www.humansecurity.com Open in urlscan Pro
199.60.103.227 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
Submission: On August 30 via api (August 30th 2024, 2:11:30 am UTC) from TR — Scanned from CA

Summary HTTP 144 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 50 IPs in 3 countries across 37 domains to perform 144 HTTP transactions. The main IP is 199.60.103.227, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is www.humansecurity.com.
TLS certificate: Issued by WE1 on July 8th 2024. Valid for: 3 months.

This is the only time www.humansecurity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
28	199.60.103.227 199.60.103.227	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
3	2607:f8b0:400... 2607:f8b0:4006:81d::2008	15169 (GOOGLE) (GOOGLE)
9	2606:4700::68... 2606:4700::6812:562a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:2800:21f... 2606:2800:21f:edfc:49f9:c096:a5a7:75f2	15133 (EDGECAST) (EDGECAST)
1	2607:f8b0:400... 2607:f8b0:4006:80f::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:ac5b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2620:1ec:33:3... 2620:1ec:33:3::10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	104.18.37.212 104.18.37.212	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	142.250.64.68 142.250.64.68	15169 (GOOGLE) (GOOGLE)
2	142.250.65.162 142.250.65.162	15169 (GOOGLE) (GOOGLE)
11	23.34.59.33 23.34.59.33	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2607:f8b0:400... 2607:f8b0:4006:81e::200e	15169 (GOOGLE) (GOOGLE)
1	2600:141b:1c0... 2600:141b:1c00:6::17df:d149	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	108.138.106.49 108.138.106.49	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700::68... 2606:4700::6812:1eb0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:4869	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.204.6.193 23.204.6.193	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2600:141b:1c0... 2600:141b:1c00:30::1739:5a6a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2607:f8b0:400... 2607:f8b0:4006:821::2003	15169 (GOOGLE) (GOOGLE)
2	157.240.241.1 157.240.241.1	32934 (FACEBOOK) (FACEBOOK)
2	2606:2800:220... 2606:2800:220:131d:1d30:1f1d:238b:1e56	15133 (EDGECAST) (EDGECAST)
2	2607:f8b0:400... 2607:f8b0:4004:c06::9b	15169 (GOOGLE) (GOOGLE)
1	34.229.104.150 34.229.104.150	14618 (AMAZON-AES) (AMAZON-AES)
2	52.73.117.16 52.73.117.16	14618 (AMAZON-AES) (AMAZON-AES)
1	18.164.96.87 18.164.96.87	16509 (AMAZON-02) (AMAZON-02)
1 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2607:f8b0:400... 2607:f8b0:4006:81e::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:8d11	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:afc9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:440... 2606:4700:4400::ac40:9310	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:7674	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4860:480... 2001:4860:4802:32::181	15169 (GOOGLE) (GOOGLE)
2	142.251.40.227 142.251.40.227	15169 (GOOGLE) (GOOGLE)
7	35.190.10.96 35.190.10.96	15169 (GOOGLE) (GOOGLE)
1	142.250.81.232 142.250.81.232	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::ac40:9b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.16.117.43 104.16.117.43	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	104.16.118.43 104.16.118.43	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.28.147.68 192.28.147.68	15224 (OMNITURE) (OMNITURE)
1	34.249.205.38 34.249.205.38	16509 (AMAZON-02) (AMAZON-02)
3	142.250.81.238 142.250.81.238	15169 (GOOGLE) (GOOGLE)
1	2600:141b:1c0... 2600:141b:1c00:2e::17d1:48d1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	13.248.142.121 13.248.142.121	16509 (AMAZON-02) (AMAZON-02)
5	104.18.89.62 104.18.89.62	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:28b... 2600:9000:28b2:f200:9:14eb:6280:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:1cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	18.164.96.18 18.164.96.18	16509 (AMAZON-02) (AMAZON-02)
144	50

28 199.60.103.227 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

www.humansecurity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81d::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6812:562a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:21f:edfc:49f9:c096:a5a7:75f2 (United States)

ASN15133 (EDGECAST, US)

platform.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80f::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:ac5b (United States)

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:33:3::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.37.212 (None, )

ASN13335 (CLOUDFLARENET, US)

js.zi-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.64.68 (Plainview, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s30-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.65.162 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 23.34.59.33 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-34-59-33.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81e::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:1c00:6::17df:d149 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.106.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-49.jfk50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:1eb0 (United States)

ASN13335 (CLOUDFLARENET, US)

tracking.g2crowd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4869 (United States)

ASN13335 (CLOUDFLARENET, US)

scout-cdn.salesloft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.204.6.193 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-204-6-193.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:141b:1c00:30::1739:5a6a (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

client.px-cloud.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:821::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.241.1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-lga3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:220:131d:1d30:1f1d:238b:1e56 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c06::9b (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.229.104.150 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-229-104-150.compute-1.amazonaws.com

s.cdnsynd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.73.117.16 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-117-16.compute-1.amazonaws.com

scout.salesloft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.96.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-87.jfk50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81e::2002 (United States)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:8d11 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:afc9 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:4400::ac40:9310 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7674 (United States)

ASN13335 (CLOUDFLARENET, US)

app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.227 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f3.1e100.net

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.190.10.96 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 96.10.190.35.bc.googleusercontent.com

collector-pxxdhgmtcm.px-cloud.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
collector-pxf69i9fy8.px-cloud.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.81.232 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.117.43 (None, )

ASN13335 (CLOUDFLARENET, US)

ws-assets.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.16.118.43 (None, )

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.147.68 (United States)

ASN15224 (OMNITURE, US)

001-vjx-104.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.249.205.38 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-205-38.eu-west-1.compute.amazonaws.com

content.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.81.238 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:1c00:2e::17d1:48d1 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.142.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: ac3ff6aafb2cddae2.awsglobalaccelerator.com

epsilon.6sense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.89.62 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn2.hubspot.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:28b2:f200:9:14eb:6280:93a1 (United States)

ASN16509 (AMAZON-02, US)

d2i34c80a0ftze.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1cc (United States)

ASN13335 (CLOUDFLARENET, US)

acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.164.96.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-18.jfk50.r.cloudfront.net

st.fullcircleinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	humansecurity.com www.humansecurity.com	251 KB
12	6sc.co j.6sc.co — Cisco Umbrella Rank: 12402 c.6sc.co — Cisco Umbrella Rank: 16017 ipv6.6sc.co — Cisco Umbrella Rank: 12823 b.6sc.co — Cisco Umbrella Rank: 6896	21 KB
9	px-cloud.net client.px-cloud.net — Cisco Umbrella Rank: 8932 collector-pxxdhgmtcm.px-cloud.net collector-pxf69i9fy8.px-cloud.net	141 KB
9	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 554	248 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104	21 KB
6	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 77 stats.g.doubleclick.net — Cisco Umbrella Rank: 252 td.doubleclick.net — Cisco Umbrella Rank: 481	3 KB
5	hubspot.net cdn2.hubspot.net — Cisco Umbrella Rank: 20878	62 KB
5	zoominfo.com ws-assets.zoominfo.com — Cisco Umbrella Rank: 34577 ws.zoominfo.com — Cisco Umbrella Rank: 10891	33 KB
5	gstatic.com fonts.gstatic.com	106 KB
5	linkedin.com 1 redirects platform.linkedin.com — Cisco Umbrella Rank: 7061 px.ads.linkedin.com — Cisco Umbrella Rank: 669 px4.ads.linkedin.com — Cisco Umbrella Rank: 7330	163 KB
4	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 10 analytics.google.com — Cisco Umbrella Rank: 238	88 B
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	408 KB
3	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 5067	19 KB
3	salesloft.com scout-cdn.salesloft.com — Cisco Umbrella Rank: 28532 scout.salesloft.com — Cisco Umbrella Rank: 36652	4 KB
3	g2crowd.com tracking.g2crowd.com — Cisco Umbrella Rank: 19182	2 KB
3	zi-scripts.com js.zi-scripts.com — Cisco Umbrella Rank: 15834	4 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 534	15 KB
2	fullcircleinsights.com st.fullcircleinsights.com — Cisco Umbrella Rank: 304246	2 KB
2	6sense.com epsilon.6sense.com — Cisco Umbrella Rank: 18992	716 B
2	google.ca www.google.ca — Cisco Umbrella Rank: 9677	127 B
2	hubspot.com app.hubspot.com — Cisco Umbrella Rank: 10634 track.hubspot.com — Cisco Umbrella Rank: 5359	2 KB
2	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1868	28 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	89 KB
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 8471	6 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 1335 script.hotjar.com — Cisco Umbrella Rank: 2017	60 KB
1	acsbapp.com acsbapp.com — Cisco Umbrella Rank: 7038 cdn.acsbapp.com Failed	95 KB
1	cloudfront.net d2i34c80a0ftze.cloudfront.net	11 KB
1	hotjar.io content.hotjar.io — Cisco Umbrella Rank: 8904	171 B
1	mktoresp.com 001-vjx-104.mktoresp.com	318 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 1019	304 B
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 5135	25 KB
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 11009	92 KB
1	cdnsynd.com s.cdnsynd.com — Cisco Umbrella Rank: 15675	64 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1884	14 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 336	28 KB
1	hsappstatic.net static.hsappstatic.net — Cisco Umbrella Rank: 12087	5 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	1 KB
144	37

	Domain	Requested by
28	www.humansecurity.com	www.humansecurity.com cdn2.hubspot.net
9	b.6sc.co	www.humansecurity.com
9	cdn.cookielaw.org	www.humansecurity.com cdn.cookielaw.org client.px-cloud.net
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com client.px-cloud.net
5	cdn2.hubspot.net	cdn2.hubspot.net www.humansecurity.com
5	fonts.gstatic.com	fonts.googleapis.com
4	ws.zoominfo.com	client.px-cloud.net
4	collector-pxxdhgmtcm.px-cloud.net	client.px-cloud.net
4	www.googletagmanager.com	www.humansecurity.com www.googletagmanager.com www.google-analytics.com
3	collector-pxf69i9fy8.px-cloud.net	client.px-cloud.net
3	js.hs-banner.com	www.humansecurity.com js.hs-banner.com
3	px.ads.linkedin.com	1 redirects snap.licdn.com
3	tracking.g2crowd.com	www.humansecurity.com tracking.g2crowd.com
3	js.zi-scripts.com	www.humansecurity.com js.zi-scripts.com
3	bat.bing.com	www.humansecurity.com bat.bing.com
2	st.fullcircleinsights.com	d2i34c80a0ftze.cloudfront.net
2	epsilon.6sense.com	j.6sc.co
2	www.google.ca	www.humansecurity.com
2	analytics.google.com	www.googletagmanager.com client.px-cloud.net
2	td.doubleclick.net	www.googletagmanager.com
2	scout.salesloft.com	scout-cdn.salesloft.com
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	platform.twitter.com	www.humansecurity.com platform.twitter.com
2	connect.facebook.net	www.humansecurity.com connect.facebook.net
2	client.px-cloud.net	www.googletagmanager.com www.humansecurity.com
2	munchkin.marketo.net	www.humansecurity.com munchkin.marketo.net
2	googleads.g.doubleclick.net	www.humansecurity.com www.googletagmanager.com
2	www.google.com	1 redirects www.humansecurity.com
1	acsbapp.com	www.humansecurity.com
1	d2i34c80a0ftze.cloudfront.net	www.humansecurity.com
1	track.hubspot.com
1	ipv6.6sc.co	j.6sc.co
1	c.6sc.co	j.6sc.co
1	content.hotjar.io	script.hotjar.com
1	001-vjx-104.mktoresp.com	munchkin.marketo.net
1	ws-assets.zoominfo.com	js.zi-scripts.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	app.hubspot.com	www.humansecurity.com
1	js.hs-analytics.net	www.humansecurity.com
1	js.hsleadflows.net	www.humansecurity.com
1	px4.ads.linkedin.com	www.humansecurity.com
1	script.hotjar.com	static.hotjar.com
1	s.cdnsynd.com	www.googletagmanager.com
1	scout-cdn.salesloft.com	www.humansecurity.com
1	static.hotjar.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	j.6sc.co	www.humansecurity.com
1	cdnjs.cloudflare.com	www.humansecurity.com
1	static.hsappstatic.net	www.humansecurity.com
1	fonts.googleapis.com	www.humansecurity.com
1	platform.linkedin.com	www.humansecurity.com
0	cdn.acsbapp.com Failed	client.px-cloud.net
144	52

This site contains links to these domains. Also see Links.

