs-fs/hub/6701575/hub_generated/module_assets/101039839309/1688634802817/ 		542 B
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.threatfabric.com/hs-fs/hub/6701575/hub_generated/module_assets/101039839309/1688634802817/module_101039839309_Footer.min.css
Requested by
Host: www.threatfabric.com
URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
199.60.103.2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d65652e4a1175891a46374d16ec569329b2e667eedb5770ce7ce193fd8fd41a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.threatfabric.com/blogs/vultur-v-for-vnc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.107 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
x-amz-request-id
J8G23DV8BAXRWYHB
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
x-evy-trace-listener
listener_https
etag
W/"ed0772c6a57504bedc0b6dd9703ab3f1"
vary
origin, Accept-Encoding
x-amz-meta-created-unix-time-millis
1688634802817
content-type
text/css
x-evy-trace-virtual-host
all
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
date
Sat, 13 Apr 2024 04:55:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 ed8e6c4476f2632eef2c7ce856161af0.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
aEtuO57JBQ7Fe7bp8NQY6TbBJpxyVa2Z
x-amz-cf-pop
IAD89-C1
x-hs-alternate-content-type
text/plain
x-hubspot-correlation-id
62024443-3c72-41c9-bf0e-045e9c0c37e3
x-cache
RefreshHit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
x-envoy-upstream-service-time
163
alt-svc
h3=":443"; ma=86400
x-amz-id-2
5rM+MBKVM8I/7AMc2EFSHqci3wjrLsnmV5b9OULsbHPNnyb5mkpq0xO4kEnjWiPVFA9x8Fu2UXU=
x-evy-trace-route-configuration
listener_https/all
x-request-id
62024443-3c72-41c9-bf0e-045e9c0c37e3
last-modified
Thu, 06 Jul 2023 09:13:23 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WNEFPu%2FXxSGAQZVjN62OtUUngMk4bkU3q0c4e66inIHqTEzcKqZ1WqQv1mwj44t%2F4K9P7opbVwzgTXfvJ%2FKl9xrmAeS8eSwF3SkbZTb8DvY2ok7SmeQNE3pvBsvztymx%2FeLN9%2FRM"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/cms-hubfs-td/envoy-proxy-649c5bbc6c-ffcvb
access-control-allow-credentials
false
cf-ray
8738dcf2df45451c-TXL
timing-allow-origin
www.threatfabric.com
x-amz-cf-id
JSUybhE5ow-1J1LWQY-Jq41qHnTdLXaozvvjZz2DqlWsoGIPEggtNA==
js
www.googletagmanager.com/gtag/ 		252 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-SZHLN4DST6
Requested by
Host: www.threatfabric.com
URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1963c1ca8e348356f2dd5442d4a96fb1aacf9d7366eabb24d122f38753cab4cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.threatfabric.com/blogs/vultur-v-for-vnc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.107 Safari/537.36

Response headers

date
Sat, 13 Apr 2024 04:55:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90165
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 13 Apr 2024 04:55:18 GMT
threatfabric-logo-light.svg
www.threatfabric.com/hubfs/Threatfabric/logos/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.threatfabric.com/hubfs/Threatfabric/logos/threatfabric-logo-light.svg
Requested by
Host: www.threatfabric.com
URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
199.60.103.2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e082d568fb44df37fa453a514a8e553c889abe144c5c73866c1f020e4ccfbc49
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.threatfabric.com/blogs/vultur-v-for-vnc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.107 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
x-amz-meta-cache-tag
F-101040308776,FD-101040367016,P-6701575,FLS-ALL
age
160030
x-amz-request-id
190XPYM4P64XER60
x-amz-server-side-encryption
AES256
edge-cache-tag
F-101040308776,FD-101040367016,P-6701575,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
etag
W/"8b008611e237cad1162ac34fa0566106"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1675415283131
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
date
Sat, 13 Apr 2024 04:55:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 4f41a6860ab116e6fd0a110c5ba1420a.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
YCo1pSCjPp8.6ZHhoecaW6WpJqmNwWPZ
x-amz-cf-pop
VIE50-P1
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
cache-tag
F-101040308776,FD-101040367016,P-6701575,FLS-ALL
x-amz-meta-index-tag
all
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400
x-amz-id-2
TO132Ks/FTi9b96Zr60XdX/ZodJOT1MwEzCnpzBPhYeHjUD982nlSBB5wtaTG4Jv3wltMISG2IP3x1gaS2F+B0g82gVhSv+jtXJqCAsZL8Q=
last-modified
Fri, 03 Feb 2023 09:08:04 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2zFvc9ivAMAFEF9MG3bEJWel7nqo%2FBjzHxUPcoD8j2pTDZTqsLqRxiA1daeepWaAb%2F3BOlhUTnyVZSzXrsgBDJkHVxHyu7%2FaOiEO6wZ%2F9poQbdGUrnoQW%2FVp2b2bdQlHJIOfPuBY"}],"group":"cf-nel","max_age":604800}
cf-ray
8738dcf2df46451c-TXL
timing-allow-origin
d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id
J3BZu298kwWKT_8aTg43eEBbEEhw1NnAqNMuNPrFThxYTwkFtQIB0Q==
embed.js
static.hsappstatic.net/content-cwv-embed/static-1.840/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hsappstatic.net/content-cwv-embed/static-1.840/embed.js
Requested by
Host: www.threatfabric.com
URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ae5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ee5c21fba72db5037f82a272693e5db4bb73ab1059a340dcffc9bee28f670c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.threatfabric.com/blogs/vultur-v-for-vnc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.107 Safari/537.36

Response headers

date
Sat, 13 Apr 2024 04:55:18 GMT
x-amz-version-id
e_mEpsTIjne7IZWFj8MkYDmouI7jSgMC
via
1.1 a2ce61e5ddc66736c9e2bfb6581fa2da.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA60-P6
age
985332
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 01 Apr 2024 16:01:41 GMT
server
cloudflare
etag
W/"3a4474324e070674ecd017b9d44b9c99"
vary
Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r%2FkGphpdFeaG0OWfM%2B8NLQEa9zcDIrCLMPM4M%2FPH7S%2BWNQxOz49fLrx2eBOd8rFbGslfTzEBiI0b%2FrJQHiSx4n6j%2Beu1UrgpXU5kmg5mab1EfUDsr8%2F7ObljIW67hoGD8cnTKM%2B6wTZ14DHqzkt6fTwK7lA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8738dcf4a9d839c4-FRA
x-amz-cf-id
uPbLZkmjrnCQRcy_jlXxA53kIIcKlWFGGfQZ_1GaMR0TsSieN4Mxjg==
expires
Sun, 13 Apr 2025 04:55:18 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: www.threatfabric.com
URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.threatfabric.com/blogs/vultur-v-for-vnc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.107 Safari/537.36

Response headers

date
Sat, 13 Apr 2024 04:55:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
24333
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27958
last-modified
Mon, 04 May 2020 23:01:39 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb09ed3-15d84"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Kk88bw2I5Lkz39HE9%2BjevOLIKY47ygFDrIWyjV29wFreb%2FO17%2BM6HO2ht2054ct0kVtr7VaV%2BWwOupOWaEN30YDSpAOqzPfq3owa4fMwnkryVfdIJM8yimPsCKx67OeiDLdY8d0p"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8738dcf31cd89bf2-FRA
expires
Thu, 03 Apr 2025 04:55:18 GMT
jquery-migrate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.3.1/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.3.1/jquery-migrate.min.js
Requested by
Host: www.threatfabric.com
URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89bf8cdea73ce776d6b81d03837bc7f04af5e3946b839a3c0bfbf3094ad3f7be
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.threatfabric.com/blogs/vultur-v-for-vnc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.107 Safari/537.36