Domain
docs.humansecurity.com
partners.humansecurity.com
www.facebook.com
twitter.com
www.linkedin.com
linkedin.com
t.me
support.humansecurity.com
cookiepedia.co.uk
www.onetrust.com

Subject Issuer	Validity	Valid
www.humansecurity.com WE1	`2024-07-08` - `2024-10-06`	3 months	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
cookielaw.org WE1	`2024-08-13` - `2024-11-11`	3 months	crt.sh
platform.linkedin.com DigiCert SHA2 Secure Server CA	`2024-06-13` - `2025-06-13`	a year	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
hsappstatic.net E5	`2024-07-06` - `2024-10-04`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-07-31` - `2024-10-29`	3 months	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 04	`2024-06-19` - `2024-12-16`	6 months	crt.sh
zi-scripts.com WE1	`2024-07-25` - `2024-10-23`	3 months	crt.sh
6sc.co R11	`2024-07-03` - `2024-10-01`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
g2crowd.com WE1	`2024-08-21` - `2024-11-19`	3 months	crt.sh
salesloft.com Sectigo RSA Domain Validation Secure Server CA	`2024-03-20` - `2025-04-19`	a year	crt.sh
*.marketo.net DigiCert TLS RSA SHA256 2020 CA1	`2023-12-08` - `2024-12-11`	a year	crt.sh
client.botchk.net R11	`2024-08-19` - `2024-11-17`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-06-08` - `2024-09-06`	3 months	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-08` - `2025-07-07`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
cdnsynd.com E6	`2024-07-27` - `2024-10-25`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-08-27` - `2025-02-27`	6 months	crt.sh
*.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
hsleadflows.net WE1	`2024-07-31` - `2024-10-29`	3 months	crt.sh
hs-analytics.net WE1	`2024-08-09` - `2024-11-07`	3 months	crt.sh
hs-banner.com WE1	`2024-07-27` - `2024-10-25`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2024-01-06` - `2024-12-31`	a year	crt.sh
*.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.google.ca WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.px-cloud.net Sectigo RSA Domain Validation Secure Server CA	`2024-08-16` - `2025-09-15`	a year	crt.sh
geolocation.onetrust.com WE1	`2024-08-13` - `2024-11-11`	3 months	crt.sh
zoominfo.com E5	`2024-08-14` - `2024-11-12`	3 months	crt.sh
*.mktoresp.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-07` - `2024-10-07`	a year	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2024-01-31` - `2025-03-01`	a year	crt.sh
*.6sense.com Amazon RSA 2048 M03	`2024-04-23` - `2025-05-22`	a year	crt.sh
hubspot.net Cloudflare Inc ECC CA-3	`2024-03-06` - `2024-12-31`	10 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
acsbapp.com WE1	`2024-08-18` - `2024-11-16`	3 months	crt.sh
aws-st.fullcircleinsights.com Amazon RSA 2048 M02	`2024-05-28` - `2025-06-25`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
Frame ID: B70DBD0F74A90BF3470294C1617691AE
Requests: 136 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/878225418?random=1724983880862&cv=11&fst=1724983880862&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be48s0v9102558839z8830094232za201zb830094232&gcd=13l3l3l3l5l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.humansecurity.com%2Flearn%2Fblog%2Fsatori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content&hn=www.googleadservices.com&frm=0&tiba=Satori%20Threat%20Intelligence%20Alert%3A%20Camu%20cashes%20out%20ads%20on%20piracy%20content&npa=0&pscdl=noapi&auid=2028744126.1724983880&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Frame ID: F2470DCED72AFB5194D22F7C70F560D3
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-59DHKRCY6M&gacid=1365157230.1724983881&gtm=45je48s0v881684866z8830094232za200zb830094232&dma=0&gcs=G1--&gcd=13l3l3l3l5l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=357135770
Frame ID: 578C1081CCF60DBC475201CCCA448442
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fwww.humansecurity.com
Frame ID: 0A0DBD8533458FD7DDE05148B9F79E6F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Satori Threat Intelligence Alert: Camu cashes out ads on piracy content

Detected technologies

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Lightbox (JavaScript Libraries) Expand

Linkedin (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.linkedin\.com/in\.js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css
owl\.carousel.*\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

PerimeterX (Security) Expand

Overall confidence: 100%
Detected patterns

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

144
Requests

95 %
HTTPS

51 %
IPv6

37
Domains

52
Subdomains

50
IPs

3
Countries

1969 kB
Transfer

5988 kB
Size

36
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://docs.humansecurity.com/
Title: Documentation Details about HUMAN's products and interfaces.

Search URL Search Domain Scan URL

URL: https://partners.humansecurity.com/English/?ReturnUrl=%2fEnglish%2fPartners%2fhome.aspx
Title: Partner Portal Log into the HUMAN Partner Portal for collateral, documentation, and other partnership needs.

Search URL Search Domain Scan URL

URL: https://www.facebook.com/secure_with_human
Title: This is a title This is a subtitle Some content goes here..

Search URL Search Domain Scan URL

URL: https://twitter.com/SecureWithHUMAN
Title: This is a title This is a subtitle Some content goes here..

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/humansecurityinc/
Title: This is a title This is a subtitle Some content goes here..

Search URL Search Domain Scan URL

URL: https://docs.humansecurity.com/media-security/ivt-taxonomy
Title: IVT Taxonomy

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Social%20Share%20Buttons&url=https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content

Search URL Search Domain Scan URL

URL: https://linkedin.com/shareArticle?mini=true&title=Social%20Share%20Buttons&url=https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content

Search URL Search Domain Scan URL

URL: https://t.me/share?url=https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content

Search URL Search Domain Scan URL

URL: https://partners.humansecurity.com/English/?ReturnUrl=%2fEnglish%2fPartners%2fhome.aspx&__hstc=233546881.7f9124919ef436acf331cc4180a46d72.1635342799936.1648671054706.1648675289816.112&__hssc=233546881.12.1648738104896&__hsfp=1741684099
Title: Partner Portal

Search URL Search Domain Scan URL

URL: https://support.humansecurity.com/hc/en-us
Title: Docs

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/humansecurityinc

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://www.google.com/pagead/landing?gcs=G1--&gcd=13l3l3l3l5l1&tag_exp=0&rnd=899758141.1724983880&url=https%3A%2F%2Fwww.humansecurity.com%2Flearn%2Fblog%2Fsatori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content&dma=0&npa=0&gtm=45He48s0n81KVP42DDv830094232za200&auid=2028744126.1724983880 HTTP 302
https://googleads.g.doubleclick.net/pagead/landing?gcs=G1--&gcd=13l3l3l3l5l1&tag_exp=0&rnd=899758141.1724983880&url=https%3A%2F%2Fwww.humansecurity.com%2Flearn%2Fblog%2Fsatori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content&dma=0&npa=0&gtm=45He48s0n81KVP42DDv830094232za200&auid=2028744126.1724983880

Request Chain 69

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1755754%2C5211716&time=1724983880792&li_adsId=add579ea-b309-4b30-8374-4316292c2f83&url=https%3A%2F%2Fwww.humansecurity.com%2Flearn%2Fblog%2Fsatori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content&tm=gtmv2 HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1755754%2C5211716&time=1724983880792&li_adsId=add579ea-b309-4b30-8374-4316292c2f83&url=https%3A%2F%2Fwww.humansecurity.com%2Flearn%2Fblog%2Fsatori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content&tm=gtmv2&e_ipv6=AQJT4HzAb3FFGwAAAZGhDSzZvfaklpHfC8DAAF1-19l989ByLUTApor9XMQmFFFP5nLKGJtjAg

144 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content Show response
www.humansecurity.com/learn/blog/ 204 KB
23 KB 190ms
82ms Document
text/html 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8cacf0cf645c21d4537ec12d2f77794bce33f3b0090376a04bf8e4fd952f1513

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: s-maxage=10800, max-age=0
cf-ray: 8bb13fdddd4036c5-YYZ
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Fri, 30 Aug 2024 02:11:19 GMT
edge-cache-tag: CT-128929315203,CT-160559355208,CT-172769674525,CT-176829247902,CG-5249379964,P-3400937,CW-120410438969,CW-123754977913,CW-166526026759,CW-63656548895,CW-63656638135,CW-63656840557,CW-64556607012,E-115294898870,E-115307132989,E-115307516677,E-115387395449,E-115388248694,E-115450692019,E-115451707707,E-120377909830,E-164610244707,E-164611792452,E-164742850616,E-164742903989,E-166527373913,E-166942765475,E-63463820289,E-63463820290,E-63463820292,E-63463820302,E-63656499996,E-63656586570,E-63656625716,E-63656674711,E-63656841263,E-63656841264,E-68518573488,E-91065958246,E-91065964034,E-99901597287,RA-170315478827,RA-171495719182,RA-172012720271,RA-174301124992,PGS-ALL,SW-3,GC-166536734550,GC-166958618433,TS-63463820311
last-modified: Thu, 29 Aug 2024 10:46:08 GMT
link: </hs/hsstatic/cos-i18n/static-1.53/bundles/project.js>; rel=preload; as=script
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CpJDm13by7Zy0IvuIdSEmlRBCKvpwJ8uXobuiWsvJYt%2B30x55p9QKjOgGbEt1QTEZlE8uTRhQuQ1L4zF%2F4AG1dXc7ZDosquHKdAwNtMKE%2Bl74oYpN6jajkstwt%2FAHlGM6LYBFKXFyA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-hs-cache-config: BrowserCache-5s-EdgeCache-180s
x-hs-cache-control: s-maxage=10800, max-age=0
x-hs-cf-cache-status: HIT
x-hs-content-id: 176829247902
x-hs-hub-id: 3400937
x-hs-prerendered: Thu, 29 Aug 2024 10:46:08 GMT

GET
H3 200 project.js Show response
www.humansecurity.com/hs/hsstatic/cos-i18n/static-1.53/bundles/ 1 KB
1 KB 54ms
53ms Script
application/javascript 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.humansecurity.com/hs/hsstatic/cos-i18n/static-1.53/bundles/project.js

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 02:11:19 GMT
content-encoding: gzip
via: 1.1 8f20ff24dd415d652c896cb797feb54e.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
age: 15841199
x-amz-cf-pop: YUL62-P1
x-amz-server-side-encryption: AES256
content-security-policy: upgrade-insecure-requests
x-cache: Miss from cloudfront
x-amz-version-id: P9ES7sOpFzrLl1QoRwjEAy5outPo5_GO
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 09 Nov 2021 16:12:42 GMT
server: cloudflare
etag: W/"61ca66de658cab9587e4636894680d5d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BqwHnU9kA5Yd18byjQWNDMKqv9fS2rM7JEOzg1rXO9T7%2F2e9EYO8XGPuczhSCOrLHxO3ksXQHE%2B1GpUPOpm3kdzGGKB8Bsubkj7ZFPurdc0H7Ub66OdYUr47ohiqImR%2BvZa1UO6%2BSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8bb13fde7dc436c5-YYZ
x-amz-cf-id: rj4GCUtIGxdijvMpQnQ9llcdO2a13AZMNLGn8BVHpymZRGg36kEVIg==
expires: Sat, 30 Aug 2025 02:11:19 GMT

GET
H3 200 frontend.min.css
www.humansecurity.com/hs-fs/hub/3400937/hub_generated/template_assets/63656586570/1698698464930/humansecurity-hs/punch/assets/css/ 43 KB
9 KB 82ms
82ms Stylesheet
text/css 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.humansecurity.com/hs-fs/hub/3400937/hub_generated/template_assets/63656586570/1698698464930/humansecurity-hs/punch/assets/css/frontend.min.css

Requested by

Host: www.humansecurity.com
URL: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

afff892691aaab5f3a2c411cb09a2674006120f314eb8ac1fc6efb8c66a1c353

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
age: 1165
x-amz-request-id: G71ERKK9X0FQAPA1
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"b77d3abc0b9bf83fbcfd36a5a1e3ea4c"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1698698465825
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 30 Aug 2024 02:11:19 GMT
via: 1.1 263d97c176fc51d1d08116820c013de4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-amz-version-id: GaNibL_2mws_6v_lkcwwJfeo4CxpHPWp
x-cache: Miss from cloudfront
x-hubspot-correlation-id: be9c8826-3bcd-4f91-be75-89cbe30af988
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 181
alt-svc: h3=":443"; ma=86400
x-amz-id-2: iQi5780TLNzNwV7ABIF89jKKYIxaFsr0FSdXOqGk4H30+A7IP7PJh9pbxX1zBWYcwEFPpEsKonObsNFmg2oKiQ==
x-evy-trace-route-configuration: listener_https/all
x-request-id: be9c8826-3bcd-4f91-be75-89cbe30af988
last-modified: Mon, 30 Oct 2023 20:41:06 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GHSFFLXaeLe%2BnZRZ613Q%2Bw3SheYDidQD5EedsyzklttKQRPCzHrZEtLDiN9f5hArUDoo1bXy9zDKw7d%2FeVHRmqrcnmACCuR2ms%2FLHKA2BgYNUkRuIDkzabZ5D5sfMW7pV4Ac%2FY2RGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-7849459c5c-b2s92
access-control-allow-credentials: false
cf-ray: 8bb13fde7dcd36c5-YYZ
timing-allow-origin: www.humansecurity.com
x-amz-cf-id: L7J1676QX4ek9bt3eCkH9zslC73jkmpSrIOggslF3o3lO0OX-_vPwQ==

GET
H3 200 variables.min.css
www.humansecurity.com/hs-fs/hub/3400937/hub_generated/template_assets/63463820290/1693233181263/humansecurity-hs/assets/css/dist/ 0
1 KB 83ms
80ms Stylesheet
text/css 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.humansecurity.com/hs-fs/hub/3400937/hub_generated/template_assets/63463820290/1693233181263/humansecurity-hs/assets/css/dist/variables.min.css

Requested by

Host: www.humansecurity.com
URL: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
age: 1165
x-amz-request-id: 8HR5K6H3YVDQ5FQP
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1693233181849
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 30 Aug 2024 02:11:19 GMT
strict-transport-security: max-age=31536000
via: 1.1 ed8e6c4476f2632eef2c7ce856161af0.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: PVtlsZaAUzw31xbOkIyAmX4R8T95ZDvv
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: c5e47e35-fbe0-4d9d-b700-472066e10019
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 193
alt-svc: h3=":443"; ma=86400
content-length: 0
x-amz-id-2: vf/Et3tfFrKDN+qRHL9tRh5hptpMYr83x+RpN4OEGWyMZH5vFWChdOXW7kiwryF8c+m5wZj34L42Vd+tFY7jMbnmyT3UNdlqlYF3JZ1Yb14=
x-evy-trace-route-configuration: listener_https/all
x-request-id: c5e47e35-fbe0-4d9d-b700-472066e10019
last-modified: Mon, 28 Aug 2023 14:33:02 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LzDz%2FqDwqI%2FMY1tk5p9eIO%2FHO6PQ72PQcdalR9%2FEqwoF0iI7wSGRJWlFhPorkyJPzpMlg2m4YEsRB%2Bsmpg9Oy5WF2sgoFA6%2F7%2BE5eTHbwdgiWTJ6bJX3zsV%2BVrP%2FKR%2Bzfh0DN8lDjw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-656644bdb-x5qbk
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 8bb13fde8dd336c5-YYZ
timing-allow-origin: www.humansecurity.com
x-amz-cf-id: Cx-TYhN3GwAKO6fcb9ZejJpDoRZwPq__Kt5W5CqL46-ja9rX4Xvi_g==

GET
H3 200 main.min.css
www.humansecurity.com/hs-fs/hub/3400937/hub_generated/template_assets/63463820289/1715786988598/humansecurity-hs/assets/css/ 79 KB
22 KB 106ms
102ms Stylesheet
text/css 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.humansecurity.com/hs-fs/hub/3400937/hub_generated/template_assets/63463820289/1715786988598/humansecurity-hs/assets/css/main.min.css

Requested by

Host: www.humansecurity.com
URL: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0392294081a8113d3c077796594484f5354ebb23b518d3337738015bddb70aa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
age: 1165
x-amz-request-id: A2N88TR11KEJ824P
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
x-amz-replication-status: PENDING
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"47787750df632993e786b00ce189b343"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1715786989545
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 30 Aug 2024 02:11:19 GMT
via: 1.1 e71ab653feb8332f51edf19089ecf9fc.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
x-amz-cf-pop: IAD55-P4
x-hs-alternate-content-type: text/plain
x-amz-version-id: SAEe3SNv3Lb1_ysCcV6bfhvdbJ82X__.
x-cache: RefreshHit from cloudfront
x-hubspot-correlation-id: d4b8ce20-ac79-450c-b0a4-ac5f07f2db13
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 176
alt-svc: h3=":443"; ma=86400
x-amz-id-2: ncfdwU7taJbZ3IKP7o8Y3tr8UyviiFdSYX6FmSvjLBcbcuWtzUXSwbxS3Wk76ZLRF7868jxvgQk=
x-evy-trace-route-configuration: listener_https/all
x-request-id: d4b8ce20-ac79-450c-b0a4-ac5f07f2db13
last-modified: Wed, 15 May 2024 15:29:50 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZQgVvCqlc8GE3agTQyEJm0q15STTZOlvRMyMXB5pqmjhgPc7%2BTjIQtqds1gz%2Fei%2BcFZrpSUef0vlx80QlRDmgicuRg1i19j%2BoK3Lj0tQ9lyCjqy9tINmmaGfPy616MX2mhefb5B4AQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-656644bdb-tjdnr
access-control-allow-credentials: false
cf-ray: 8bb13fde8dd436c5-YYZ
timing-allow-origin: www.humansecurity.com
x-amz-cf-id: bqhuTaM-eBxLgifJ6n1JSBVjkFOd2Q04Mq-YT99o5jh6Eebl-imwww==

GET
H3 200 single-common.min.css
www.humansecurity.com/hs-fs/hub/3400937/hub_generated/template_assets/115451707707/1709753002216/humansecurity-hs/assets/css/ 16 KB
4 KB 131ms
127ms Stylesheet
text/css 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.humansecurity.com/hs-fs/hub/3400937/hub_generated/template_assets/115451707707/1709753002216/humansecurity-hs/assets/css/single-common.min.css

Requested by

Host: www.humansecurity.com
URL: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

81f2e0a9e0cbb9cfcb5d72f56f4eff056370ddd14104251fc7066a8f7d641828

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-amz-request-id: TD9P9PBBZWP80RVQ
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"49aab6c32e04790c0f1e45fad3996b2b"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1709753002890
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 30 Aug 2024 02:11:19 GMT
via: 1.1 6bc1c280aeef9bbdeb102c7f4e4f773e.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-amz-version-id: TDjcu_c8CPezB1bGaaBBUci0M.U7cgii
x-cache: Miss from cloudfront
x-hubspot-correlation-id: 518df720-5932-4497-82e8-a724859d7b4b
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 161
alt-svc: h3=":443"; ma=86400
x-amz-id-2: KJ0e1GSrJ9LsCCOfwJOJrpH3F2Dr3L04Gn9pxBd3MZvFYOdleDEGh9BFh/axFy9PcOpaZKG7dD5Vx1WjzLNj78XFM3OwsYaxa6F+A8gZ0jw=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 518df720-5932-4497-82e8-a724859d7b4b
last-modified: Wed, 06 Mar 2024 19:23:23 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iZ8lXLLdhmhov%2BG83PyAPT7CI%2B7YaqEaaLZSQ335bZu4MSZQiOW6743XjPJJ22OGdXO%2BVcLRe1KJIzH0N16OWGnzsbUUM5kBks8YHCET7iUgpL9AYDSGYjZA%2BXPvNMTScZWRoJupxg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-656644bdb-lrfms
access-control-allow-credentials: false
cf-ray: 8bb13fde8dd736c5-YYZ
timing-allow-origin: www.humansecurity.com
x-amz-cf-id: 7jzu9U227TWnNOwgx2-igAOak85Bp4OF1LW7UQck2RakwQd0rLxNtA==

GET
H3 200 module_166526026759_header-menu-v2.min.css
www.humansecurity.com/hs-fs/hub/3400937/hub_generated/module_assets/166526026759/1716224039145/ 843 B
2 KB 141ms
138ms Stylesheet
text/css 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.humansecurity.com/hs-fs/hub/3400937/hub_generated/module_assets/166526026759/1716224039145/module_166526026759_header-menu-v2.min.css

Requested by

Host: www.humansecurity.com
URL: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f684971a6600c115bd3d3102c43a0b09ad5a1a3c45a818269445ba888ce8d58

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
age: 1165
x-amz-request-id: R0HX2QWRTWY349VN
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"6805cf8d57acac50bb55afbe7921aa0e"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1716224039145
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 30 Aug 2024 02:11:19 GMT
strict-transport-security: max-age=31536000
via: 1.1 7f7e359e1c06a914d3d305785359b84c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: BzbKtMItj7hwZxg5bjmqXnlAHwZPHzBN
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 6937b868-f0fc-4618-8d2b-de9ad651d2f8
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 205
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 5Yduje251KON8jVi5ti/L9nCsADH0JUIzX/akwuVSE3Hj14iU1F/wo7UUPIRTGyyOgqG+lCcW4A=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 6937b868-f0fc-4618-8d2b-de9ad651d2f8
last-modified: Mon, 20 May 2024 16:54:00 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I5L4gbultP%2FcP70Kv2ZfkQaRjFKK7JnbsqvKeP71ro6VoBVdDQcHJMMRB%2Fc%2BhJGCd1APFkgqsW1m4%2BM22s%2FW%2F9e29CPafUUECLvS4RdfG6wd032ChNteS%2F1%2BFIjK3ESN8aHDjLK8Pg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-7849459c5c-5f7r6
access-control-allow-credentials: false
cf-ray: 8bb13fde8dd836c5-YYZ
timing-allow-origin: www.humansecurity.com
x-amz-cf-id: IjPXMx0nDTF_0SPJRtCLVw5M5W8bpSR5yi08-1Vc0OtMgjdNbETaRQ==

GET
H3 200 owl.carousel.min.css
www.humansecurity.com/hs-fs/hub/3400937/hub_generated/template_assets/164742903989/1713364613685/humansecurity-hs/assets/js/owlcarousel/assets/ 3 KB
3 KB 138ms
134ms Stylesheet
text/css 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.humansecurity.com/hs-fs/hub/3400937/hub_generated/template_assets/164742903989/1713364613685/humansecurity-hs/assets/js/owlcarousel/assets/owl.carousel.min.css

Requested by

Host: www.humansecurity.com
URL: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
age: 1165
x-amz-request-id: JV49QW9HPBKYC7Y2
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"b2752a850d44f50036628eeaef3bfcfa"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1713364613685
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 30 Aug 2024 02:11:19 GMT
via: 1.1 8f37d2a62fbfeba0212cd5ced67c0c16.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
x-amz-cf-pop: IAD61-P2
x-hs-alternate-content-type: text/plain
x-amz-version-id: lxA_FGpWvDSJaDwG1OPwtR8dnfjYrFcp
x-cache: RefreshHit from cloudfront
x-hubspot-correlation-id: 92d4bf7a-6d78-4072-ae75-461bc529367c
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 145
alt-svc: h3=":443"; ma=86400
x-amz-id-2: n6kNSnMjFrycTj+F+eKR37KfjLkxTGvy5aZKt5dr8NCDnQnN+ueMbDDbxFGI9+P5/MYZYaIso3GEXhm2b68vi3rJ0/nleGHk
x-evy-trace-route-configuration: listener_https/all
x-request-id: 92d4bf7a-6d78-4072-ae75-461bc529367c
last-modified: Wed, 17 Apr 2024 14:36:54 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2S0Ey5tk%2BNraMgpNTAe0pyb3bhikmWKdS1DC710KK9HbRWMcW%2BeA%2Fs3hIOrrVNqaha579ceItPCpuKH1wzBGMmn%2Fzf4F7LT22ld74Pd29fxz45cVLxM88NtvTbJwnUm4Bb0F%2FNp51g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-656644bdb-x5qbk
access-control-allow-credentials: false
cf-ray: 8bb13fde8dda36c5-YYZ
timing-allow-origin: www.humansecurity.com
x-amz-cf-id: U_wVHeCd0RvWZa8xLu2rst2-AfXEvDP1m-89XH-16_RN08vRpNZCbA==

GET
H3 200 human.min.css
www.humansecurity.com/hs-fs/hub/3400937/hub_generated/template_assets/164611792452/1723893211195/humansecurity-hs/assets/css/dist/ 56 KB
14 KB 87ms
84ms Stylesheet
text/css 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.humansecurity.com/hs-fs/hub/3400937/hub_generated/template_assets/164611792452/1723893211195/humansecurity-hs/assets/css/dist/human.min.css

Requested by

Host: www.humansecurity.com
URL: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

88a955245e5e007bcd6faa68ebff9026e70a9abc08495ab6f32eb992017d90dc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
age: 1165
x-amz-request-id: T07E68PJ1NPTY3R5
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"35e5d326ace57eaefb2f262e566c13fe"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1723893212280
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 30 Aug 2024 02:11:19 GMT
via: 1.1 5eb5e19c1a78889d10ff38f1551ed2aa.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-amz-version-id: OLH5rlxZb31TQHmVwV9W_A8uHan.FYum
x-cache: Miss from cloudfront
x-hubspot-correlation-id: 0e0518f6-176f-4558-b132-35bcab66c4a4
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 173
alt-svc: h3=":443"; ma=86400
x-amz-id-2: v8KH8SFk1b3nQa7IEp3KE2vhKnek3dtA6cAGSPZBpRpmvOyyHioUH1vxG7WSKvtWKcnxWgBVzyM=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 0e0518f6-176f-4558-b132-35bcab66c4a4
last-modified: Sat, 17 Aug 2024 11:13:33 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o1a25QA24DD%2BQMZeEUoxkac%2BlMaXNMopu2WnCMT%2FQy4TW1CYOBLnCHC8BzTa8GDdZ%2Ffuz3sbg8K2THlNPj7QEPBzHjARD7bQNCYpBUb7dL3LSVbjk3k0x%2BogOqPprkNhW43BTLRP%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-7849459c5c-b2s92
access-control-allow-credentials: false
cf-ray: 8bb13fde8ddb36c5-YYZ
timing-allow-origin: www.humansecurity.com
x-amz-cf-id: 7ZNz_iCfWWRNYXrTb1nKNiU0s3mOnB28AZqryWfF4j1Snrprb-LFVA==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 356 KB
116 KB 205ms
80ms Script
application/javascript 2607:f8b0:4006:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KVP42DD

Requested by

Host: www.humansecurity.com
URL: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4651c8713aee0c750d4cdd973975985e3642666f5a2c41f49a9f1a32b9608342