Response headers

date
Sat, 13 Apr 2024 04:55:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
809252
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3592
last-modified
Thu, 25 Jun 2020 01:22:57 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5ef3fc71-2b0b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dvGSor%2FSng0pwH7q%2B7%2FUKDn0fzWnmoKUc34bdq3csZumZFqs4KavqZQCIi68%2FVPW6lW6E3rby8CTcJGozCv7w78peGvAZOXogC8EUlj3IlFBB9KeW0oEN%2Bme048hxOI6qS7l%2FXUe"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8738dcf36d129bf2-FRA
expires
Thu, 03 Apr 2025 04:55:18 GMT
plugins.min.js
www.threatfabric.com/hs-fs/hub/6701575/hub_generated/template_assets/100565705870/1712566990318/Threatfabric_Hatch/js/plugins/ 		203 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.threatfabric.com/hs-fs/hub/6701575/hub_generated/template_assets/100565705870/1712566990318/Threatfabric_Hatch/js/plugins/plugins.min.js
Requested by
Host: www.threatfabric.com
URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
199.60.103.2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
42db2b6421ba0667a52a6f929b6f61decd0a6efd16ac1bde0701bcc0e132d4ea
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.threatfabric.com/blogs/vultur-v-for-vnc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.107 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
x-amz-request-id
22J6H51G8EARKC37
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
x-evy-trace-listener
listener_https
etag
W/"0c0f5074d4f875852639ceb3929df89a"
vary
origin, Accept-Encoding
x-amz-meta-created-unix-time-millis
1712566991454
content-type
application/javascript; charset=utf-8
x-evy-trace-virtual-host
all
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
date
Sat, 13 Apr 2024 04:55:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 3fad6888361bd8bcd9c5b458635f78d0.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
fjOXJuabDfIf8ylKYtupYQJB8ocmEl78
x-amz-cf-pop
IAD61-P1
x-hs-alternate-content-type
text/plain
x-hubspot-correlation-id
8eb0edd5-d18a-4aa7-b7de-6b7961f88e38
x-cache
Miss from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
x-envoy-upstream-service-time
214
alt-svc
h3=":443"; ma=86400
x-amz-id-2
nedluMELd7xetaPUhhmF0/NZOqQKjkl7DB2XQjwViHtj/Jr1slqjv7JOYo0f0wVSDpZhA9Bs0mc=
x-evy-trace-route-configuration
listener_https/all
x-request-id
8eb0edd5-d18a-4aa7-b7de-6b7961f88e38
last-modified
Mon, 08 Apr 2024 09:03:12 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fqikXn%2FqzoK%2F7cPIhWaYQb7L%2FDtlLMyfoesenr12ugZ6v%2Fs%2BQGcSJ27Y7ypQSy9TGg%2BeuxuqgKo5hxRNKe4D3t%2BVR2SEbthMuKc627b1PHRiuWsDoJxKTeTtyxUlBQpplZc5bWdx"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/cms-hubfs-td/envoy-proxy-666dffc5d9-xcm9c
access-control-allow-credentials
false
cf-ray
8738dcf4199b451c-TXL
timing-allow-origin
www.threatfabric.com
x-amz-cf-id
gibQZ4jtng44w4r_OzSCw7L16qRlPh9QTffZybRrD7sv6rlmPcMgfg==
main.min.js
www.threatfabric.com/hs-fs/hub/6701575/hub_generated/template_assets/100565738928/1712566988034/Threatfabric_Hatch/js/ 		30 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.threatfabric.com/hs-fs/hub/6701575/hub_generated/template_assets/100565738928/1712566988034/Threatfabric_Hatch/js/main.min.js
Requested by
Host: www.threatfabric.com
URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
199.60.103.2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c917923119f99ca28c29eca25a2a4a9606edd23f26633bab2e212ce053dd5f1c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.threatfabric.com/blogs/vultur-v-for-vnc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.107 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
x-amz-request-id
22JC2B1DK7RAAJZQ
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
x-evy-trace-listener
listener_https
etag
W/"0af793e68edebfa90f8e52a942155cc6"
vary
origin, Accept-Encoding
x-amz-meta-created-unix-time-millis
1712566988355
content-type
application/javascript; charset=utf-8
x-evy-trace-virtual-host
all
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
date
Sat, 13 Apr 2024 04:55:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 0ebe6e1aeade584a38f4b98aa3f2014a.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
5wOCXUk6GlkhCRHCrKIei1hIBxtJntKl
x-amz-cf-pop
IAD61-P1
x-hs-alternate-content-type
text/plain
x-hubspot-correlation-id
2ed74092-e162-4f7b-89ca-56d1d89347a0
x-cache
Miss from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
x-envoy-upstream-service-time
165
alt-svc
h3=":443"; ma=86400
x-amz-id-2
0ciVn8rFcHgSDWAKNFnA6gdjf5Lx9k98P3eTS7JmaAcLY3EjR1ZZTLiiVOFecNWAYew2qnh9oss=
x-evy-trace-route-configuration
listener_https/all
x-request-id
2ed74092-e162-4f7b-89ca-56d1d89347a0
last-modified
Mon, 08 Apr 2024 09:03:09 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=90gzLoK89bdJDi0x8OuohI6%2FyAiLLQp0F7Ti04DTOe1rG8Ha%2FhOdsemirpCuf1UOoGCU%2BeDtRXOZJAb5T4e93CpCYVb6TM9c2PeeOgHo4LvkshGwnun6sfpEpisCSvhWQMWcXaLr"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/cms-hubfs-td/envoy-proxy-666dffc5d9-5ktnt
access-control-allow-credentials
false
cf-ray
8738dcf4199d451c-TXL
timing-allow-origin
www.threatfabric.com
x-amz-cf-id
2BgKZKLKQxwmzP_vy3pg9t-PkCm_VpoFupEAbabiUAR1Dpy8En0syw==
child.min.js
www.threatfabric.com/hs-fs/hub/6701575/hub_generated/template_assets/101040014386/1687845070161/Threatfabric_Hatch/ 		654 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.threatfabric.com/hs-fs/hub/6701575/hub_generated/template_assets/101040014386/1687845070161/Threatfabric_Hatch/child.min.js
Requested by
Host: www.threatfabric.com
URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
199.60.103.2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c16d59010b5c7bc246cc28fa0b991da4aaf6ed332f99940a4d5bd29de1ad43de
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.threatfabric.com/blogs/vultur-v-for-vnc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.107 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
x-amz-request-id
44DVQB2ANMQGN201
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
x-evy-trace-listener
listener_https
etag
W/"6748e45b4b9a78b567cc67c4bbe101c4"
vary
origin, Accept-Encoding
x-amz-meta-created-unix-time-millis
1687845070347
content-type
application/javascript; charset=utf-8
x-evy-trace-virtual-host
all
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
date
Sat, 13 Apr 2024 04:55:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 d1cde188ada6755fe03b8541b71fce4a.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
tWyHUvyl_PrBUjYVhQfi.cVUEpkzlair
x-amz-cf-pop
IAD89-C1
x-hs-alternate-content-type
text/plain
x-hubspot-correlation-id
4c8c0e66-2de5-4a75-acc0-9b237ced3c4c
x-cache
RefreshHit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
x-envoy-upstream-service-time
171
alt-svc
h3=":443"; ma=86400
x-amz-id-2
6993m4qsk9q07CVAD8Vhl9wjcrbn8R8hC7xVI3dHbAOJIbLf1VKQkpDtlbJzOAQxmOHas0BVf+nGnUcy+w+NkYv6OhyJanhS03YIMn+ux6I=
x-evy-trace-route-configuration
listener_https/all
x-request-id
4c8c0e66-2de5-4a75-acc0-9b237ced3c4c
last-modified
Tue, 27 Jun 2023 05:51:11 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7Ruk5P%2BOabXHBP8fyTuv0RnrHk8uo49xyo709EWY%2F7KkimRbyd%2FJTV2PVrRuAPtl8DZQVhEFq4pEme4TJrtT0mtEJ7xMaPWjC85oHd44Gvv25atA%2Bdb%2FvCNy5ZoZDCxxv3MH%2F8sD"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/cms-hubfs-td/envoy-proxy-5c8495489f-98jll
access-control-allow-credentials
false
cf-ray
8738dcf398bd451c-TXL
timing-allow-origin
www.threatfabric.com
x-amz-cf-id
Mf7VXgai6DJb2qsBlwBAQJQC4ZesSzeyB1BNS_PwYKHxJH1mwV8ISQ==
module_-2712622_Site_Search_Input.min.js
cdn2.hubspot.net/hub/-1/hub_generated/module_assets/-2712622/1712968599654/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.hubspot.net/hub/-1/hub_generated/module_assets/-2712622/1712968599654/module_-2712622_Site_Search_Input.min.js
Requested by
Host: www.threatfabric.com
URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.88.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
863886e2347be57cf71d7ed3fc614593e94bbce61858cd8c0761ba7a78d2ace4

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.threatfabric.com/blogs/vultur-v-for-vnc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.107 Safari/537.36

Response headers

content-encoding
br
age
15008
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
x-evy-trace-listener
listener_https
etag
W/"f9134a973469f840bf03f740af92c65f"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1712968599654
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-evy-trace-virtual-host
all
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
date
Sat, 13 Apr 2024 04:55:18 GMT
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD89-C1
x-hs-alternate-content-type
text/plain
x-hubspot-correlation-id
b74f1414-3e00-48c3-8f45-23496dd4bdea
x-amz-storage-class
INTELLIGENT_TIERING
x-envoy-upstream-service-time
657
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-request-id
b74f1414-3e00-48c3-8f45-23496dd4bdea
last-modified
Sat, 13 Apr 2024 00:36:40 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3TW%2Bl9MQr8P4ueZoZL77MJ68qijt1YEN%2FRHmJRDejoK7eCCn5tNKC%2BQPfclwyg7re2f0zqV0ag0MGquC2%2Bpn0LahoWUf%2BrsWeEViJm%2BRMEjZlW4ouSa1jn5diGSVFHejcuA%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/cms-cdn2-td/envoy-proxy-6f9f79465b-8lkkj
cf-ray
8738dcf3ddfe4480-TXL
blog.min.js
www.threatfabric.com/hs-fs/hub/6701575/hub_generated/template_assets/100565906251/1712566976389/Threatfabric_Hatch/js/ 		392 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.threatfabric.com/hs-fs/hub/6701575/hub_generated/template_assets/100565906251/1712566976389/Threatfabric_Hatch/js/blog.min.js
Requested by
Host: www.threatfabric.com
URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
199.60.103.2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae37720bad220c27736f9097566e8cec3bce2f45d980f509c193f54d6d4aea59
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.threatfabric.com/blogs/vultur-v-for-vnc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.107 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
x-amz-request-id
F8G50Q3JA5Q9G4N6
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
x-evy-trace-listener
listener_https
etag
W/"192208997eb533dfcb00b8442296edae"
vary
origin, Accept-Encoding
x-amz-meta-created-unix-time-millis
1712566976534
content-type
application/javascript; charset=utf-8
x-evy-trace-virtual-host
all
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
date
Sat, 13 Apr 2024 04:55:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 05c82d802dd7dc7f98fd5d5083d604ba.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
pqFrH_U2a9yz9fm669sD7mXdUI5HLuH9
x-amz-cf-pop
IAD61-P1
x-hs-alternate-content-type
text/plain
x-hubspot-correlation-id
87bb2112-34ef-4f11-a8bb-6c136be7610d
x-cache
Miss from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
x-envoy-upstream-service-time
197
alt-svc
h3=":443"; ma=86400
x-amz-id-2
KfBUN0YAMgmul8TLFCD1FgO1ur4bsgxflMUd18DisLPVASKh5+48qB5N0iyL0PcjOZW73D+hdRM=
x-evy-trace-route-configuration
listener_https/all
x-request-id
87bb2112-34ef-4f11-a8bb-6c136be7610d
last-modified
Mon, 08 Apr 2024 09:02:57 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dpd7DuSMrN%2FUdYUy4u9CgrcvcL004se6Zwe8oSP%2F%2F3q%2BVLhe%2BeEulK%2FKSzKltDlU7DmZEIyK6D3Vi54p3VAXkcMT7XuvpNH%2BhwkS8F8xFUDkW%2BjcWFv%2F9HGpIllKHmiKnPHn52%2Fe"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/cms-hubfs-td/envoy-proxy-666dffc5d9-787tz
access-control-allow-credentials
false
cf-ray
8738dcf41998451c-TXL
timing-allow-origin
www.threatfabric.com
x-amz-cf-id
Nmz7j6kT7U9PmoOGFKoNG3J8dJzNVGoCsLEaxIuKPhO1lYWeTfWZdQ==
beautify.min.js
cdnjs.cloudflare.com/ajax/libs/js-beautify/1.14.8/ 		73 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/js-beautify/1.14.8/beautify.min.js
Requested by
Host: www.threatfabric.com
URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d5c291cc9ce12740d42109fbf4384252918103351a98793ffa71f764ea3e4cf
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.threatfabric.com/blogs/vultur-v-for-vnc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.107 Safari/537.36

Response headers

date
Sat, 13 Apr 2024 04:55:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
308931
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
14063
last-modified
Tue, 09 Jan 2024 00:54:04 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"659c8b1c-36ef"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bGIIepoDAto9uk5zsO7CnX%2FsFSfQhKBza%2FYj0xfrE7iPwHX7A9o6sSMOXurB6MS%2F%2Bh9KYO5D9WQx%2Bt6GU8TtFv%2F8wUwyIJ92lwbIYzZrxydTDXURSQY4llJNFd4fHcrwyA0k6Ceb"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8738dcf41d839bf2-FRA
expires
Thu, 03 Apr 2025 04:55:18 GMT
prism.min.js
cdnjs.cloudflare.com/ajax/libs/prism/1.24.1/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/prism/1.24.1/prism.min.js
Requested by
Host: www.threatfabric.com
URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc377d0b25d1c78cd2fb2d8c9b3cc8fe12db24bd47084deda1129905ca256099
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.threatfabric.com/blogs/vultur-v-for-vnc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.107 Safari/537.36

Response headers

date
Sat, 13 Apr 2024 04:55:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2635858
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5980
last-modified
Sat, 03 Jul 2021 14:05:42 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"60e06eb6-175c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L20RDned7Ki8xeK1HzKiF13BLm1ICAS17TsvCtrze2a7a0%2BAAaqlPy0DxFkcW8QK31dj9rJd%2BRYTwOTATV2Qq%2FmXh91vEcclNYCTU7bjWA75Jw3LgkuqpZunl8qfmeZiMU%2Bilmm9"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8738dcf41d859bf2-FRA
expires
Thu, 03 Apr 2025 04:55:18 GMT
6701575.js
www.threatfabric.com/hs/scriptloader/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.threatfabric.com/hs/scriptloader/6701575.js
Requested by
Host: www.threatfabric.com
URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
199.60.103.2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bcd46c35e32ebba8e79aa915a5cb5d551c098fb013d4f921f09619bc59fb9ee
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.threatfabric.com/blogs/vultur-v-for-vnc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.107 Safari/537.36

Response headers

date
Sat, 13 Apr 2024 04:55:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy
upgrade-insecure-requests
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
78bf14db-bc22-4a99-89d0-4f882045877b
content-encoding
br
x-envoy-upstream-service-time
14
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
78bf14db-bc22-4a99-89d0-4f882045877b
last-modified
Fri, 12 Apr 2024 11:13:18 GMT
server
cloudflare
vary
origin, Accept-Encoding
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://www.threatfabric.com
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-697677dfc-6lk25
cache-control
public, max-age=90
access-control-allow-credentials
true
x-evy-trace-virtual-host
all
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eqUc9%2Bk9DoUWo7gmhpcjWceczU1l%2BHoFUrPh2VzfdvT82UMxaZcjKrW4wECz%2Fa0VadUyGkp8xAYF5vDJekrokq86u6M2gNaiw2BpudwS4K9ZYah141G%2F%2F57VItgbl0zSPf6QEyYJ"}],"group":"cf-nel","max_age":604800}
cf-ray
8738dcf419a0451c-TXL
expires
Sat, 13 Apr 2024 04:56:48 GMT
index.js
www.threatfabric.com/hs/hsstatic/HubspotToolsMenu/static-1.321/js/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.threatfabric.com/hs/hsstatic/HubspotToolsMenu/static-1.321/js/index.js
Requested by
Host: www.threatfabric.com
URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
199.60.103.2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f826bcac220a5475477ee65fae659b0d8292d038d180a122df67fadb6742ed52
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.threatfabric.com/blogs/vultur-v-for-vnc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.107 Safari/537.36

Response headers

date
Sat, 13 Apr 2024 04:55:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 44a23a2f4d4e9659f5b008d1f39e1318.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy
upgrade-insecure-requests
age
903905
x-amz-cf-pop
WAW51-P3
x-amz-server-side-encryption
AES256
x-amz-version-id
1rlxLpliQ7bEVIEMqiesE48_Sx9RmqkP
content-encoding
br
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 20 Mar 2024 15:59:57 GMT
server
cloudflare
etag
W/"5885ac5129ee80f8b7e1e228e142587d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r5N9NOxoJIOgUCf%2FYYiOzczzeW8JJ9dcye9YhkojIBIxkN1DUYb3TAVgbk%2FIR7N7VCLbq045PdMqol6Vp83TtKV816CO4hIj1Halx0jFBEkqqq0BvtzWsjZRFCcchj85C3nxXZXp"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8738dcf419a1451c-TXL
x-amz-cf-id
5LTyQyxZIRPK3NZXGJfmCy10Vf8EZlRquB0oSXT-gV1kjarqaNrJ5Q==
expires
Sun, 13 Apr 2025 04:55:18 GMT
6701575.js
js.hs-scripts.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/6701575.js
Requested by
Host: www.threatfabric.com
URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8dd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bcd46c35e32ebba8e79aa915a5cb5d551c098fb013d4f921f09619bc59fb9ee
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.threatfabric.com/blogs/vultur-v-for-vnc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.107 Safari/537.36