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 02:11:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 118202
x-xss-protection: 0
last-modified: Fri, 30 Aug 2024 00:29:41 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 30 Aug 2024 02:11:19 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 223ms
27ms Script
application/javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.humansecurity.com
URL: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50377d1d3e7dcb2c8298feb8d2505099df1957e3700a358b993b4cf443fd36e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 30 Aug 2024 02:11:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: p+39a+/XEcZfNKybQjgXjA==
age: 42675
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6882
x-ms-lease-status: unlocked
last-modified: Wed, 28 Aug 2024 02:28:29 GMT
server: cloudflare
etag: 0x8DCC7091A7F0929
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b02628b3-d01e-000e-617a-f97f81000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8bb13fe1e815713c-YUL
expires: Fri, 30 Aug 2024 14:20:04 GMT

GET
H3 200 prism.min.css
www.humansecurity.com/hs-fs/hub/3400937/hub_generated/template_assets/91065964034/1693233180291/humansecurity-hs/assets/css/dist/ 1 KB
2 KB 139ms
136ms Stylesheet
text/css 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.humansecurity.com/hs-fs/hub/3400937/hub_generated/template_assets/91065964034/1693233180291/humansecurity-hs/assets/css/dist/prism.min.css

Requested by

Host: www.humansecurity.com
URL: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b17ad6eab5f71934277721a0558d12da27ef1c1d7688d3dc8e8440165902526b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-amz-request-id: TD9YA7ZQJ297N399
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"9f0794436f73e871f1d234b0aed34aaf"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1693233180994
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 30 Aug 2024 02:11:19 GMT
via: 1.1 824fe21e467658628899bdd8725649ee.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-amz-version-id: 4AdoQ1qbFlghg5XDq_6m5FKyZgIg_9_9
x-cache: Miss from cloudfront
x-hubspot-correlation-id: 5935e731-7be7-471f-b0bd-6bc6afdca7f7
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 152
alt-svc: h3=":443"; ma=86400
x-amz-id-2: arCLVziG4PZvBuNmVXCJp7MpQ6Vohs9AitouY9vkCI6eMLYqyEqQ6EpUpzNhU3j8D9GvLx9mp9Q=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 5935e731-7be7-471f-b0bd-6bc6afdca7f7
last-modified: Mon, 28 Aug 2023 14:33:01 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hnRW1U7vAloaC2uJZn5H56sfAlr1AdwX9WW5gZbee07MPFJlbQkI0pdqsk5id5Rryyzw7Co90lAN9pyrxxZsYTLW1HF8hjEqanl1HsyV61jVDKVSiTkixF4A9GFG2978NUyZXG8xCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-656644bdb-ts7f8
access-control-allow-credentials: false
cf-ray: 8bb13fde8ddc36c5-YYZ
timing-allow-origin: www.humansecurity.com
x-amz-cf-id: qPIzfQXlBGzLZqw8SFg5lIAFtP3kXgseHcwku-Pqrd4Jd1kbzd4wSg==

GET
H2 200 in.js Show response
platform.linkedin.com/ 510 KB
160 KB 175ms
29ms Script
text/javascript 2606:2800:21f:edfc:49f9:c096:a5a7:75f2
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.linkedin.com/in.js

Requested by

Host: www.humansecurity.com
URL: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:21f:edfc:49f9:c096:a5a7:75f2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyd/D173) /

Resource Hash

87d049fc6d16da1f81063235c0e3d31a4656800cbbdca8277d6ae56614a52aba

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 02:11:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn-client-ip-version: IPV6
x-cdn: ECST
age: 3122
x-cache: HIT
x-cdn-proto: HTTP2
content-length: 163630
x-li-uuid: AAYg3GFENVumwix/K6vsgw==
last-modified: Fri, 30 Aug 2024 01:19:17 GMT
server: ECAcc (nyd/D173)
x-li-pop: prod-lva1-x
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
x-li-fabric: prod-lva1
cache-control: public, max-age=3600
x-li-proto: http/1.1
accept-ranges: bytes
expires: Fri, 30 Aug 2024 02:19:17 GMT

GET
H3 200 js.cookie-min.min.js Show response
www.humansecurity.com/hs-fs/hub/3400937/hub_generated/template_assets/120377909830/1693233183213/humansecurity-hs/assets/js/dist/ 2 KB
2 KB 152ms
150ms Script
application/javascript 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.humansecurity.com/hs-fs/hub/3400937/hub_generated/template_assets/120377909830/1693233183213/humansecurity-hs/assets/js/dist/js.cookie-min.min.js

Requested by

Host: www.humansecurity.com
URL: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9cac5e10bd3d5631c178a838d415c28b126daca61e10e81e6dc36aa18919174f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
age: 1165
x-amz-request-id: PFT9EKC4Y1B1B5DR
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"b2d77f293176c0278a1d65d5afe1d1b9"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1693233183379
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 30 Aug 2024 02:11:19 GMT
strict-transport-security: max-age=31536000
via: 1.1 263d97c176fc51d1d08116820c013de4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: LVKDx31g5hiRxJMSIPYCqKTZgOeBIIto
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 9f4b3053-3eb4-4fd7-983e-9e1169308f77
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 176
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 0OlTjSSmWiatL2EgH5ZAbw1bbpiPGAodzuIIRhxgOkDMm71dkefCADCkeS5u7rEskwgNBf6vO76f4xD5eV/Hyw==
x-evy-trace-route-configuration: listener_https/all
x-request-id: 9f4b3053-3eb4-4fd7-983e-9e1169308f77
last-modified: Mon, 28 Aug 2023 14:33:04 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bfFWuZPsqCuWHzY4uGtMjakDeShi3yMJAHwSoBnA5y9hNX5KanOx28p0kNWKJk9MotxVhhdw2KoJY1SvJeCW4jkDzKygQwGP8evAO%2BN%2FudKslNft%2B2aL4Pv7KjclpMSurP%2FCWE3yrA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-656644bdb-jn7vt
access-control-allow-credentials: false
cf-ray: 8bb13fde8ddf36c5-YYZ
timing-allow-origin: www.humansecurity.com
x-amz-cf-id: Cf93sz_oaE4095RW6WCJRJwMgxBOIPKTDybrsei0SFldUlNm1GqAMg==

GET
H3 200 header-lazy.min.css
www.humansecurity.com/hs-fs/hub/3400937/hub_generated/template_assets/115388248694/1709752515544/humansecurity-hs/assets/css/ 62 KB
8 KB 152ms
151ms Stylesheet
text/css 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.humansecurity.com/hs-fs/hub/3400937/hub_generated/template_assets/115388248694/1709752515544/humansecurity-hs/assets/css/header-lazy.min.css

Requested by

Host: www.humansecurity.com
URL: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

92cde36d24b66c5bb39231c290e47319cc207455557a1c4ddf0b1c584422db77

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
age: 1165
x-amz-request-id: X7G0DJ5YPQ34C7Q9
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"ab9f490b09044ac8accc7cd47c303436"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1709752516468
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 30 Aug 2024 02:11:19 GMT
via: 1.1 95ad9d4dc596fb803e3114c8dbdc4b60.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
x-amz-cf-pop: IAD61-P1
x-hs-alternate-content-type: text/plain
x-amz-version-id: _V.JkPAY5XMXY1FxwyxeMEqz70RyFn88
x-cache: Miss from cloudfront
x-hubspot-correlation-id: 6a7e5b41-1435-45f4-9d9a-b2764d65be5d
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 205
alt-svc: h3=":443"; ma=86400
x-amz-id-2: RnTAzO67+Q6MxeWeYGRJu8VDZTWha+izr3um4vv51gHGciOB2e8CmA2r4uecmrAeAL3elKqitc8=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 6a7e5b41-1435-45f4-9d9a-b2764d65be5d
last-modified: Wed, 06 Mar 2024 19:15:17 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9aUnyj7gLouPUK%2FVCohhMY194bAjoeS0tLU4uT5dxFpgpHwEwBUP8bNE0y3MzU8BtbN7W8wBXk%2BQUvqm%2FJuufrtnWY7GSyh33TQlxL0U9HLKqYGW01FqjHOFgq8asAXbtwVO4bGM2g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-656644bdb-tjdnr
access-control-allow-credentials: false
cf-ray: 8bb13fde8de036c5-YYZ
timing-allow-origin: www.humansecurity.com
x-amz-cf-id: tPBF7Ui4It8unVSfDZj8p0XO91JyEbcsKMehitNWcHfy2PRxAaGFRA==

GET
H2 200 css2
fonts.googleapis.com/ 14 KB
1 KB 158ms
79ms Stylesheet
text/css 2607:f8b0:4006:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Barlow+Condensed:wght@300;400;500;600;700;800&family=Barlow:wght@300;400;500;600;700;800&display=swap

Requested by

Host: www.humansecurity.com
URL: https://www.humansecurity.com/hs-fs/hub/3400937/hub_generated/template_assets/63463820289/1715786988598/humansecurity-hs/assets/css/main.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1bb0e098f5a598b1a0dbd04775c38b0421251adda71dfc6cd7ae673e710da874

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.humansecurity.com/hs-fs/hub/3400937/hub_generated/template_assets/63463820289/1715786988598/humansecurity-hs/assets/css/main.min.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 30 Aug 2024 02:11:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 30 Aug 2024 02:11:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 30 Aug 2024 02:11:19 GMT

GET
H3 200 shield-1.png
www.humansecurity.com/hubfs/ 7 KB
8 KB 100ms
99ms Image
image/webp 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.humansecurity.com/hubfs/shield-1.png

Requested by

Host: www.humansecurity.com
URL: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

adfc35d72ea1d0feaa677acecd2dafad7fdda56b02a76d7f51ad1bc067c2d499

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-5862207449,P-3400937,FLS-ALL
age: 1211346
x-amz-request-id: EWP8AWFJ0ZZHSWX4
edge-cache-tag: F-5862207449,P-3400937,FLS-ALL
content-disposition: inline; filename="shield-1.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
etag: "a7f612073c41fe336a127bcdc8c85fb1"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 30 Aug 2024 02:11:19 GMT
strict-transport-security: max-age=31536000
via: 1.1 60d690eb8aefecb50f44bbe348e3804a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 9.gcTtGdad6IxMaTuMgRoNGBoTuxoK7p
x-amz-cf-pop: YUL62-P2
cf-polished: origFmt=png, origSize=12483
x-cache: Miss from cloudfront
cache-tag: F-5862207449,P-3400937,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 6658
x-amz-id-2: K7xQh+hiUmeIV63cJqWlJNf3eonZaLUEYmjVL81B7WXe3Hw7/usRnkXxWUiKh4eDsCn8rDYdAaA=
last-modified: Fri, 08 Jun 2018 19:07:22 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YirC4sUidaLkSNpJQei0PVpyuGtAOHRLYnML%2BetuBpDgM6bLl7TxraKgutn5rabUH4AM58NPJVlWFdesxEdblR%2BnDVnpuz4PgqFDQicbkZSWJFF1IgfZ3iU0%2BnITx485mDQytWX5LA%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8bb13fdf8eee36c5-YYZ
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: vnkn3XEI6j5qkfnVdAZ-g14N0bQ3OxTnHFDdTwLcQCnEhC9X1XF2fw==

GET
H3 200 HMN_082724_Camu_Report.jpg
www.humansecurity.com/hubfs/ 71 KB
73 KB 59ms
58ms Image
image/webp 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.humansecurity.com/hubfs/HMN_082724_Camu_Report.jpg

Requested by

Host: www.humansecurity.com
URL: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c782a3315b0801514925ec9113dbe28aed301b31bc2d5c592f71fe1f24b3e37

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-176829729059,P-3400937,FLS-ALL
age: 49869
x-amz-request-id: 9TN3NK8EKVA6VYNT
x-amz-server-side-encryption: AES256
edge-cache-tag: F-176829729059,P-3400937,FLS-ALL
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="HMN_082724_Camu_Report.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-meta-access-tag: public-indexable
cf-bgj: imgq:85,h2pri
etag: "dfd64b8586d006866843f78eecfbff27"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1724785606156
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 30 Aug 2024 02:11:19 GMT
strict-transport-security: max-age=31536000
via: 1.1 4ddbb91d7e6add1e8f16518c4898b310.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: .4Dd6I8hD.2HD6GMzOjO_5TDxrsUwnT3
x-amz-cf-pop: ORD58-P2
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=351092
x-cache: Miss from cloudfront
cache-tag: F-176829729059,P-3400937,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 72850
x-amz-id-2: oIxsBLh8BkP+DzGJ9c5jJFFFpSsNorZzH3JEGXNVCbXs+4NTJPzse+IoXHXpeAgAQ8Ke581G7R0=
last-modified: Tue, 27 Aug 2024 19:06:47 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7ZkmnyCWCQXaPI%2BT9l7NEWImCnBQKrkldXD80pR6SYp2cKPdDBSZzCpdncqkXiiYDGBaLFsl3k8IRwSg3%2B0GlZGw0LV7gOQ%2FSfs4Y%2FmSp8OT6BQVVGs6jQaUWRP0frEOvybyRotwIw%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8bb13fdf8eef36c5-YYZ
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: wgloZSzT3q52Shfpr5vXS67CC8FkZNeUYlikMeFhUjTHVa2bWfQ83A==