Response headers

date
Sat, 13 Apr 2024 04:55:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
EXPIRED
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
acc3ff2f-46f0-4876-acfb-fb33b104a39f
x-envoy-upstream-service-time
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
acc3ff2f-46f0-4876-acfb-fb33b104a39f
last-modified
Sat, 13 Apr 2024 04:27:47 GMT
server
cloudflare
vary
origin, Accept-Encoding
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://www.threatfabric.com
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-697677dfc-ccxbz
access-control-allow-credentials
true
cache-control
public, max-age=90
cf-ray
8738dcf4aa6c1c9b-FRA
expires
Sat, 13 Apr 2024 04:56:48 GMT
in.js
platform.linkedin.com/ 		0
0
tf-blogpost-banner-divider-01.svg
www.threatfabric.com/hubfs/Threatfabric/images/ 		576 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.threatfabric.com/hubfs/Threatfabric/images/tf-blogpost-banner-divider-01.svg
Requested by
Host: www.threatfabric.com
URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
199.60.103.2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d92c25b1d90bdf3fb25373c5e3de35b1256f47a96575d58b4e6ae10be499d76d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.threatfabric.com/blogs/vultur-v-for-vnc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.107 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
x-amz-meta-cache-tag
F-102446427186,FD-101619062546,P-6701575,FLS-ALL
age
271845
x-amz-request-id
W7QCMXQQWH53DHP7
x-amz-server-side-encryption
AES256
edge-cache-tag
F-102446427186,FD-101619062546,P-6701575,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
etag
W/"af4732c5d3ba47ba314c39750f2c2e6f"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1676379615960
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
date
Sat, 13 Apr 2024 04:55:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 e9b74ccbde368a1365608891aeccb498.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
LvbdpHvwKMpHzOWR2c2lhGUzlD608lQ_
x-amz-cf-pop
FRA60-P7
x-hs-alternate-content-type
text/plain
x-cache
Miss from cloudfront
cache-tag
F-102446427186,FD-101619062546,P-6701575,FLS-ALL
x-amz-meta-index-tag
all
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400
x-amz-id-2
lp30KeDIFIalxy/EJYMCnGZ3QU069TzVfvtdRyc3ub1qR2+VPNpqgegVoheh+LynDd4nqMkPUaWF0V0rEerqRAjxQmUCSI+R
last-modified
Tue, 14 Feb 2023 13:00:17 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sDMQw8pZzhxAhWd%2BFvXhUZLeGK9jZO0Fpdin%2Bxlh5iOhFNIPgGTUSbG3H5Vy1Qgc1q4DAPuaHyMuUjWlF5GkWjqUSluxl8o%2Bh8znkNFEOzpY737pC8kl0zM4fbKDdbd6adqdXZCH"}],"group":"cf-nel","max_age":604800}
cf-ray
8738dcf429c5451c-TXL
timing-allow-origin
d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id
yUvfy7WBkwdUlYl5ILfL2RO73-RIdb-Qq2BY15ieU40pMdpVkUCW6w==
tf-offer-bg-divider-01.svg
www.threatfabric.com/hubfs/Threatfabric/images/ 		556 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.threatfabric.com/hubfs/Threatfabric/images/tf-offer-bg-divider-01.svg
Requested by
Host: www.threatfabric.com
URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
199.60.103.2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
639127081177ea5058409066f97e84fb8ffdad426754956248f4ed77b45bd606
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.threatfabric.com/blogs/vultur-v-for-vnc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.107 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
x-amz-meta-cache-tag
F-102241528447,FD-101619062546,P-6701575,FLS-ALL
age
663798
x-amz-request-id
EJQ76AZN103CQ0YH
x-amz-server-side-encryption
AES256
edge-cache-tag
F-102241528447,FD-101619062546,P-6701575,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
etag
W/"3c05186b36e65acf42dc5ace50a34360"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1676276654996
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
date
Sat, 13 Apr 2024 04:55:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 b2373cd296c22c460cd352ec0beb0b2c.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
.HXvxpbfuTohzDbnYKcJooLLN3h3f42c
x-amz-cf-pop
TXL50-P3
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
cache-tag
F-102241528447,FD-101619062546,P-6701575,FLS-ALL
x-amz-meta-index-tag
all
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400
x-amz-id-2
CON0vSxD/DcEfUj4DtEMqxR8k//SpjaC4Ma4eig7BNfWkGYBJJuvQNisXy+CWKoZ4jjRwe7C0yA=
last-modified
Mon, 13 Feb 2023 08:24:16 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yerkOKJjGksurybj1lOZLtgAmAO59sGttw%2BPN21riIcRRexnVvAmzJP%2B5dU8RruE23gO%2FRbpacquHiYC5pds77zb3hrYB05n1%2FzZLqOY8saeP1tfMkdfxKphhp9Mstjihzv%2BZ3Ry"}],"group":"cf-nel","max_age":604800}
cf-ray
8738dcf439f1451c-TXL
timing-allow-origin
d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id
RXo0iSeZ3jhfPpIQjW5oVpT6cxEixVa2sCptIOgY7MzirKy5w_SbYQ==
Kanit-Light.ttf
www.threatfabric.com/hubfs/Threatfabric/fonts/kanit/ 		163 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.threatfabric.com/hubfs/Threatfabric/fonts/kanit/Kanit-Light.ttf
Requested by
Host: www.threatfabric.com
URL: https://www.threatfabric.com/hs-fs/hub/6701575/hub_generated/template_assets/101040140217/1690200714709/Threatfabric_Hatch/child.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
199.60.103.2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7b87f1b48aa75784afb205b3d567664641bc056af2e20b5873da2c90605b7d2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.threatfabric.com/hs-fs/hub/6701575/hub_generated/template_assets/101040140217/1690200714709/Threatfabric_Hatch/child.min.css
Origin
https://www.threatfabric.com
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.107 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
x-amz-meta-cache-tag
F-112819245065,FD-112819245060,P-6701575,FLS-ALL
age
415068
x-amz-request-id
SE060ER23JKXR0C6
x-amz-server-side-encryption
AES256
edge-cache-tag
F-112819245065,FD-112819245060,P-6701575,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
etag
W/"0c443ef22ca3ce98e0b670310f5ebb36"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
font/ttf
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1682489433648
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
date
Sat, 13 Apr 2024 04:55:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 9ce5a2f082cd268feb50cb923d761742.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
Tqpimg7QV74KE9DspBbqQUupRuYfGKOs
x-amz-cf-pop
WAW51-P1
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
cache-tag
F-112819245065,FD-112819245060,P-6701575,FLS-ALL
x-amz-meta-index-tag
all
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400
x-amz-id-2
LC/yBGJTG6SdL/43Lp+gZsUEq+Wo9Uhxq2X5mLe0vUODFiY+1EvHi23dF4qg/7rFrSlKscQexcPlMy/k6M0sLnNDgAVBqxou
last-modified
Wed, 26 Apr 2023 06:10:34 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0B2MHQU6B4Fmu0LCRQRY07CPvDUQZjPS6%2FFL4qPh5bA2rObxngxXJ5DOxtp3KHzZCDaA5WPksi9%2FmN1ZwWKb8wCMuywDnCrPdXSumXMUi9WWwmyKC1ME%2F1ZwmqWrTF6mz8c0g9IQ"}],"group":"cf-nel","max_age":604800}
cf-ray
8738dcf44a33451c-TXL
timing-allow-origin
d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id
hKRGicyd7XpQv6uWLPTNE1IdfcpJ7GxQPmd0Z4kXJFNF97opJuMXiA==
cover.webp
www.threatfabric.com/hubfs/Threatfabric/images/blog/vultur/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.threatfabric.com/hubfs/Threatfabric/images/blog/vultur/cover.webp
Requested by
Host: www.threatfabric.com
URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
199.60.103.2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a0581af9cdf2d6657ca04dd6b161431278711792140219fe4ac659c5965d5fd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.threatfabric.com/blogs/vultur-v-for-vnc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.107 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
x-amz-meta-cache-tag
F-104219075701,FD-104219350384,P-6701575,FLS-ALL
age
271844
x-amz-request-id
PGWHB396RHSFY78K
x-amz-server-side-encryption
AES256
edge-cache-tag
F-104219075701,FD-104219350384,P-6701575,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
etag
"ff83e86b9eb901d825dc738009a2d22a"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1677479117321
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
date
Sat, 13 Apr 2024 04:55:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 a259e473ed71960eef79d73efea6bc7e.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
sHg5IMSTPsjxdj6UEHduWKBjWdbzjXGj
x-amz-cf-pop
TXL50-P5
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
cache-tag
F-104219075701,FD-104219350384,P-6701575,FLS-ALL
x-amz-meta-index-tag
all
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400
content-length
34696
x-amz-id-2
glsHMth+D+c2Vq7f2DHEdf3SXVQRWLbOqlShVyJp9/+WjgkqVBrjbOjLUho82MC16jg0fvbH0ng=
last-modified
Mon, 27 Feb 2023 06:25:18 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8XKGHf%2FUSt0k%2FoKBvaTPoyjGaoUDQU5SwJ8HvDub%2BDWpCKFXnmqx%2FtFNzhi%2BL2RLE9Xh2zXU6bbefPn%2B9wiv0MBeorUKBajDpSURQFgdnOKQtPjQXK3keXsX9PABOlPfhmMagUhX"}],"group":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
8738dcf44a2b451c-TXL
timing-allow-origin
d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id
CpZbeG0ll1wkysK-MwaLC7-eeVchvfo_PF22y6DpcKMx1qp7RbhzTQ==
brunhilda-sample-mti.png
www.threatfabric.com/hubfs/Threatfabric/images/blog/vultur/ 		11 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.threatfabric.com/hubfs/Threatfabric/images/blog/vultur/brunhilda-sample-mti.png
Requested by
Host: www.threatfabric.com
URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
199.60.103.2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cd47f9815f3d112d4a99d4f88bc764a5edfe932fa5ec251829f7e2f5a25d05c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.threatfabric.com/blogs/vultur-v-for-vnc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.107 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
x-amz-meta-cache-tag
F-104219350386,FD-104219350384,P-6701575,FLS-ALL
age
124289
x-amz-request-id
PND6R4ANF7PBYQAS
x-amz-server-side-encryption
AES256
edge-cache-tag
F-104219350386,FD-104219350384,P-6701575,FLS-ALL
x-amz-replication-status
COMPLETED
content-disposition
inline; filename="brunhilda-sample-mti.webp"
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
cf-bgj
imgq:85,h2pri
etag
"7c95893a6b8f30c3894b499fd3d64bde"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1677479117231
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
date
Sat, 13 Apr 2024 04:55:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 8562aa55ecb1bd657c9073c0910ec6bc.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
S.v.z6v.EmVOAQarNHY3POFcTnE.lGar
x-amz-cf-pop
TXL50-P5
x-hs-alternate-content-type
text/plain
cf-polished
origFmt=png, origSize=13077
x-cache
RefreshHit from cloudfront
cache-tag
F-104219350386,FD-104219350384,P-6701575,FLS-ALL
x-amz-meta-index-tag
all
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400
content-length
11482
x-amz-id-2
Qh2LJluQ2UUXT25FsPw/yUvgzo+xHrS3TPN2RHYdGFmEjMvTHKWBA9xLlADEVSklbgadOwDOydNoN8zNz2B5XGFSAxmZw/vO
last-modified
Mon, 27 Feb 2023 06:25:18 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UkdN%2FzDL39V1Ck%2BCLmqXf%2BkmLiabfjgdx6Z9gNoL9VTgNWOS%2Bim4QVb12%2BMTqshab9S4BVqW2RO1Kx%2BUvDn0YoCCYWaS%2ByP9OGoc01GdGtwiQDA36K8mfd02HKp24oaLNGi1LW07"}],"group":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
8738dcf44a2f451c-TXL
timing-allow-origin
d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id
IcpFzS_QM9Z-mXPFnWiw0T9l1YvLTHo--eRrT8KnlApbgR7jhxSOyA==
intro.webp
www.threatfabric.com/hubfs/Threatfabric/images/blog/vultur/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.threatfabric.com/hubfs/Threatfabric/images/blog/vultur/intro.webp
Requested by
Host: www.threatfabric.com
URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
199.60.103.2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ba0fb7eb234cf14effdb01366ff010b301b24cf0a1fb044c4be2c4721d72603
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.threatfabric.com/blogs/vultur-v-for-vnc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.107 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
x-amz-meta-cache-tag
F-104218203667,FD-104219350384,P-6701575,FLS-ALL
age
208190
x-amz-request-id
XD05RD0521RSKFPH
x-amz-server-side-encryption
AES256
edge-cache-tag
F-104218203667,FD-104219350384,P-6701575,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
etag
"615fc511d04f396d0723f03a50467210"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1677479117397
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
date
Sat, 13 Apr 2024 04:55:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 f51f3da7e87f0e92f1fbd7965ab3105a.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
QKJzbZPyDpfSV3YiKCcyTn9cfkLimWwS
x-amz-cf-pop
TXL50-P5
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
cache-tag
F-104218203667,FD-104219350384,P-6701575,FLS-ALL
x-amz-meta-index-tag
all
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400
content-length
50912
x-amz-id-2
ssK1aIF5PrF5rrxipHb8s1tWxYdEdTsU2ZegEHz7uz0dAAeaEu9gEUIxoCMOsa/qyctmRZJKFj7reJGKi3OGsg==
last-modified
Mon, 27 Feb 2023 06:25:18 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aMRmNRrKO6miFF7zzAs0P%2FvhCcllRr0jBxUDIK7XZwpaoLTQH82MOAU0ozE6yZoljv3uQKAHUtKrbecVk7KXYPaIzz6PSSuq7q2Hqc3Q8g4Wkv5bQZGAdJtDBazNQAhqhgWxxKol"}],"group":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
8738dcf44a32451c-TXL
timing-allow-origin
d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id
jD2fVjNvoYZYAKUcuRqh_Yv3V8QRcH-iGay8JiJ30OibMdBXXmU5zw==
insight.min.js
snap.licdn.com/li.lms-analytics/ 		48 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.threatfabric.com
URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1490 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6cc4c722a50b4152194b13e7e3c8a1a5a5f23b17988f8fa85404394efc5c0984
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.threatfabric.com/blogs/vultur-v-for-vnc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.107 Safari/537.36

Response headers

date
Sat, 13 Apr 2024 04:55:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 09 Apr 2024 07:42:51 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=62135
accept-ranges
bytes
content-length
17238
all.js
connect.facebook.net/en_GB/ 		0
0
widgets.js
platform.twitter.com/ 		0
0
has-permission-json
app.hubspot.com/content-tools-menu/api/v1/tools-menu/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.hubspot.com/content-tools-menu/api/v1/tools-menu/has-permission-json?portalId=6701575
Requested by
Host: www.threatfabric.com
URL: https://www.threatfabric.com/hs/hsstatic/HubspotToolsMenu/static-1.321/js/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options no-sniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.threatfabric.com/blogs/vultur-v-for-vnc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.107 Safari/537.36

Response headers

date
Sat, 13 Apr 2024 04:55:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
no-sniff
cf-cache-status
DYNAMIC
x-hs-worker-debug-mode
false
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
4bb2f577-4454-4bf9-89d5-c59a3229e324
x-envoy-upstream-service-time
7
x-evy-trace-route-configuration
listener_https/all
reporting-endpoints
default="https://send.hsbrowserreports.com/csp/reports?cfRay=8738dcf58a359945&resource=unknown"
x-evy-trace-listener
listener_https
x-request-id
4bb2f577-4454-4bf9-89d5-c59a3229e324
server
cloudflare
vary
origin, Accept-Encoding
access-control-allow-methods
GET
report-to
{"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]}
access-control-allow-origin
https://www.threatfabric.com
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-68b7f7fbff-bsp24
cache-control
max-age=0
access-control-allow-credentials
true
x-evy-trace-virtual-host
all
cf-ray
8738dcf58a359945-FRA
collect
region1.google-analytics.com/g/ 		0
257 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-SZHLN4DST6&gtm=45je44a0v896951265za200&_p=1712984118395&gcs=G100&gcd=13p3pPp2p5&npa=1&dma_cps=-&dma=1&gdid=dZTQ1Zm&cid=285991059.1712984119&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=denied&_s=1&sid=1712984118&sct=1&seg=0&dl=https%3A%2F%2Fwww.threatfabric.com%2Fblogs%2Fvultur-v-for-vnc&dt=Vultur%2C%20with%20a%20V%20for%20VNC&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3130
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SZHLN4DST6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.threatfabric.com/blogs/vultur-v-for-vnc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.107 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Apr 2024 04:55:18 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.threatfabric.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3969834&time=1712984118653&li_adsId=51548eae-57ac-4a9e-83de-287cf2d43187&url=https%3A%2F%2Fwww.threatfabric.com%2Fblogs%2Fvultur-v-for-vnc
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3969834&time=1712984118653&li_adsId=51548eae-57ac-4a9e-83de-287cf2d43187&url=https%3A%2F%2Fwww.threatfabric.com%2Fblogs%2Fvultur-v-for-vnc&cookies...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3969834%26time%3D1712984118653%26li_adsId%3D51548eae-57ac-4a9e-83de-287cf2d43187%...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3969834&time=1712984118653&li_adsId=51548eae-57ac-4a9e-83de-287cf2d43187&url=https%3A%2F%2Fwww.threatfabric.com%2Fblogs%2Fvultur-v-for-vnc&cookies...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3969834&time=1712984118653&li_adsId=51548eae-57ac-4a9e-83de-287cf2d43187&url=https%3A%2F%2Fwww.threatfabric.com%2Fblogs%2Fvultur-v-for-vnc&cookie...
0
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3969834&time=1712984118653&li_adsId=51548eae-57ac-4a9e-83de-287cf2d43187&url=https%3A%2F%2Fwww.threatfabric.com%2Fblogs%2Fvultur-v-for-vnc&cookiesTest=true&liSync=true&e_ipv6=AQIk9ttLHV8CLQAAAY7Vz1iK-5DH7DcsjtyS0tJTZqaWXLt72FsdzHG0PLUNGDhiE8GKMHo
Requested by
Host: www.threatfabric.com
URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.threatfabric.com/blogs/vultur-v-for-vnc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.107 Safari/537.36

Response headers

date
Sat, 13 Apr 2024 04:55:19 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 464A58DD27354EF0B6575F84FAB453F2 Ref B: FRAEDGE1214 Ref C: 2024-04-13T04:55:19Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYV8zH171Oi5dN4nBWoUg==

Redirect headers

date
Sat, 13 Apr 2024 04:55:19 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 12F0DAE4B399483DAE3380419E003E6A Ref B: FRAEDGE1120 Ref C: 2024-04-13T04:55:19Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3969834&time=1712984118653&li_adsId=51548eae-57ac-4a9e-83de-287cf2d43187&url=https%3A%2F%2Fwww.threatfabric.com%2Fblogs%2Fvultur-v-for-vnc&cookiesTest=true&liSync=true&e_ipv6=AQIk9ttLHV8CLQAAAY7Vz1iK-5DH7DcsjtyS0tJTZqaWXLt72FsdzHG0PLUNGDhiE8GKMHo
x-li-proto
http/2
content-length
0
x-li-uuid
AAYV8zHxsW2Hzp1HLgXlEg==
6701575.js
js.hs-analytics.net/analytics/1712984100000/ 		68 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1712984100000/6701575.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/6701575.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a0a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff2917ed998d8092726afdb4591687d4f95a04ba8799c69f3266794c808411a3

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.threatfabric.com/blogs/vultur-v-for-vnc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.107 Safari/537.36

Response headers

date
Sat, 13 Apr 2024 04:55:18 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
GVWDRVK2HQ147WSX
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
47982592-9806-4633-877e-c5aa2f7fbce9
x-envoy-upstream-service-time
38
x-amz-id-2
hmiBr/hyDHfga65p9/jcAU1scVioGPI5wPBFGZx2juSNJdUUVRztlPP1P5VobYNLNquy0VKzPVI=
x-evy-trace-listener
listener_https
x-request-id
47982592-9806-4633-877e-c5aa2f7fbce9
x-evy-trace-route-configuration
listener_https/all
last-modified
Fri, 12 Apr 2024 16:37:59 GMT
server
cloudflare
etag
W/"4294a0a71f84a2a673dfbe198f722109"
vary
origin, Accept-Encoding
content-type
text/javascript
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-6685c9958f-pvzd8
cache-control
max-age=300,public
access-control-allow-credentials
false
cf-ray
8738dcf65a884d84-FRA
expires
Sat, 13 Apr 2024 05:00:18 GMT
collectedforms.js
js.hscollectedforms.net/ 		69 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hscollectedforms.net/collectedforms.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/6701575.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:6efe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c76dd89a767afd512ce6c6370424f39a632ebb736c16ac37952fbfd97575448
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.threatfabric.com/blogs/vultur-v-for-vnc
Origin
https://www.threatfabric.com
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.107 Safari/537.36

Response headers

content-encoding
br
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.491/bundles/project.js&cfRay=8738dcf65dd0912b-FRA
x-amz-replication-status
COMPLETED
x-evy-trace-listener
listener_https
etag
W/"020909a609cf986b4a8a88cfb577a8db"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
cache-control
s-maxage=600, max-age=300
x-hs-target-asset
collected-forms-embed-js/static-1.491/bundles/project.js
date
Sat, 13 Apr 2024 04:55:18 GMT
x-amz-version-id
_rd02ux3UWoVQsATQDf.p_LxkLPJ6umh
via
1.1 fb1dc2e3bf4105b403e3bfa3a5067970.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
EXPIRED
x-amz-cf-pop
IAD12-P3
x-hubspot-correlation-id
2d2f07e6-c228-4db7-b263-a73828ae0621
x-cache
Miss from cloudfront
cache-tag
staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
38
x-evy-trace-route-configuration
listener_https/all
x-request-id
2d2f07e6-c228-4db7-b263-a73828ae0621
last-modified
Wed, 10 Apr 2024 18:06:23 UTC
server
cloudflare
access-control-max-age
3000
x-hs-cache-status
MISS
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-68b7f7fbff-wwmrm
cf-ray
8738dcf65dd0912b-FRA
x-amz-cf-id
pgCnkZ21aHrcQSO-zQBdghkBApLpsBgqYgH_JxrkHV5_I4s86ODc2w==
web-interactives-embed.js
js.hubspot.com/ 		82 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hubspot.com/web-interactives-embed.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/6701575.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c19b3e1b4412d65f2867422b94958aef88fb30739eb739e2c7dc2ea53dc0e38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.threatfabric.com/blogs/vultur-v-for-vnc
Origin
https://www.threatfabric.com
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.107 Safari/537.36

Response headers

content-encoding
br
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.1057/bundles/project.js&cfRay=8738dcf65ad99963-FRA
x-amz-replication-status
COMPLETED
x-evy-trace-listener
listener_https
etag
W/"dd91c2fb61034a195eb738df46ca4b3a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
cache-control
max-age=600
x-hs-target-asset
web-interactives-embed/static-2.1057/bundles/project.js
date
Sat, 13 Apr 2024 04:55:18 GMT
x-amz-version-id
8Bjrd.XOcIxETBdGX4ErcbsqVOQTF3Nz
via
1.1 3042bd56e0ca0a7910df89f6b5e95e9e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
IAD12-P3
x-hubspot-correlation-id
fe51ad2b-2d12-40b3-b693-2c94831f2681
x-cache
Hit from cloudfront
cache-tag
staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
0
x-evy-trace-route-configuration
listener_https/all
x-request-id
fe51ad2b-2d12-40b3-b693-2c94831f2681
last-modified
Fri, 12 Apr 2024 14:29:24 UTC
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pdVkOtqc%2FYf%2FL3%2FUQllWoRYuIqb%2BPHxjtcbqTcPe2KohH9tKul%2BMiV%2BZLfeBsAkUd9vXpPQNGCI43cdnW8Bwchdi5xuP3NRGF9vNkDffln38jdUft72rp2h46gkI5ZDWM87GknroI5J5q81T"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status
HIT
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-68b7f7fbff-z4v48
cf-ray
8738dcf65ad99963-FRA
x-amz-cf-id
NVl5XGCkouDoOlRmrBqkhRJ7AATxvIYcxuKzK-ptdvLYKPFDog1PMA==
fb.js
js.hsadspixel.net/ 		6 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsadspixel.net/fb.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/6701575.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:e4a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66e9a17c05981ae02d122a6845f9f904f13edeae0973af6fdbc44bb77ee5bbf0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.threatfabric.com/blogs/vultur-v-for-vnc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.107 Safari/537.36

Response headers

date
Sat, 13 Apr 2024 04:55:18 GMT
x-amz-version-id
NPmBAW9YLDyQDhAGPmBdyF1DJfeS0dQT
via
1.1 66b6cd04ec22251498906e833eb08668.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
x-amz-cf-pop
IAD12-P3
age
0
x-amz-server-side-encryption
AES256
x-evy-trace-route-service-name
envoyset-translator
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.546/bundles/pixels-release.js&cfRay=8738dcf2ac713738-FRA
x-cache
Hit from cloudfront
x-hubspot-correlation-id
7fb49122-7278-49dc-9ec3-c6dc769c79c7
cache-tag
staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
content-encoding
br
x-envoy-upstream-service-time
0
x-amz-replication-status
COMPLETED
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
7fb49122-7278-49dc-9ec3-c6dc769c79c7
last-modified
Thu, 04 Apr 2024 13:54:33 UTC
server
cloudflare
etag
W/"437693b047b4419d0e2549e3f640e3c1"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-hs-cache-status
HIT
x-evy-trace-virtual-host
all
cache-control
max-age=600
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-68b7f7fbff-hdb65
cf-ray
8738dcf65d662bcb-FRA
x-amz-cf-id
KOiTC8dKTWmB5rOGyvxLMXv5lyzW2tQKJWx5Tw1JpbWoOxqLLDsXxQ==
x-hs-target-asset
adsscriptloaderstatic/static-1.546/bundles/pixels-release.js
banner.js
js.hs-banner.com/v2/6701575/ 		75 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/v2/6701575/banner.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/6701575.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:22e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c96eab438c4bc128f862f0556046760cb4893c65e60247343285134c358a7eb

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.threatfabric.com/blogs/vultur-v-for-vnc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.107 Safari/537.36