GET
H2 200 embed.js Show response
static.hsappstatic.net/content-cwv-embed/static-1.971/ 13 KB
5 KB 278ms
83ms Script
application/javascript 2606:4700::6811:ac5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/content-cwv-embed/static-1.971/embed.js

Requested by

Host: www.humansecurity.com
URL: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:ac5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98dfeb1d061e8788b320a130a84723813efed0b2518921f30b40cc8a09bf8ecf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 02:11:20 GMT
x-amz-version-id: 1gm1MaaLzWiIBc2FerIVtLdckhSMSaY7
content-encoding: gzip
cf-cache-status: HIT
via: 1.1 134f499632d1e15750219cb766bdc50c.cloudfront.net (CloudFront)
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: JFK50-P3
age: 2381927
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 05 Jun 2024 15:05:39 GMT
server: cloudflare
etag: W/"26c40482b55a607cd44486a2958741d4"
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bc%2BtirCEMhCVhQoaDptHTNEdPEjJnMtJHJwUypMePzy8U8rZIjFAqmkY1s0XNyqS3XMz%2FYZESNll6%2FTvBu%2FhDLhwmdX1N13DvUuMDV%2BFIYavF824FGSJ1ApgGSm17wtKdn6RCD93WWGYJhr0Jkvcah6b5LI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8bb13fe1efbfa322-YUL
x-amz-cf-id: fqAPCMeqLoMkrxRJevhbMo06l-AcAnhcxd1s1ByYBAycDcbzAp5vzQ==
expires: Sat, 30 Aug 2025 02:11:19 GMT

GET
H3 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 87 KB
28 KB 260ms
66ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: www.humansecurity.com
URL: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 02:11:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3147875
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27938
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "603e8adc-15d9d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EwOmv3jiITkK0Zxhas%2FiG%2Fc4cbTwJUvJFqpFA0xx39NIix8wga%2BzxiO5BBuzbz0Mnc3rxdvKdRvyrwdR6Fm%2F7IUtJx3DLi4%2FQLy4p1TXk40lc9jCHVDEdfNbRt2Aswjk6uUAhymk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8bb13fe17f21ac9a-YYZ
expires: Wed, 20 Aug 2025 02:11:19 GMT

GET
H3 200 3400937.js Show response
www.humansecurity.com/hs/scriptloader/ 1 KB
1 KB 176ms
171ms Script
application/javascript 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.humansecurity.com/hs/scriptloader/3400937.js

Requested by

Host: www.humansecurity.com
URL: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d17bf625f9239f54a3960193a42a07053d7910ca7e755de801ff1a7de74d460

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 02:11:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 78212e8c-7f81-478a-ac03-77be4515ba4b
content-security-policy: upgrade-insecure-requests
x-envoy-upstream-service-time: 16
alt-svc: h3=":443"; ma=86400
content-length: 602
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 78212e8c-7f81-478a-ac03-77be4515ba4b
last-modified: Fri, 30 Aug 2024 02:11:19 GMT
server: cloudflare
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.humansecurity.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-58bbf9c46c-mcrfw
cache-control: public, max-age=90
access-control-allow-credentials: true
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z3NpGPZfUJYvhEWsX8xXW4%2BCUvzYHWua3eph9NdzQTS1AmKdL8bMR9i7PV6fIFgH4JX99%2BNhOW%2Fw9uRm4sgdIXgAMjUs7n3oDmT%2BqY%2BE9jLENPNo4n%2BmxSYTxiXFVqWHE%2FBY%2BUqJOA%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8bb13fe0d81a36c5-YYZ
expires: Fri, 30 Aug 2024 02:12:49 GMT

GET
H3 200 index.js Show response
www.humansecurity.com/hs/hsstatic/HubspotToolsMenu/static-1.354/js/ 12 KB
5 KB 174ms
169ms Script
application/javascript 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.humansecurity.com/hs/hsstatic/HubspotToolsMenu/static-1.354/js/index.js

Requested by

Host: www.humansecurity.com
URL: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

42c7e51d284cd7256caf3bfebf641141876657ea0d6e5588ac7e69dce1e9cf7e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 02:11:19 GMT
content-encoding: gzip
via: 1.1 0f91ed4829273f42446b794a1f7e6414.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
age: 629599
x-amz-cf-pop: YUL62-P1
x-amz-server-side-encryption: AES256
content-security-policy: upgrade-insecure-requests
x-cache: Miss from cloudfront
x-amz-version-id: O3iI8Pl3bd7LIBbSsE98q3XHW8vfw5hp
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 21 Aug 2024 20:24:20 GMT
server: cloudflare
etag: W/"3ef0deda0631561665e95645daf500a2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hcRKtuQqPnMQvZd2zJ17avpHweJJtcSsi6TRZ4GtAKi9Q3Yr9XECZ7A3%2B4xkCBP67f84m9XvPom86L8Qkw6XNWVd4j9J%2BTgLq0IsCwQ7GcBjqZeGSOvtl1TFUanZRLkj9mVBXMO%2FrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8bb13fe0d81b36c5-YYZ
x-amz-cf-id: aldSjBz6gOVdfJbqboD7xnUaS0SRvO0-Ym-mgxv0wtepfxMDzsVsLg==
expires: Sat, 30 Aug 2025 02:11:19 GMT

GET
H3 200 prism.min.js Show response
www.humansecurity.com/hs-fs/hub/3400937/hub_generated/template_assets/91065958246/1693233184177/humansecurity-hs/assets/js/dist/ 21 KB
8 KB 171ms
167ms Script
application/javascript 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.humansecurity.com/hs-fs/hub/3400937/hub_generated/template_assets/91065958246/1693233184177/humansecurity-hs/assets/js/dist/prism.min.js

Requested by

Host: www.humansecurity.com
URL: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

439042e0204db71db38bb4cbe130c3e520d35a14c2d9f65200308eaf1886eb64

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: P7W4WA185SVKR45B
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"e04540ffd56a0772a80fe4364a8bf233"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1693233184509
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 30 Aug 2024 02:11:19 GMT
strict-transport-security: max-age=31536000
via: 1.1 c6b0d1d85b2590c57ac754bf9e61944e.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: zkFy2U0v.jSQC8vEXzv06RDRCJ.ugkoT
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: e41d1350-a9c2-4028-957e-1943ed095826
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 172
alt-svc: h3=":443"; ma=86400
x-amz-id-2: qQ2AP58W2AJOYF+Jfb5+Y4LVvtwTvCkI0gu9f78w/GGAwmmZ5mBzb4DImxPt1LDbUZjfAnm9XJRoYkRJ0AJk9o9iFTY6pk4m
x-evy-trace-route-configuration: listener_https/all
x-request-id: e41d1350-a9c2-4028-957e-1943ed095826
last-modified: Mon, 28 Aug 2023 14:33:05 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nli5PWcnYq7YMYHZ5a7POcCdhQmXrOV1pjKMxJEzKJ6Ou1KUGM293%2FQ3RpUWTh3UtX3CcuWx3OwbciXWZdzprICrfo8arkTg36ndVZKHiOBF4tobADniG8CrmzEG673U%2FOPpSHsFhA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-656644bdb-x5qbk
access-control-allow-credentials: false
cf-ray: 8bb13fe0d81c36c5-YYZ
timing-allow-origin: www.humansecurity.com
x-amz-cf-id: R4Vswjr6kig5b80cSQ7cJsKV8i_T3toOaNOaN5pjXHeKsIV1CIp_Eg==

GET
H3 200 lightbox-combo.min.css
www.humansecurity.com/hs-fs/hub/3400937/hub_generated/template_assets/115307516677/1698698455711/humansecurity-hs/punch/assets/css/dist/ 8 KB
4 KB 75ms
73ms Stylesheet
text/css 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.humansecurity.com/hs-fs/hub/3400937/hub_generated/template_assets/115307516677/1698698455711/humansecurity-hs/punch/assets/css/dist/lightbox-combo.min.css

Requested by

Host: www.humansecurity.com
URL: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

671367c3c0e84517f31e61945cd9ba416f89eb653dbc3c4d1828518ef5c627e7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-amz-request-id: TZ131Y0FQ4GM0G8T
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"3d743ab0a1949bb9ac17908aa63faff8"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1698698456389
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 30 Aug 2024 02:11:19 GMT
via: 1.1 7b32163caf7e91fe96df7bbeaa58c0f8.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-amz-version-id: ELy4NSaJEl78PQk9TJ5aF_svDOrYHxB1
x-cache: RefreshHit from cloudfront
x-hubspot-correlation-id: 6bd81934-ff69-4775-ab57-84e41278d41b
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 175
alt-svc: h3=":443"; ma=86400
x-amz-id-2: /FPrAIdWYZ8JumBoXN0B+J+rP4HxiwX0BT+WRUTXI3RN1xH4ThgTt+jvFBH5w33hhByGBzTxK6k=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 6bd81934-ff69-4775-ab57-84e41278d41b
last-modified: Mon, 30 Oct 2023 20:40:57 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r%2Bpeo3Oq%2BePeZ4%2BZxZdJW%2BjTFQxxkpsAgwq%2BJ7nTkpPTUUnH0Sv353d50ra%2Fxp2LQi1Hv9II81Qa%2FyfB79xzAsNAQ37ITZV2TXXuUZUJD2SXe9K%2F0sOECnmGJCq7yZh9iJuD%2BAQH%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-7849459c5c-nnksg
access-control-allow-credentials: false
cf-ray: 8bb13fe07fca36c5-YYZ
timing-allow-origin: www.humansecurity.com
x-amz-cf-id: uULPQqs0T37qdJrYjdy9OZxIPbj09nVrtO2eAEYd3TDGl5m2DKwJVw==

GET
H3 200 bulma-grid.min.css
www.humansecurity.com/hs-fs/hub/3400937/hub_generated/template_assets/63656841263/1698698444648/humansecurity-hs/punch/assets/css/dist/ 26 KB
5 KB 186ms
173ms Stylesheet
text/css 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.humansecurity.com/hs-fs/hub/3400937/hub_generated/template_assets/63656841263/1698698444648/humansecurity-hs/punch/assets/css/dist/bulma-grid.min.css

Requested by

Host: www.humansecurity.com
URL: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

78142c1a0831423d3fee5308b442b24659445ac8d7c34b92bde6624cc012f4e8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-amz-request-id: J15MZDJKG4GVCX58
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"7e59b5a4545779f41e2037e047741bac"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1698698445418
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 30 Aug 2024 02:11:19 GMT
via: 1.1 50f5f6b4e0025748bb74dce1db44c750.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-amz-version-id: 9qYDnhWep0M62FVMJnv5CyhdEIgIEl8a
x-cache: RefreshHit from cloudfront
x-hubspot-correlation-id: b322451d-a349-46bc-b46b-6c499c148d6c
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 200
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 1iCI7nRIw7bDtB9O9CpteMHzIkET8qf5L/+yvo21lFHH5JMuU3xv9WPimXc2y04sz6XmhMagDQU=
x-evy-trace-route-configuration: listener_https/all
x-request-id: b322451d-a349-46bc-b46b-6c499c148d6c
last-modified: Mon, 30 Oct 2023 20:40:46 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HqOg5xBZzqk1WOlHGaJWY5kNaP%2FBT5vcBsn7yHFeyOIo3FFVNCT1nFB3ZLj%2FO0nxY8cWGR5P8GLPYG%2FFuCVhT0G7uYB9KzZ427sBhnnYne%2FTrDae5GfK8Rrw7iSHfjTL4E8vpeoPrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-7849459c5c-b2s92
access-control-allow-credentials: false
cf-ray: 8bb13fe0c80b36c5-YYZ
timing-allow-origin: www.humansecurity.com
x-amz-cf-id: nN0TzMumlywkhBvpl9OHBk5jjIG5HnpztOFX57WPBOyByUutMKiu9Q==

GET
H3 200 flickity.min.css
www.humansecurity.com/hs-fs/hub/3400937/hub_generated/template_assets/63656841264/1698698444616/humansecurity-hs/punch/assets/css/dist/ 2 KB
2 KB 187ms
170ms Stylesheet
text/css 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.humansecurity.com/hs-fs/hub/3400937/hub_generated/template_assets/63656841264/1698698444616/humansecurity-hs/punch/assets/css/dist/flickity.min.css

Requested by

Host: www.humansecurity.com
URL: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

27d001801da9af0f66dfdc4b42a2a22ef3c91682ec36157d1e38c9c75e16bef6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-amz-request-id: 6FFABPWY980JTA6G
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"b75662d6f54e7a5c27d147376632748f"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1698698445246
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 30 Aug 2024 02:11:19 GMT
via: 1.1 6b7e1e42d74fd61097787cc6c1a37c34.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-amz-version-id: Nbji9Bjxg49HIGnuSoWxjDbh9B0ruDRH
x-cache: RefreshHit from cloudfront
x-hubspot-correlation-id: 7e3cd374-5935-4281-b17f-c51d69721341
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 174
alt-svc: h3=":443"; ma=86400
x-amz-id-2: B4UE68yqdkYNMUhMn+CwpXa1Egm2NfhzgDyGp9i2OA6oACvs+1v73Dv22kSsW2s/xg/RMDfttmE=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 7e3cd374-5935-4281-b17f-c51d69721341
last-modified: Mon, 30 Oct 2023 20:40:46 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kFE%2FNrNcDfwK7AB4%2FqZpPuPKGbFOBJoAzz7KQae5gnMnPkw2P9%2B4jSyr%2B0%2BwEUxCnyWGAdlm0NmQgkYTOFotX029m6oCkiGX9FdHC9bWkpoxMVJLJsCre05%2Bi61KP2QJ7kCajuny9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-7849459c5c-ffn2h
access-control-allow-credentials: false
cf-ray: 8bb13fe0d81136c5-YYZ
timing-allow-origin: www.humansecurity.com
x-amz-cf-id: tN0LdAWvFPzhBFUQtaxvDEs_v0vCZyBgi5KdYasbAvE3PhbDft-nOg==