Response headers

date
Sat, 13 Apr 2024 04:55:19 GMT
x-amz-version-id
Qe5qgKVby8unm3nzHgJJJXElT.mlTRpx
content-encoding
br
cf-cache-status
REVALIDATED
x-amz-request-id
P054RJGCG8MDPQM1
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
a2958314-9929-48f0-88da-b5f63be68a13
x-envoy-upstream-service-time
57
x-amz-id-2
ekS9rf7JLLlbDPkbk91kvzcHGmuKvb9v+lt609P1hxfzYaFk6pjG/ozlhlt85UWmU4nXse8Zxho=
x-evy-trace-listener
listener_https
x-request-id
a2958314-9929-48f0-88da-b5f63be68a13
x-evy-trace-route-configuration
listener_https/all
last-modified
Tue, 09 Apr 2024 13:30:00 GMT
server
cloudflare
etag
W/"e71fdcfbfd6a8c0161d816121bb2a522"
access-control-max-age
604800
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://www.threatfabric.com
x-evy-trace-virtual-host
all
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300,public
access-control-allow-credentials
true
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-6685c9958f-pvzd8
vary
origin, Accept-Encoding
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
8738dcf64beb9bdd-FRA
expires
Sat, 13 Apr 2024 05:00:19 GMT
combinedConfigs
cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/ 		1 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=6701575&currentUrl=https%3A%2F%2Fwww.threatfabric.com%2Fblogs%2Fvultur-v-for-vnc&contentId=104202776721
Requested by
Host: js.hubspot.com
URL: https://js.hubspot.com/web-interactives-embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef25a2301c54ff6ac035bd64f30ef99c65c917184ab36331b867c2a75314476e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.threatfabric.com/blogs/vultur-v-for-vnc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.107 Safari/537.36

Response headers

date
Sat, 13 Apr 2024 04:55:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
1550f662-d58d-4d53-b887-1ef2187eb65f
content-encoding
br
x-envoy-upstream-service-time
91
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
1550f662-d58d-4d53-b887-1ef2187eb65f
server
cloudflare
vary
origin
access-control-allow-methods
OPTIONS, GET
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.threatfabric.com
x-evy-trace-virtual-host
all
access-control-max-age
180
access-control-allow-credentials
true
cache-control
max-age=0, no-cache, no-store
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vUasXL0EY8QucAQkgGX1ubVrgim3%2B5WAHpuk3Q772FPHNB1TnZa2FFxkyYC4HipR9TPmc6ajF3jSwi9Wbc1nZw5VxGjizLaLGzAvpzPfRIPcbzFJRtrOU2%2FHvR5KxNXj7Hlc6lkw%2F8uSzRq%2BDF%2F4rSTuFJzEEb%2FIBwE%3D"}],"group":"cf-nel","max_age":604800}
x-robots-tag
noindex, follow
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray
8738dcf77b7d9963-FRA
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-9fd6b4b-m6nvf
json
forms.hscollectedforms.net/collected-forms/v1/config/ 		115 B
437 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=6701575&utk=
Requested by
Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:6efe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24ff2277e918bba1af6262f196757d83d3700f77029576dda90fd36b14858731
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.threatfabric.com/blogs/vultur-v-for-vnc
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.107 Safari/537.36

Response headers

date
Sat, 13 Apr 2024 04:55:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
e6f180b3-a386-4302-abc3-24a55f8ddef8
x-envoy-upstream-service-time
8
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
e6f180b3-a386-4302-abc3-24a55f8ddef8
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.threatfabric.com
x-evy-trace-virtual-host
all
cache-control
max-age=0
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-68b7f7fbff-n7dww
access-control-max-age
180
x-robots-tag
none
access-control-allow-headers
*
cf-ray
8738dcf7aea9912b-FRA
view
js.hs-banner.com/v2/activity/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/v2/activity/view
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:22e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.threatfabric.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.107 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin
https://www.threatfabric.com
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-max-age
604800
cf-cache-status
DYNAMIC
cf-ray
8738dcf93eee5c26-FRA
content-length
0
content-type
application/octet-stream
date
Sat, 13 Apr 2024 04:55:19 GMT
server
cloudflare
timing-allow-origin
*
vary
origin
x-envoy-upstream-service-time
0
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-6685c9958f-fp48c
x-evy-trace-virtual-host
all
x-hubspot-correlation-id
ea91b5d2-d828-4209-844f-25c5c5bbfb35
x-request-id
ea91b5d2-d828-4209-844f-25c5c5bbfb35
cf-location
js.hs-banner.com/v2/ 		2 B
145 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/v2/cf-location
Requested by
Host: js.hs-banner.com
URL: https://js.hs-banner.com/v2/6701575/banner.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:22e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6814ef46f686990cf4e946f966167b0507e1d642c44e51f61bffb0bba2d4672b

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.threatfabric.com/blogs/vultur-v-for-vnc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.107 Safari/537.36

Response headers

date
Sat, 13 Apr 2024 04:55:19 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=1500
cf-ray
8738dcf93eed5c26-FRA
content-length
2
css2
fonts.googleapis.com/ 		2 KB
865 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,400;0,700;1,400&display=swap
Requested by
Host: js.hs-banner.com
URL: https://js.hs-banner.com/v2/6701575/banner.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fba31c2cd9699431dba47604216525f9bcc0cb1d5980fbae9b19c8b86454d2fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.threatfabric.com/blogs/vultur-v-for-vnc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.107 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 13 Apr 2024 04:55:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 13 Apr 2024 03:31:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 13 Apr 2024 04:55:19 GMT
view
js.hs-banner.com/v2/activity/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/v2/activity/view
Requested by
Host: js.hs-banner.com
URL: https://js.hs-banner.com/v2/6701575/banner.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:22e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.threatfabric.com/blogs/vultur-v-for-vnc
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.107 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 13 Apr 2024 04:55:19 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator, envoyset-translator
x-hubspot-correlation-id
a293fdbc-9c94-41f6-8188-8dbc54220885
x-envoy-upstream-service-time
28
x-evy-trace-route-configuration
listener_http/all, listener_https/all
x-evy-trace-listener
listener_http, listener_https
x-request-id
a293fdbc-9c94-41f6-8188-8dbc54220885
server
cloudflare
vary
origin
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-evy-trace-virtual-host
all, all
x-evy-trace-served-by-pod
iad02/private-hubapi-td/envoy-proxy-76d78f4b75-2hsx6, iad02/analytics-js-proxy-td/envoy-proxy-6685c9958f-vhl7w
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-origin
https://www.threatfabric.com
access-control-allow-credentials
true
access-control-max-age
604800
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
8738dcfb4fb95c26-FRA
counters.gif
perf-na1.hsforms.com/embed/v3/ 		35 B
925 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1
Requested by
Host: www.threatfabric.com
URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.125 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.threatfabric.com/blogs/vultur-v-for-vnc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.107 Safari/537.36

Response headers

date
Sat, 13 Apr 2024 04:55:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
57690d4e-3d21-45d4-aecd-e027b533b9cd
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=86400
content-length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
57690d4e-3d21-45d4-aecd-e027b533b9cd
last-modified
Sat, 13 Apr 2024 04:55:19 GMT
server
cloudflare
vary
origin, Accept-Encoding
content-type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-9fd6b4b-mqq5v
access-control-expose-headers
X-Origin-Hublet
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
accept-ranges
bytes
x-robots-tag
none
cf-ray
8738dcf95aba048f-FRA
hs-web-interactive-6701575-139494617102
threatfabric-6701575.hs-sites.com/ Frame 9C40 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://threatfabric-6701575.hs-sites.com/hs-web-interactive-6701575-139494617102
Requested by
Host: js.hubspot.com
URL: https://js.hubspot.com/web-interactives-embed.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.192.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.threatfabric.com/blogs/vultur-v-for-vnc
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.107 Safari/537.36

Response headers

access-control-allow-credentials
false
alt-svc
h3=":443"; ma=86400
cache-control
s-maxage=7200,max-age=5
cache-tag
CT-139494617102,P-6701575,PGS-ALL,SW-2
cf-cache-status
HIT
cf-ray
8738dcf95b5644fe-TXL
content-encoding
br
content-security-policy
upgrade-insecure-requests
content-type
text/html;charset=utf-8
date
Sat, 13 Apr 2024 04:55:21 GMT
edge-cache-tag
CT-139494617102,P-6701575,PGS-ALL,SW-2
last-modified
Sat, 13 Apr 2024 01:32:47 GMT
link
</hs/hsstatic/cos-i18n/static-1.53/bundles/project.js>; rel=preload; as=script
server
cloudflare
vary
origin, Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
64
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
iad02/cms-bots-td/envoy-proxy-857b4cddf4-5nndl
x-evy-trace-virtual-host
all
x-hs-cache-config
BrowserCache-5s-EdgeCache-7200s
x-hs-content-campaign-id
7436f6e2-b46a-4ea1-9c6e-4aa7d59b7348
x-hs-content-id
139494617102
x-hs-hub-id
6701575
x-hubspot-correlation-id
c39b8a76-7462-4b56-b204-ef6178d3cb3f
x-request-id
c39b8a76-7462-4b56-b204-ef6178d3cb3f
x-robots-tag
none
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,400;0,700;1,400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.threatfabric.com
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.107 Safari/537.36

Response headers

date
Tue, 09 Apr 2024 02:38:45 GMT
x-content-type-options
nosniff
age
353794
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Apr 2025 02:38:45 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,400;0,700;1,400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.threatfabric.com
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.107 Safari/537.36

Response headers

date
Sat, 06 Apr 2024 19:07:30 GMT
x-content-type-options
nosniff
age
553669
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 06 Apr 2025 19:07:30 GMT
/
px.ads.linkedin.com/wa/ 		0
0
__ptq.gif
track.hubspot.com/ 		45 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=2478958663&v=1.1&a=6701575&pi=104202776721&ct=blog-post&ccu=https%3A%2F%2Fwww.threatfabric.com%2Fblogs%2Fvultur-v-for-vnc&cpi=104202776721&cgi=101307487134&lpi=104202776721&lvi=104202776721&lvc=en&pu=https%3A%2F%2Fwww.threatfabric.com%2Fblogs%2Fvultur-v-for-vnc&t=Vultur%2C+with+a+V+for+VNC&cts=1712984122771&rv=1&vi=413b0906b53d6e70acbf753afd155459&nc=true&ce=false&cc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.threatfabric.com/blogs/vultur-v-for-vnc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.107 Safari/537.36