GET
H3 200 custom.min.css
www.humansecurity.com/hs-fs/hub/3400937/hub_generated/template_assets/115450692019/1698698457814/humansecurity-hs/assets/css/dist/ 0
1 KB 189ms
171ms Stylesheet
text/css 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.humansecurity.com/hs-fs/hub/3400937/hub_generated/template_assets/115450692019/1698698457814/humansecurity-hs/assets/css/dist/custom.min.css

Requested by

Host: www.humansecurity.com
URL: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-request-id: JMJVCSJRVYW1GX9Z
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1698698458499
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 30 Aug 2024 02:11:19 GMT
strict-transport-security: max-age=31536000
via: 1.1 148f45d892bd2198be5295012ed59888.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: yPbyfUQgByZmsXz3Bv8lGkrQvoYQGHox
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 1ebb22dd-a4fc-4261-8e44-1f65e14f8f27
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 177
alt-svc: h3=":443"; ma=86400
content-length: 0
x-amz-id-2: nHy8UArMJXsXdK8EG0irBQ0JggRhUkzAfQ3hYjomcvkEuE9szfbt8HWs+V/3Df0i4ssPzpU/Ono=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 1ebb22dd-a4fc-4261-8e44-1f65e14f8f27
last-modified: Mon, 30 Oct 2023 20:40:59 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F%2BkUazoicsvbRwsB3ALahOEDx4CveAURY%2B8p3J8pmqty8UYPWxVxO5EdraBbsoUECTyXwhfhQ0BoVNF7n2VmY8DYWVonN0owPiY7TMrE6WkOsWSUpJsNl8UwzdT33YOQQ9%2FedKCzqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-656644bdb-tjdnr
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 8bb13fe0d81336c5-YYZ
timing-allow-origin: www.humansecurity.com
x-amz-cf-id: HCZ37gVHgG3O6TYR8wfwFmL-rNmDcBgEhaBUETaFJvFiTxw5r2T1mA==

GET
H3 200 lazy-loading.min.js Show response
www.humansecurity.com/hs-fs/hub/3400937/hub_generated/template_assets/115307132989/1698698445616/humansecurity-hs/punch/assets/js/ 3 KB
3 KB 186ms
169ms Script
application/javascript 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.humansecurity.com/hs-fs/hub/3400937/hub_generated/template_assets/115307132989/1698698445616/humansecurity-hs/punch/assets/js/lazy-loading.min.js

Requested by

Host: www.humansecurity.com
URL: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0d54140c9e5b41f4f5f8fd5583a8ae657452e2bec968966ab70c26d5ae77719

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
age: 1165
x-amz-request-id: JMJPV9D1CQYNZEJ8
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"4bad0a4c32f8ed6cc9ae26f79403ba1d"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1698698445767
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 30 Aug 2024 02:11:19 GMT
strict-transport-security: max-age=31536000
via: 1.1 936f33bed45438343f0ef2adff442814.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: Yf5CV0qo3j47sw1HNl1JCGV8Teo7T9N0
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 459f6b4d-725e-427d-bef2-70609a51faa8
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 229
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 7bUv83GM2YQwk2AVt8qivso62eMiq2RRKXfHPJ+9c/4AN5amylDE6EEyvT01JAGVx7iMSZhW1F4=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 459f6b4d-725e-427d-bef2-70609a51faa8
last-modified: Mon, 30 Oct 2023 20:40:46 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Utpck%2BwhOjEW421%2BI1Yi%2BJf1oCIK%2B%2FU%2FlEhKRIK7J%2BZM5F1DTxv%2Fn107%2Bzx6rmukJpizNfSXkhxdVhOgL2NLQNJHVuLk3ggArGgmOINReiSPUCbIof2VyCyzBQh%2BG5aXPKEFIKFgLg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-656644bdb-x5qbk
access-control-allow-credentials: false
cf-ray: 8bb13fe0d81536c5-YYZ
timing-allow-origin: www.humansecurity.com
x-amz-cf-id: FYKZsL7z8Z3JFiG1oFnhlRQ9gxjz02mLti9_1hWMyewk7fT_0pN-Tg==

GET
H3 200 owl.carousel.min.js Show response
www.humansecurity.com/hs-fs/hub/3400937/hub_generated/template_assets/164742850616/1713364613712/humansecurity-hs/assets/js/owlcarousel/ 43 KB
13 KB 188ms
170ms Script
application/javascript 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.humansecurity.com/hs-fs/hub/3400937/hub_generated/template_assets/164742850616/1713364613712/humansecurity-hs/assets/js/owlcarousel/owl.carousel.min.js

Requested by

Host: www.humansecurity.com
URL: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
age: 1165
x-amz-request-id: JV4CDCAVB6Z3P5ER
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"f416f9031fef25ae25ba9756e3eb6978"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1713364613712
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 30 Aug 2024 02:11:19 GMT
strict-transport-security: max-age=31536000
via: 1.1 ee9b452ef78932123abe17295c8c65be.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: YXST8RJs5KZFT1MFRhfRhJxx14M2tAc1
x-amz-cf-pop: IAD61-P2
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: c39598bf-e9d4-4074-a353-13581418732e
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 162
alt-svc: h3=":443"; ma=86400
x-amz-id-2: JtAM1oryMCrgcBOgTicQ//yYq57Qh8l9nX4GoyTDKPqi28DiQmkdM1MbKAZD8Rds4j63At6L4oI=
x-evy-trace-route-configuration: listener_https/all
x-request-id: c39598bf-e9d4-4074-a353-13581418732e
last-modified: Wed, 17 Apr 2024 14:36:54 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2dcpFTtdtkgsJI2o9l5pUrQYUiF59KAYGtcW1SJh9GNHfsExtaS8bETeU6O7w8uvl%2B0%2Bwb0anpu5JWC5noiU5q%2BoLgoWsNpNcc%2BKWc3HcD%2F%2BtwUXGyeei7kGCeWk%2BLEtAUiiiadblw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-656644bdb-jn7vt
access-control-allow-credentials: false
cf-ray: 8bb13fe0d81736c5-YYZ
timing-allow-origin: www.humansecurity.com
x-amz-cf-id: 8hEFThOQFEmwzHYh9YprKIGY6QjrS9SGqTxk2aiZyRX-u5dbQZiCgQ==

GET
H3 200 frontend.min.js Show response
www.humansecurity.com/hs-fs/hub/3400937/hub_generated/template_assets/63656674711/1698698447070/humansecurity-hs/punch/assets/js/ 7 KB
4 KB 170ms
167ms Script
application/javascript 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.humansecurity.com/hs-fs/hub/3400937/hub_generated/template_assets/63656674711/1698698447070/humansecurity-hs/punch/assets/js/frontend.min.js

Requested by

Host: www.humansecurity.com
URL: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd5e60442181c68a2711c4a407db551e51e0af167f16b86775ceb7e56679a045

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
age: 1165
x-amz-request-id: E8DHH2DZ85ATAQAD
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"a4f49c0d3a6711894e9c55d1c0c7de21"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1698698447313
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 30 Aug 2024 02:11:19 GMT
strict-transport-security: max-age=31536000
via: 1.1 c6b0d1d85b2590c57ac754bf9e61944e.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 9kHHRG.4lQ.A7FuJiqDBrnDLMH9bi.w1
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: f10daa55-b2df-469c-a170-d05370996216
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 188
alt-svc: h3=":443"; ma=86400
x-amz-id-2: cIbrffKWNP1qwiNGYKqgGYMeQFSocTX0D0wBfs2Ve5uEj8q3Lx06oHbpL2ss7ub7Qyjj1Dqp/cUitMl85G1KPg==
x-evy-trace-route-configuration: listener_https/all
x-request-id: f10daa55-b2df-469c-a170-d05370996216
last-modified: Mon, 30 Oct 2023 20:40:48 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j%2BzxNA9OpRWZa4Oaedt4kADgT8hEQ%2Ff%2BkYekrVY1zQ1TGZ4rUP6tH21pIK2rTC%2B0o%2BK80BkCBa3LquV%2FxKcYPZvh0wlBeE6YmOB8L%2B3Sv%2F1BCQbstVXDmBwTCcajoF9ABOPfE9uPAA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-656644bdb-tjdnr
access-control-allow-credentials: false
cf-ray: 8bb13fe0d81d36c5-YYZ
timing-allow-origin: www.humansecurity.com
x-amz-cf-id: X3W-DqHE06ckRN1KOlE3ylwzrHCgxYJ7KEjcd7NNKBhEPvtVrHkerQ==

GET
H3 200 main.min.js Show response
www.humansecurity.com/hs-fs/hub/3400937/hub_generated/template_assets/63463820292/1701277809330/humansecurity-hs/assets/js/ 5 KB
3 KB 188ms
171ms Script
application/javascript 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.humansecurity.com/hs-fs/hub/3400937/hub_generated/template_assets/63463820292/1701277809330/humansecurity-hs/assets/js/main.min.js

Requested by

Host: www.humansecurity.com
URL: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d651066ec06c641549632f4776b2cdbf638ca0786adf1c58f44a2728daed9b00

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
age: 1165
x-amz-request-id: JMJPTVVQ4XQ1DA38
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"685174d68af17bd7d0e6a28ceb5be545"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1701277809525
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 30 Aug 2024 02:11:19 GMT
strict-transport-security: max-age=31536000
via: 1.1 7c4bbd97f5be908e33f403c3794f629a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: vY8wV06NgfCiTijo9TsZU9.WhSQoNj73
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 5f0108ff-9694-4a69-bc9d-593e3fec5140
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 257
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 37tSop7bplhdwAOY7u7kT2dzPRF2LLBfVUXV1FpzsyzXr+2ea/8z00lXgxR8sYW3ZlF1Et8MRMo=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 5f0108ff-9694-4a69-bc9d-593e3fec5140
last-modified: Wed, 29 Nov 2023 17:10:10 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jznaPjhAbNAV9MuIOBWNYYBnAAngiMWuLbU3e3Ey%2BxZt01KnRYjEPR1IX0AtRMmD4B7qhg3i85EOlkkZ6SXTDdmd2kl2O2e8WXfwQsD5qXM1AFvr%2FmpqyGFt0WHTXGT7aNK4i45BVw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-656644bdb-ts7f8
access-control-allow-credentials: false
cf-ray: 8bb13fe0d81836c5-YYZ
timing-allow-origin: www.humansecurity.com
x-amz-cf-id: sDN7dqMSBSIcDD-QB888Ehyoxz3jYikP-Hu6BSlGrEbR9lnnKlE5DA==

GET
H2 200 bat.js Show response
bat.bing.com/ 49 KB
14 KB 262ms
79ms Script
application/javascript 2620:1ec:33:3::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.humansecurity.com
URL: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:3::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Fri, 30 Aug 2024 02:11:19 GMT
last-modified: Sat, 13 Jul 2024 20:42:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AD86D7B594794080AAC19EFB84F13E62 Ref B: BL2AA2010201021 Ref C: 2024-08-30T02:11:19Z
etag: "044982565d5da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 14183

GET
H3 200 zi-tag.js Show response
js.zi-scripts.com/ 9 KB
3 KB 213ms
98ms Script
application/javascript 104.18.37.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/zi-tag.js
Requested by: Host: www.humansecurity.com
URL: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.37.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e779904e434d50e426e79dfac680cdb8a04564e67121c257974278a02979e407

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 02:11:19 GMT
x-amz-version-id: PTl7rnF_EEhUwyN5J882FhdYw1E0brGf
content-encoding: gzip
cf-cache-status: DYNAMIC
via: 1.1 fdced9a893123e4285bf6f674dce492c.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-C2
age: 25465
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 18 Jul 2024 08:13:46 GMT
server: cloudflare
etag: W/"b2877da906a3216c4f3fc4030b205e54"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 8bb13fe1defdab4c-YYZ
x-amz-cf-id: 5LHePqQCYj9YKV1xQUW-FFOIUfvDx5vziZQZoF_Z64ZatR0jxebPiQ==

GET
H3

200

landing
googleads.g.doubleclick.net/pagead/
Redirect Chain

https://www.google.com/pagead/landing?gcs=G1--&gcd=13l3l3l3l5l1&tag_exp=0&rnd=899758141.1724983880&url=https%3A%2F%2Fwww.humansecurity.com%2Flearn%2Fblog%2Fsatori-threat-intelligence-alert-camu-cas...
https://googleads.g.doubleclick.net/pagead/landing?gcs=G1--&gcd=13l3l3l3l5l1&tag_exp=0&rnd=899758141.1724983880&url=https%3A%2F%2Fwww.humansecurity.com%2Flearn%2Fblog%2Fsatori-threat-intelligence-a...