Response headers

date
Sat, 13 Apr 2024 04:55:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
79c7cbe3-166a-4061-abd1-2297a893e32e
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
12
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
79c7cbe3-166a-4061-abd1-2297a893e32e
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SF0QM7OkzwcgGA4ITEbJUPbUBMho%2B90zn23ejRnPjFwqbbk3efHFbSM1AZ7cu3%2Fh%2B3y%2Flbnd7FBdlgxA%2BMBMEKz2r6MzrZDRo%2Fq%2BlMlODJ%2FJ2qXeY6r9TJSHPXuEGjBi49ipfm76OpwHb6bBWEKv"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-76d96f8b5d-jm4tn
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
8738dd0f7b5b9945-FRA
x-robots-tag
none
counters.gif
perf-na1.hsforms.com/embed/v3/ 		35 B
578 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perf-na1.hsforms.com/embed/v3/counters.gif?key=interactive-shown&value=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.125 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.threatfabric.com/blogs/vultur-v-for-vnc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.107 Safari/537.36

Response headers

date
Sat, 13 Apr 2024 04:55:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
9130a056-1241-4765-a844-5c5dc9eba064
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=86400
content-length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
9130a056-1241-4765-a844-5c5dc9eba064
last-modified
Sat, 13 Apr 2024 04:55:22 GMT
server
cloudflare
vary
origin, Accept-Encoding
content-type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-9fd6b4b-glsj5
access-control-expose-headers
X-Origin-Hublet
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
accept-ranges
bytes
x-robots-tag
none
cf-ray
8738dd0f7a70048f-FRA
blank001.gif
static.hsappstatic.net/static-hubspot-com/static-1.270519761/img/trackers/
Redirect Chain
  • https://cta-service-cms2.hubspot.com/web-interactives/public/v1/track/view?webInteractiveId=266333855879&containerType=SLIDE_IN&portalId=6701575&audienceId=null&campaignId=7436f6e2-b46a-4ea1-9c6e-4...
  • https://static.hubspot.com/img/trackers/blank001.gif
  • https://static.hsappstatic.net/static-hubspot-com/static-1.270519761/img/trackers/blank001.gif
43 B
643 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.hsappstatic.net/static-hubspot-com/static-1.270519761/img/trackers/blank001.gif
Protocol
H2
Server
2606:4700::6811:ae5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
115c7f3cf61e4ec19070b9e59e20e78756d39d193eb9b544065059b9935d2491
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.threatfabric.com/blogs/vultur-v-for-vnc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.107 Safari/537.36

Response headers

date
Sat, 13 Apr 2024 04:55:23 GMT
via
1.1 3345a8f17bb96a1199a195b00a8d2c0e.cloudfront.net (CloudFront)
x-amz-version-id
MFfZlkR4U8_6aknbgflTSIqo4fNbniK3
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
201322
x-amz-cf-pop
CDG52-P2
cf-polished
origSize=49, status=webp_bigger
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
cf-bgj
imgq:85,h2pri
last-modified
Thu, 15 Apr 2021 16:47:19 GMT
server
cloudflare
etag
"51416c7ff0b9d7efc8c9b16d84052fab"
vary
Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rn9YpizjF71SDeP37fxRJ9GwxImB7jSvGIvEI67Qz7M6flzDidD6Lmqp2aqrgW%2BTm99chEDKPL0Y7pjzHnDRoFQ%2FpqoKKKath%2Bdd9CQVzT8aTxe4Do4pqQDE91Ywf4AwJ18IPsGmL5eEZ6Ph63T8b%2Bx1Tp8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8738dd10dc5d39c4-FRA
x-amz-cf-id
E9G1DroEnRDN8l7Ya_K1Kxq1EqqVI2zdYLrYNPOQ7-taIkJWueVmog==
expires
Sun, 13 Apr 2025 04:55:23 GMT

Redirect headers

date
Sat, 13 Apr 2024 04:55:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KpKvlSoOPpyu5ZrCB3bs5MkTrPVexips4JHScKvT2zNjyDVWS2YgFNyf8f00SVbHMW8tqu25eD7RnoNru1bFrrSv1uCrdAR58cdXT4VufuJQW2RhiXnTZvgkC9GtEB5qYaacVkL3PfJtfy7MCZ2bTw%3D%3D"}],"group":"cf-nel","max_age":604800}
location
https://static.hsappstatic.net/static-hubspot-com/static-1.270519761/img/trackers/blank001.gif
cache-control
max-age=3600
cf-ray
8738dd108baf9945-FRA
expires
Sat, 13 Apr 2024 05:55:22 GMT
threatfabric-icon-dark.svg
www.threatfabric.com/hubfs/Threatfabric/favicon/ 		467 B
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.threatfabric.com/hubfs/Threatfabric/favicon/threatfabric-icon-dark.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
199.60.103.2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
57a5da7ac787966a0343f72308a274a6efbe29b054c45a39006d357f9a7dd4db
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.threatfabric.com/blogs/vultur-v-for-vnc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.107 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
x-amz-meta-cache-tag
F-113881471036,FD-113881358172,P-6701575,FLS-ALL
age
663801
x-amz-request-id
J0J59ZEK3QPQ35N0
x-amz-server-side-encryption
AES256
edge-cache-tag
F-113881471036,FD-113881358172,P-6701575,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
etag
W/"fce2ca26ec3fee39e3f2c79385fef303"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1683027369208
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
date
Sat, 13 Apr 2024 04:55:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 ca4bc82573be586920ccabe8e2946522.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
QPlhIhds5bQd9SFyVnWczTf6KRniE2eW
x-amz-cf-pop
WAW51-P1
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
cache-tag
F-113881471036,FD-113881358172,P-6701575,FLS-ALL
x-amz-meta-index-tag
all
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400
x-amz-id-2
d+nvMIpGc0jRGtiW6FWdtahzk3zgJ9yoN6JZ2y0Tfbli+tYGpCH45VGu/0ZF0qb8sm9HhIs8Ocs=
last-modified
Tue, 02 May 2023 11:36:10 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FA9w5ClNtFSvdWWe0v5UwEdYsP0T5NLLDKFDfBy7DEe83gUaOdOs%2Bo6I027rb1O77C8eZ3uxqLkUzHnqny91ZHWTl3wOxDFVdgHIxGFC7wU9VX8VYbL5Jr9DffDHvQwqsSm3CFmw"}],"group":"cf-nel","max_age":604800}
cf-ray
8738dd0f7997451c-TXL
timing-allow-origin
d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id
rtgPC6p9ebz4Bc5Ih0ObX8wVuJzjKo6lqxnA0na0ypljSmR0j2A8pA==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
platform.linkedin.com
URL
https://platform.linkedin.com/in.js
Domain
connect.facebook.net
URL
https://connect.facebook.net/en_GB/all.js
Domain
platform.twitter.com
URL
https://platform.twitter.com/widgets.js
Domain
px.ads.linkedin.com
URL
https://px.ads.linkedin.com/wa/

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| _hsp function| gtag boolean| useGoogleConsentModeV2 object| dataLayer boolean| _hsGoogleConsentRunOnce function| $ function| jQuery object| hsVars function| hs_i18n_log function| hs_i18n_substituteStrings function| hs_i18n_insertPlaceholders function| hs_i18n_getMessage undefined| module_2712622 function| js_beautify object| _self object| Prism object| _hsq string| _linkedin_partner_id object| _linkedin_data_partner_ids function| lintrk function| ScrollReveal function| EvEmitter function| imagesLoaded function| jQueryBridget function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry function| Typed function| TimezZ object| tocbot function| jarallax number| headerHeight object| google_tag_manager object| google_tag_data object| gaGlobal boolean| _already_called_lintrk boolean| PIXELS_RAN object| enabledEventSettings object| hsCtasOnReady object| __PRIVATE__HubspotCtaClient object| hsCallsToActionsReady object| __hsWebInteractiveInstance object| hsConversationsOnReady object| HubSpotCallsToActions boolean| hubspot_web_interactives_running object| _paq function| sanitizeKey boolean| _hstc_loaded object| __hsCollectedFormsDebug object| hsCookieBanner boolean| _hspb_loaded boolean| _hspb_ran boolean| google-font-injected object| ORIBILI boolean| _hstc_ran string| __hsUserToken number| expireDateTime

14 Cookies

Domain/Path Name / Value
.linkedin.com/ Name: li_sugr
Value: e5f205b2-fc50-4282-a544-a91cfec9e70a
.linkedin.com/ Name: bcookie
Value: "v=2&bfc6f3f6-00a1-4248-8181-a6f1adaa51e9"
.linkedin.com/ Name: lidc
Value: "b=TGST01:s=T:r=T:a=T:p=T:g=3300:u=1:x=1:i=1712984118:t=1713070518:v=2:sig=AQEnf7xq5NnfhngHuCFEa9bJwXoRcn88"
.linkedin.com/ Name: UserMatchHistory
Value: AQLdXbGAD8ORYQAAAY7Vz1cJFKf30cTtA2e32E2NtuyD8gR1V-Qui_sb8D12wjOH6Dr1Va-oUpb3Lw
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQILq-uRJsHbLAAAAY7Vz1cJtdOVRFxE2_9hGczE2NlhCHM3vih6Kzize6ir-WDijQzdKByXTGkeYd66yNesdQ
.www.linkedin.com/ Name: bscookie
Value: "v=1&20240413045519b6f7a925-a73a-4706-801a-3ff4a15e5f8fAQGBxQM04cN-k4DO8MCJrgywo_quld2v"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MTI5ODQxMTk7MjswMjHSru/ieDkEqdPl+UplpJ7ogNEIFdv0w73sKYZ16oDGXw==
.hsforms.com/ Name: __cf_bm
Value: 1fwYsS2g0u5xiuXxqBtRCLSZxUEI3nGrA2xjP3B30.4-1712984119-1.0.1.1-GzevOg1CmZ7h83vu7cpxRJFw7Uunl1jlxxFjYJWvXHSQ4ULelNtQbEglQNW4OrqtWgPYUis2P59E3TgMgykAHg
.hsforms.com/ Name: _cfuvid
Value: UTNGNle2L2_2fOVTurEsLO_8BczRGQsES8pM1ST630M-1712984119366-0.0.1.1-604800000
.hs-sites.com/ Name: __cfruid
Value: 854847ec602b34448851a6eca1e201f2f33eb1ba-1712984121
.www.threatfabric.com/ Name: __cf_bm
Value: SBO8pUsTqwzVm5lCmbspjDPkbZ4irYLU2JjQpurQHxc-1712984122-1.0.1.1-nzl6bBPOpvsrIJ4SthH6Pok7tUEDw85p7pFfyv9.ss6RNvPrwj01FaQ0OnycEm8A7d7qD71xdf30gWGIadB5Dg
.www.threatfabric.com/ Name: __cfruid
Value: e03bb95c08a1567a29047e1a3a3caf7da5115402-1712984122
.hubspot.com/ Name: __cf_bm
Value: _meWoo.aJrfVufv2b867rr6Hr1oW4ljNG0vLd3yyjIM-1712984122-1.0.1.1-LkbbEcySI4ztuc6Y0iktXEGdT8wn5VkKN3.dGldUjtX8hE45yIoenBhxb7nwiPW1WxewfY3yi8ydn8KBRHoyXw
.hubspot.com/ Name: _cfuvid
Value: 2TZL8mwLOZnlRiOSb7LIy5aB5krIIDvhMI.Zs2StE3w-1712984122915-0.0.1.1-604800000