42 B
65 B

125ms
52ms

Ping
image/gif

142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/landing?gcs=G1--&gcd=13l3l3l3l5l1&tag_exp=0&rnd=899758141.1724983880&url=https%3A%2F%2Fwww.humansecurity.com%2Flearn%2Fblog%2Fsatori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content&dma=0&npa=0&gtm=45He48s0n81KVP42DDv830094232za200&auid=2028744126.1724983880

Requested by

Host: www.humansecurity.com
URL: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content

Protocol

Server

142.250.65.162 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Aug 2024 02:11:20 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 30 Aug 2024 02:11:20 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://googleads.g.doubleclick.net/pagead/landing?gcs=G1--&gcd=13l3l3l3l5l1&tag_exp=0&rnd=899758141.1724983880&url=https%3A%2F%2Fwww.humansecurity.com%2Flearn%2Fblog%2Fsatori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content&dma=0&npa=0&gtm=45He48s0n81KVP42DDv830094232za200&auid=2028744126.1724983880
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 317 KB
105 KB 125ms
85ms Script
application/javascript 2607:f8b0:4006:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-59DHKRCY6M&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KVP42DD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

12c370f85bda4027f79b47c3aaf3d3afe65b46c57e3085a4c7c2039c7c43f2ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 02:11:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 107678
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 30 Aug 2024 02:11:20 GMT

GET
H2 200 6si.min.js Show response
j.6sc.co/ 68 KB
19 KB 180ms
34ms Script
application/javascript 23.34.59.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: www.humansecurity.com
URL: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.33 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-33.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

e08bbd8d11326289feff5496edc2ee3d0d7e905fe69ad7612a63dcd6bc6e8313

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 02:11:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 06 Aug 2024 18:33:23 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "66b26c73-10ff6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, proxy-revalidate, max-age=10800
accept-ranges: bytes
content-length: 18711
expires: Fri, 30 Aug 2024 05:11:20 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 171ms
42ms Script
text/javascript 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KVP42DD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 30 Aug 2024 02:06:04 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 316
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 30 Aug 2024 04:06:04 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 275 KB
94 KB 120ms
91ms Script
application/javascript 2607:f8b0:4006:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-878225418&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KVP42DD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5ce047ebac8ba3b04f3341691999523778cc095072177b18b0d5757549eb48b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 02:11:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 96178
x-xss-protection: 0
last-modified: Fri, 30 Aug 2024 00:29:41 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 30 Aug 2024 02:11:20 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 40 KB
14 KB 171ms
37ms Script
application/javascript 2600:141b:1c00:6::17df:d149
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KVP42DD

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:6::17df:d149 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4e8276aea0a3c7fe3600e6718c7f484d49c347c8d5763d89be95900d526a14da

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 02:11:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Aug 2024 11:06:54 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=33543
accept-ranges: bytes
content-length: 14628

GET
H2 200 hotjar-3389720.js Show response
static.hotjar.com/c/ 11 KB
5 KB 242ms
122ms Script
application/javascript 108.138.106.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3389720.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KVP42DD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.106.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-106-49.jfk50.r.cloudfront.net

Software

Resource Hash

c26663b888f586b079e5616b36f24f3b3294788e3775d3999b0f2e708c38d4ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Fri, 30 Aug 2024 02:11:20 GMT
via: 1.1 2301ef513d768666e30ce282b9045098.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P3
etag: W/466b8dd265a20e26d6d292c69f4dcf69
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: cinzsaJKBQzh2JixmAO5RKdL5RupJsADBEbVyzohc6CA71eHaQr1oQ==

GET
H2 200 5210.js Show response
tracking.g2crowd.com/attribution_tracking/conversions/ 2 KB
2 KB 329ms
185ms Script
text/javascript 2606:4700::6812:1eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.g2crowd.com/attribution_tracking/conversions/5210.js?p=https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content&e=

Requested by

Host: www.humansecurity.com
URL: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1eb0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90b5415c9893465d50440ac444e50f05c0b5698540c0349b1a820330240b5faa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 02:11:20 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
content-disposition: inline
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
cross-origin-opener-policy: same-origin
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
origin-agent-cluster: ?1
cf-ray: 8bb13fe2e991a269-YUL

GET
H2 200 sl.js Show response
scout-cdn.salesloft.com/ 6 KB
3 KB 125ms
31ms Script
application/javascript 2606:4700::6810:4869
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://scout-cdn.salesloft.com/sl.js

Requested by

Host: www.humansecurity.com
URL: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:4869 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a007af67f716c30c8848ab0ad0bfaab8a5fcf3e36dedf918b59c9429d522440

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 02:11:20 GMT
x-amz-version-id: 6anzvBQcvmaBDc8BSO9zI6Th.IIiwArc
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-request-id: DHRTVQ2YDD31VRYY
age: 3626
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 42SI4QpWusuS2M3Ispb8IwWi3WjkuLfNz6n2N8zugkZ5yNzAuflQc1xZVy0FBT91Ttw4gzXcSWkic4HtfxCSvuUDlDpN6WSQ
last-modified: Mon, 13 Dec 2021 16:28:37 GMT
server: cloudflare
etag: W/"d74cc4825c8e333b2116da3fcc649db1"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 8bb13fe2fe40a304-YUL
expires: Fri, 30 Aug 2024 06:11:20 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 154ms
27ms Script
application/x-javascript 23.204.6.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.humansecurity.com
URL: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.204.6.193 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-204-6-193.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Fri, 30 Aug 2024 02:11:20 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 729

GET
H2 200 main.min.js Show response
client.px-cloud.net/PXxDhGmtcm/ 166 KB
69 KB 252ms
157ms Script
application/javascript 2600:141b:1c00:30::1739:5a6a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://client.px-cloud.net/PXxDhGmtcm/main.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KVP42DD
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:30::1739:5a6a Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 37fe7ca00c03c71ca015a5c1d197aa6b539d42f01e2848d2b61c2d7532b9ad87

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 02:11:20 GMT
content-encoding: gzip
last-modified: Fri, 30 Aug 2024 02:06:29 GMT
server: UploadServer
etag: "8404668a1e98ff7652e4a2a79d78c154"
active-cdn: Akamai
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: active-cdn,x-served-by,Akamai-Request-BC
cache-control: max-age=600
x-goog-stored-content-length: 70792
accept-ranges: bytes
expires: Fri, 30 Aug 2024 02:21:20 GMT

GET
DATA 200
OK truncated
/ 381 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 201b591d8778f953b5cde276d197d939dbc151d21e948d0e91d8869901f9eeb8

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 200 Single-Post-Hero-Bg@1x.jpg
www.humansecurity.com/hubfs/Website%20Assets/Backgrounds/ 15 KB
17 KB 100ms
92ms Image
image/webp 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.humansecurity.com/hubfs/Website%20Assets/Backgrounds/Single-Post-Hero-Bg@1x.jpg

Requested by

Host: www.humansecurity.com
URL: https://www.humansecurity.com/hs-fs/hub/3400937/hub_generated/template_assets/115451707707/1709753002216/humansecurity-hs/assets/css/single-common.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b84398de46283985db9507da817ab6fd1c66687b7b9f6d1bf3e0de29bc2b3e28

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.humansecurity.com/hs-fs/hub/3400937/hub_generated/template_assets/115451707707/1709753002216/humansecurity-hs/assets/css/single-common.min.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-115446220894,FD-65670907291,P-3400937,FLS-ALL
age: 1459536
x-amz-request-id: 7M4S2GJQPQ14W9KK
x-amz-server-side-encryption: AES256
edge-cache-tag: F-115446220894,FD-65670907291,P-3400937,FLS-ALL
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="Single-Post-Hero-Bg@1x.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
etag: "dd6b6465df335a37717da6c525533fc1"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1684015842832
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 30 Aug 2024 02:11:20 GMT
strict-transport-security: max-age=31536000
via: 1.1 b9608c5d714fa42feebf61497cac7bd4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: CdDX03HZKu6sllEw2p2ZvE8w0miVHEku
x-amz-cf-pop: YUL62-P2
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=34092
x-cache: Miss from cloudfront
cache-tag: F-115446220894,FD-65670907291,P-3400937,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 15628
x-amz-id-2: tS4SyoG2UBoxLbfGxp/BEsYScWkPGtvHjTutdGBsgVOYOnXLdlFlgMdO6LsAcCFdB10vTldvaHs=
last-modified: Sat, 13 May 2023 22:10:43 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3WHBondtOHKeV%2BkCXcK4pukr23qZ0gez7kB0fEulAzf%2BnFHSRORYTpAYpx%2Ffq9xf3lO9rZrKuzAIfJ%2FLIE5QuxCcOdtEykG9x2GGuiEwCue1NFWPMltE%2Fp8DlCzG5qp8Fmo4X6nboQ%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8bb13fe1e91236c5-YYZ
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: 3B9FlBdHU6_suw3iVJIx-0x95Sn7Jsg_opNUfeKLR-nI0-4NTivGHQ==

GET
H2 200 7cHqv4kjgoGqM7E3t-4s51os.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
21 KB 179ms
63ms Font
font/woff2 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3t-4s51os.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow+Condensed:wght@300;400;500;600;700;800&family=Barlow:wght@300;400;500;600;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.humansecurity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 17:49:56 GMT
x-content-type-options: nosniff
age: 548484
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21724
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:29:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Aug 2025 17:49:56 GMT

GET
H2 200 HTxwL3I-JCGChYJ8VI-L6OO_au7B46r2z3bWuQ.woff2
fonts.gstatic.com/s/barlowcondensed/v12/ 21 KB
21 KB 195ms
81ms Font
font/woff2 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlowcondensed/v12/HTxwL3I-JCGChYJ8VI-L6OO_au7B46r2z3bWuQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow+Condensed:wght@300;400;500;600;700;800&family=Barlow:wght@300;400;500;600;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8320299532b4b81498d5b3714d49c9d5938883b55f4c2a1efe6f105bf4a942bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.humansecurity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 22:39:56 GMT
x-content-type-options: nosniff
age: 12684
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21440
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:46:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Aug 2025 22:39:56 GMT

GET
H2 200 7cHpv4kjgoGqM7E_DMs5.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
21 KB 162ms
47ms Font
font/woff2 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHpv4kjgoGqM7E_DMs5.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow+Condensed:wght@300;400;500;600;700;800&family=Barlow:wght@300;400;500;600;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.humansecurity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 28 Aug 2024 18:06:57 GMT
x-content-type-options: nosniff
age: 115463
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21144
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:43:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Aug 2025 18:06:57 GMT

GET
H2 200 7cHqv4kjgoGqM7E3_-gs51os.woff2
fonts.gstatic.com/s/barlow/v12/ 20 KB
21 KB 145ms
31ms Font
font/woff2 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3_-gs51os.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow+Condensed:wght@300;400;500;600;700;800&family=Barlow:wght@300;400;500;600;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c0597b1b0c771139c958982210f05b275993037f0f3ba20d7a9300a0741dc80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.humansecurity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 04:47:42 GMT
x-content-type-options: nosniff
age: 77018
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20960
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:18:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Aug 2025 04:47:42 GMT

GET
DATA 200
OK truncated
/ 11 KB
11 KB Font
font/truetype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 54a00c1f0eaaeb0537a8297cda238d8d96c0441a708ebaba46e4f473ac94e689

Request headers

Referer
Origin: https://www.humansecurity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: font/truetype;charset=utf-8

GET
H3 200 shield-1.png
www.humansecurity.com/hubfs/ 7 KB
1 KB 81ms
80ms Other
image/webp 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.humansecurity.com/hubfs/shield-1.png

Requested by

Host: www.humansecurity.com
URL: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

adfc35d72ea1d0feaa677acecd2dafad7fdda56b02a76d7f51ad1bc067c2d499

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-5862207449,P-3400937,FLS-ALL
age: 1211347
x-amz-request-id: EWP8AWFJ0ZZHSWX4
edge-cache-tag: F-5862207449,P-3400937,FLS-ALL
content-disposition: inline; filename="shield-1.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
etag: "a7f612073c41fe336a127bcdc8c85fb1"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 30 Aug 2024 02:11:20 GMT
strict-transport-security: max-age=31536000
via: 1.1 60d690eb8aefecb50f44bbe348e3804a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 9.gcTtGdad6IxMaTuMgRoNGBoTuxoK7p
x-amz-cf-pop: YUL62-P2
cf-polished: origFmt=png, origSize=12483
x-cache: Miss from cloudfront
cache-tag: F-5862207449,P-3400937,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 6658
x-amz-id-2: K7xQh+hiUmeIV63cJqWlJNf3eonZaLUEYmjVL81B7WXe3Hw7/usRnkXxWUiKh4eDsCn8rDYdAaA=
last-modified: Fri, 08 Jun 2018 19:07:22 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tvli1IFFFrSSqAG0JBXl4rCCHegGAQnj9%2FbaTe4wTNtL%2F9R3fVz800UexoyRuwRpFVJ5KEPw3ZXPQt1Q71fb0MdS%2BxliC5C1T%2FVPuaxIY4%2B92sAudPncw3w3diDqV5o2ljC1BionDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8bb13fe41b0536c5-YYZ
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: vnkn3XEI6j5qkfnVdAZ-g14N0bQ3OxTnHFDdTwLcQCnEhC9X1XF2fw==