62 Console Messages

Source Level URL
Text
security error URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Message:
Refused to load the script 'https://platform.linkedin.com/in.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' *.hubspot.com cdnjs.cloudflare.com *.hubspot.net *.hs-scripts.com *.hubspotfeedback.com www.googletagmanager.com www.google.com/recaptcha/ www.gstatic.com/recaptcha/ maps.googleapis.com static.hsappstatic.net *.hs-banner.com *.hs-analytics.net *.hsadspixel.net js.hscta.net *.hscollectedforms.net *.hsleadflows.net *.hsforms.com *.hsforms.net feedback.hubapi.com *.usemessages.com snap.licdn.com *.doubleclick.net". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc(Line 2188)
Message:
Refused to load the script 'https://connect.facebook.net/en_GB/all.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' *.hubspot.com cdnjs.cloudflare.com *.hubspot.net *.hs-scripts.com *.hubspotfeedback.com www.googletagmanager.com www.google.com/recaptcha/ www.gstatic.com/recaptcha/ maps.googleapis.com static.hsappstatic.net *.hs-banner.com *.hs-analytics.net *.hsadspixel.net js.hscta.net *.hscollectedforms.net *.hsleadflows.net *.hsforms.com *.hsforms.net feedback.hubapi.com *.usemessages.com snap.licdn.com *.doubleclick.net". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc(Line 2190)
Message:
Refused to load the script 'https://platform.twitter.com/widgets.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' *.hubspot.com cdnjs.cloudflare.com *.hubspot.net *.hs-scripts.com *.hubspotfeedback.com www.googletagmanager.com www.google.com/recaptcha/ www.gstatic.com/recaptcha/ maps.googleapis.com static.hsappstatic.net *.hs-banner.com *.hs-analytics.net *.hsadspixel.net js.hscta.net *.hscollectedforms.net *.hsleadflows.net *.hsforms.com *.hsforms.net feedback.hubapi.com *.usemessages.com snap.licdn.com *.doubleclick.net". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
other warning URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security error URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Message:
Refused to connect to 'https://px.ads.linkedin.com/wa/' because it violates the following Content Security Policy directive: "connect-src 'self' *.hubspot.com *.hubapi.com *.hs-banner.com *.hscollectedforms.net *.hsforms.com js.hscta.net *.google-analytics.com www.google.com maps.googleapis.com *.doubleclick.net".
other warning URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' static.hsappstatic.net; script-src 'self' 'unsafe-inline' *.hubspot.com cdnjs.cloudflare.com *.hubspot.net *.hs-scripts.com *.hubspotfeedback.com www.googletagmanager.com www.google.com/recaptcha/ www.gstatic.com/recaptcha/ maps.googleapis.com static.hsappstatic.net *.hs-banner.com *.hs-analytics.net *.hsadspixel.net js.hscta.net *.hscollectedforms.net *.hsleadflows.net *.hsforms.com *.hsforms.net feedback.hubapi.com *.usemessages.com snap.licdn.com *.doubleclick.net; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.hubspot.net static.hsappstatic.net fonts.googleapis.com; img-src 'self' data: *.hubspot.com *.hubspot.net static.hsappstatic.net *.hsforms.com *.hsforms.net js.hscta.net *.linkedin.com www.google.com maps.gstatic.com maps.googleapis.com; font-src 'self' cdnjs.cloudflare.com *.hs-banner.com fonts.gstatic.com; connect-src 'self' *.hubspot.com *.hubapi.com *.hs-banner.com *.hscollectedforms.net *.hsforms.com js.hscta.net *.google-analytics.com www.google.com maps.googleapis.com *.doubleclick.net; child-src 'self' *.hsforms.com; frame-src 'self' *.hubspot.com *.hubspot.net *.hs-sites.com *.hsforms.com *.hsforms.net play.hubspotvideo.com www.google.com; frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.hubspot.com
cdn2.hubspot.net
cdnjs.cloudflare.com
connect.facebook.net
cta-service-cms2.hubspot.com
fonts.googleapis.com
fonts.gstatic.com
forms.hscollectedforms.net
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hscollectedforms.net
js.hubspot.com
perf-na1.hsforms.com
platform.linkedin.com
platform.twitter.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.google-analytics.com
snap.licdn.com
static.hsappstatic.net
static.hubspot.com
threatfabric-6701575.hs-sites.com
track.hubspot.com
www.googletagmanager.com
www.linkedin.com
www.threatfabric.com
connect.facebook.net
platform.linkedin.com
platform.twitter.com
px.ads.linkedin.com
104.16.192.117
104.17.25.14
104.18.160.125
104.18.88.62
13.107.42.14
199.60.103.2
2001:4860:4802:32::36
2606:4700:4400::6812:22e5
2606:4700::6810:6efe
2606:4700::6810:7574
2606:4700::6810:8dd1
2606:4700::6810:a0a8
2606:4700::6811:ae5b
2606:4700::6811:e4a3
2620:1ec:21::14
2a00:1450:4001:809::200a
2a00:1450:4001:81c::2003
2a00:1450:4001:81d::2008
2a02:26f0:3500:16::215:1490
0adb227efa2074c6ae2b5e686cf4d1949a6edfc05bd56fa81e34c9a2c69fb50a
0d65652e4a1175891a46374d16ec569329b2e667eedb5770ce7ce193fd8fd41a
115c7f3cf61e4ec19070b9e59e20e78756d39d193eb9b544065059b9935d2491
1963c1ca8e348356f2dd5442d4a96fb1aacf9d7366eabb24d122f38753cab4cd
1cd47f9815f3d112d4a99d4f88bc764a5edfe932fa5ec251829f7e2f5a25d05c
24ff2277e918bba1af6262f196757d83d3700f77029576dda90fd36b14858731
2a0581af9cdf2d6657ca04dd6b161431278711792140219fe4ac659c5965d5fd
2d5c291cc9ce12740d42109fbf4384252918103351a98793ffa71f764ea3e4cf
401925a1114f7003121630392768d35516be54a4028f01024528aeae99a45a56
42db2b6421ba0667a52a6f929b6f61decd0a6efd16ac1bde0701bcc0e132d4ea
4554c59ffaf9a86e08194f2af04f58a31cc3eff5fc829869cfcaf1b90e7fda5c
4c19b3e1b4412d65f2867422b94958aef88fb30739eb739e2c7dc2ea53dc0e38
5172f440714da51e243a13e0f93911405618326b2013313b682caa428c47e6ef
57a5da7ac787966a0343f72308a274a6efbe29b054c45a39006d357f9a7dd4db
5c76dd89a767afd512ce6c6370424f39a632ebb736c16ac37952fbfd97575448
62837a59bd4f970b87ab8e17e13820d4a84f031e02fe441e158435536d272c2a
639127081177ea5058409066f97e84fb8ffdad426754956248f4ed77b45bd606
6685b4f71edb4ae81b8a710e36f8c794c3e731feeb17614e476daf056b06a824
66e9a17c05981ae02d122a6845f9f904f13edeae0973af6fdbc44bb77ee5bbf0
6814ef46f686990cf4e946f966167b0507e1d642c44e51f61bffb0bba2d4672b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bcd46c35e32ebba8e79aa915a5cb5d551c098fb013d4f921f09619bc59fb9ee
6c96eab438c4bc128f862f0556046760cb4893c65e60247343285134c358a7eb
6cc4c722a50b4152194b13e7e3c8a1a5a5f23b17988f8fa85404394efc5c0984
74c17452683150ad0f623fdd9a849ba85d73fb9d221cebe9aa11db52969dbe23
863886e2347be57cf71d7ed3fc614593e94bbce61858cd8c0761ba7a78d2ace4
89bf8cdea73ce776d6b81d03837bc7f04af5e3946b839a3c0bfbf3094ad3f7be
8ba0fb7eb234cf14effdb01366ff010b301b24cf0a1fb044c4be2c4721d72603
8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
928e23e6b9fcef82c5f1d1f05b6f7fc5a6e187c60195e59fbf16fc9d071ee057
9ee5c21fba72db5037f82a272693e5db4bb73ab1059a340dcffc9bee28f670c1
a924c55af6e42515871fdd850703bea91aedd280d30febc3ddc9f674df234785
ae37720bad220c27736f9097566e8cec3bce2f45d980f509c193f54d6d4aea59
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
b023c3b26ca69356ad0aa6b6296d5e6a337ec10ca1f8275483437202a03c381c
b754a50214c3af13ad5b80267b36a52a379030f4cdf28ea62bdc23121fb63963
b7b87f1b48aa75784afb205b3d567664641bc056af2e20b5873da2c90605b7d2
c16d59010b5c7bc246cc28fa0b991da4aaf6ed332f99940a4d5bd29de1ad43de
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c564955dad803a6139bc52a7d05b9fcceeec494e5aced6e9db08d20d8ff076ee
c917923119f99ca28c29eca25a2a4a9606edd23f26633bab2e212ce053dd5f1c
d92c25b1d90bdf3fb25373c5e3de35b1256f47a96575d58b4e6ae10be499d76d
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dc377d0b25d1c78cd2fb2d8c9b3cc8fe12db24bd47084deda1129905ca256099
e082d568fb44df37fa453a514a8e553c889abe144c5c73866c1f020e4ccfbc49
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef25a2301c54ff6ac035bd64f30ef99c65c917184ab36331b867c2a75314476e
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f826bcac220a5475477ee65fae659b0d8292d038d180a122df67fadb6742ed52
fa7fe4fd0aef1b94a3910f43b99060d1fcf2b12302726c4f52146ca1f613e516
fba31c2cd9699431dba47604216525f9bcc0cb1d5980fbae9b19c8b86454d2fc
ff2917ed998d8092726afdb4591687d4f95a04ba8799c69f3266794c808411a3