GET
DATA 200
OK truncated
/ 378 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2fc92a4b6bcd0e8fdd8b4939e421646379410fc25266f0fb5f1abf07a843f93e

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 7cHqv4kjgoGqM7E30-8s51os.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
21 KB 30ms
28ms Font
font/woff2 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E30-8s51os.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow+Condensed:wght@300;400;500;600;700;800&family=Barlow:wght@300;400;500;600;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b14e8397d552f351a4396dec25ec5da1348865683100e94c4ab0faea4a9a254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.humansecurity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 15:54:29 GMT
x-content-type-options: nosniff
age: 555411
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21796
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:35:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Aug 2025 15:54:29 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 59ms
27ms Script
application/x-javascript 157.240.241.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.humansecurity.com
URL: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-lga3.fbcdn.net

Software

Resource Hash

a61f7c809275b59c33233e94832bbd5b16b6788fd67efa2e2fe83dbbe73cc172

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 30 Aug 2024 02:11:20 GMT
content-md5: zq0A6H5bfJ4Ofa5D7IWyHg==
document-policy: force-load-at-top
x-fb-server-load: 38
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1689
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=25, rtx=0, c=23, mss=1232, tbw=4286, tp=9, tpl=0, uplat=0, ullat=-1
x-fb-debug: 5LQswf4BNE9NuDXeC0GuY33T9ygCJOQzJyuJMJdWLeGF96K52oQ1DjS++VHpw5mj5VbTRC2Y02vexCBpFG24AQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: c3ffe71484e04442a6540faa7cb2c4b8
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "0b8ec3aa774a201d648e46eeb935cfab"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Fri, 30 Aug 2024 02:22:04 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 126ms
26ms Script
application/javascript 2606:2800:220:131d:1d30:1f1d:238b:1e56
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.humansecurity.com
URL: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyd/D146) /
Resource Hash: 173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Fri, 30 Aug 2024 02:11:20 GMT
Content-Encoding: gzip
Age: 1242
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27597
Last-Modified: Mon, 11 Dec 2023 17:20:28 GMT
Server: ECS (nyd/D146)
Etag: "824beb891744db98ccbd3a456e59e0f7+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H3 200 getSubscriptions Show response
js.zi-scripts.com/unified/v1/master/ 203 B
585 B 115ms
114ms Fetch
application/json 104.18.37.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Requested by: Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.37.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: fe20999e64ebf0bfd1a4957b60b0e79bf6b53759a955a92639d8fd2dadc9a45c

Request headers

Content-Type: application/json
Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
Authorization: Bearer a6151318a91681741142
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
visited_url: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content

Response headers

date: Fri, 30 Aug 2024 02:11:20 GMT
via: 1.1 20f9576431d2962bf870247ded502538.cloudfront.net (CloudFront)
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amz-cf-pop: YTO50-P1
x-powered-by: Express
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
apigw-requestid: dTOLbjM5vHcEM2w=
server: cloudflare
etag: W/"cb-1uzOwm2BizjUGX5YkrZbJBuuxRA"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.humansecurity.com
cf-ray: 8bb13fe6ec85abca-YYZ
x-amz-cf-id: XR_ml2au2Lthm12RezVYdgM2xxt1QA86cQ1zs0Skz8amrFXDesqIag==

OPTIONS
H3 204 getSubscriptions
js.zi-scripts.com/unified/v1/master/ Frame 0
0 153ms
117ms Preflight 104.18.37.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.37.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,visited_url
Access-Control-Request-Method: GET
Origin: https://www.humansecurity.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,X-Amp-Device-Id,X-Amp-Session-Id,visited_url,_zitok,forwarded,x-ziaccesstoken
access-control-allow-methods: POST, GET, OPTIONS, PATCH, DELETE, PUT
access-control-allow-origin: https://www.humansecurity.com
alt-svc: h3=":443"; ma=86400
apigw-requestid: dTOLajQ0vHcEPTw=
cf-cache-status: DYNAMIC
cf-ray: 8bb13fe63bdaabca-YYZ
date: Fri, 30 Aug 2024 02:11:20 GMT
server: cloudflare
vary: Origin
via: 1.1 1005873908b937da8d6e408eda0fb9e0.cloudfront.net (CloudFront)
x-amz-cf-id: ghCCJzM3gVzbJGaUNeKLGNvFhs86dZCNxr1gWjq2HZrxOpYhBuPVyw==
x-amz-cf-pop: YTO50-P1
x-cache: Miss from cloudfront
x-powered-by: Express

GET
H2 200 97050842.js Show response
bat.bing.com/p/action/ 334 B
406 B 49ms
45ms Script
application/javascript 2620:1ec:33:3::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/97050842.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:3::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c64cddc349202defdca8bcf51d8a905d5f8810cc76f08c1e6561800f1dd5708a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Fri, 30 Aug 2024 02:11:19 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E406DF29CA7D4F1891B76515298AC4A6 Ref B: BL2AA2010201021 Ref C: 2024-08-30T02:11:20Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=1800

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
212 B 41ms
38ms XHR
text/plain 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=673853905&t=pageview&_s=1&dl=https%3A%2F%2Fwww.humansecurity.com%2Flearn%2Fblog%2Fsatori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content&ul=en-ca&de=UTF-8&dt=Satori%20Threat%20Intelligence%20Alert%3A%20Camu%20cashes%20out%20ads%20on%20piracy%20content&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEABAAAAACAEK~&jid=152358455&gjid=1473494048&cid=1365157230.1724983881&tid=UA-111948466-2&_gid=296677000.1724983881&_slc=1&gtm=45He48s0n81KVP42DDv830094232za200&cd7=2024-08-29T19%3A11%3A19.924-07%3A00&cd8=616c56a7-c7ec-4afa-b6e3-d5c0a9740ec6&gcs=G1--&gcd=13l3l3l3l5l1&dma=0&tag_exp=0&cd3=1365157230.1724983881&z=741162033

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 30 Aug 2024 02:11:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.humansecurity.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
350 B 117ms
44ms XHR
text/plain 2607:f8b0:4004:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-111948466-2&cid=1365157230.1724983881&jid=152358455&gjid=1473494048&_gid=296677000.1724983881&_u=YGBAgEABAAAAAGAEK~&z=568948222

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 30 Aug 2024 02:11:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.humansecurity.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content clear.js Show response
s.cdnsynd.com/2/259353/ 0
64 B 170ms
29ms Script
text/plain 34.229.104.150
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s.cdnsynd.com/2/259353/clear.js?dt=2593531613684042609000&pd=mkt&gci=1365157230.1724983881&gtr=UA-111948466-3&gdc=1&gdb=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KVP42DD
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.229.104.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-229-104-150.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Fri, 30 Aug 2024 02:11:20 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
83 B 42ms
41ms XHR
text/plain 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=673853905&t=pageview&_s=1&dl=https%3A%2F%2Fwww.humansecurity.com%2Flearn%2Fblog%2Fsatori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content&ul=en-ca&de=UTF-8&dt=Satori%20Threat%20Intelligence%20Alert%3A%20Camu%20cashes%20out%20ads%20on%20piracy%20content&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAAEABAAAAAGAEK~&jid=1715532502&gjid=1186804505&cid=1365157230.1724983881&tid=UA-111948466-3&_gid=296677000.1724983881&_r=1&_slc=1&gtm=45He48s0n81KVP42DDv830094232za200&cd1=1365157230.1724983881&gcs=G1--&gcd=13l3l3l3l5l1&dma=0&tag_exp=0&cd2=Human&z=1421001724

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

067536b3f91d4c08a72a02644605c37436afe7b1e60e0e251f298d5ccb082e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 30 Aug 2024 02:11:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.humansecurity.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 r Show response
scout.salesloft.com/ 41 B
361 B 245ms
38ms XHR
application/json 52.73.117.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://scout.salesloft.com/r?tid=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0IjoxMDUxMzV9.H2JT8UA8cynPbW9zXcx95AgvYUvFrlnYRFPelG2PReM

Requested by

Host: scout-cdn.salesloft.com
URL: https://scout-cdn.salesloft.com/sl.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.73.117.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-73-117-16.compute-1.amazonaws.com

Software

Resource Hash

1cfea949b0b2925d27b84d56d18f2ea1c6b948fdf3ae95c534a14706043da178

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 02:11:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.humansecurity.com
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 41
x-request-id: a8e048e37561cfabc987edc79bb5672b

GET
H2 200 modules.8da33a8f469c3b5ffcec.js Show response
script.hotjar.com/ 223 KB
56 KB 96ms
30ms Script
application/javascript 18.164.96.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.8da33a8f469c3b5ffcec.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3389720.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.96.87 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-96-87.jfk50.r.cloudfront.net

Software

Resource Hash

76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 14:23:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 c50e3f7de0b772d07240015272b1aff6.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
age: 2634494
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56385
last-modified: Tue, 30 Jul 2024 14:22:40 GMT
etag: "0728625a147ca79276a1790b9cf3175d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: drt7mEGIvYdkEe9U945EQo12UCgtgtz_LX0GytocJTwA3BYgGlAVyg==

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/163/ 11 KB
5 KB 30ms
30ms Script
application/x-javascript 23.204.6.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/163/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.204.6.193 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-204-6-193.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Fri, 30 Aug 2024 02:11:20 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Jan 2023 02:26:40 GMT
Server: AkamaiNetStorage
ETag: "ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4741
Expires: Sun, 08 Dec 2024 02:11:20 GMT

POST
H2 200 assign
tracking.g2crowd.com/attribution_tracking/conversions/ 0
0 95ms
72ms Fetch
text/html 2606:4700::6812:1eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.g2crowd.com/attribution_tracking/conversions/assign

Requested by

Host: tracking.g2crowd.com
URL: https://tracking.g2crowd.com/attribution_tracking/conversions/5210.js?p=https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content&e=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1eb0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .g2crowd.com .g2.com; connect-src 'self' .g2crowd.com .g2.com; font-src 'self' .g2crowd.com .g2.com; form-action 'self' .g2crowd.com .g2.com; frame-src 'self' .g2crowd.com .g2.com; img-src 'self' .g2crowd.com .g2.com; manifest-src 'self' .g2crowd.com .g2.com; media-src 'self' .g2crowd.com .g2.com; object-src 'self' .g2crowd.com .g2.com; script-src 'self' .g2crowd.com .g2.com; style-src 'self' .g2crowd.com .g2.com; worker-src 'self' .g2crowd.com .g2.com
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 30 Aug 2024 02:11:21 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-security-policy: default-src 'self' *.g2crowd.com *.g2.com; connect-src 'self' *.g2crowd.com *.g2.com; font-src 'self' *.g2crowd.com *.g2.com; form-action 'self' *.g2crowd.com *.g2.com; frame-src 'self' *.g2crowd.com *.g2.com; img-src 'self' *.g2crowd.com *.g2.com; manifest-src 'self' *.g2crowd.com *.g2.com; media-src 'self' *.g2crowd.com *.g2.com; object-src 'self' *.g2crowd.com *.g2.com; script-src 'self' *.g2crowd.com *.g2.com; style-src 'self' *.g2crowd.com *.g2.com; worker-src 'self' *.g2crowd.com *.g2.com
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
content-encoding: br
x-xss-protection: 1; mode=block
x-request-id: 20f59d1a-5f92-48f0-9a6b-177302968f4f
x-runtime: 0.003713
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-download-options: noopen
access-control-max-age: 7200
access-control-allow-methods: OPTIONS, POST
content-type: text/html
access-control-allow-origin: *
access-control-expose-headers
cache-control: no-cache
x-frame-options: SAMEORIGIN
cf-ray: 8bb13fe82ed2714a-YUL
vary: Origin

OPTIONS
H2 200 assign
tracking.g2crowd.com/attribution_tracking/conversions/ Frame 0
0 172ms
115ms Preflight 2606:4700::6812:1eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.g2crowd.com/attribution_tracking/conversions/assign
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.humansecurity.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: OPTIONS, POST
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 7200
cf-cache-status: DYNAMIC
cf-ray: 8bb13fe73e59714a-YUL
date: Fri, 30 Aug 2024 02:11:20 GMT
server: cloudflare

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
443 B 206ms
131ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 30 Aug 2024 02:11:20 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: F7E7F4B5E20A45739C7400F5F87A78BF Ref B: YMQ01EDGE0606 Ref C: 2024-08-30T02:11:20Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
access-control-allow-origin: https://www.humansecurity.com
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYg3Rt3FOBPwe+LAVGwoQ==

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
811 B 243ms
128ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=1755754%2C5211716&time=1724983880792&url=https%3A%2F%2Fwww.humansecurity.com%2Flearn%2Fblog%2Fsatori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content&tm=gtmv2
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept: *
Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 02:11:21 GMT
content-encoding: gzip
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 9E08DE0C6BD44402A5758E24271146AE Ref B: YMQ01EDGE0409 Ref C: 2024-08-30T02:11:20Z
access-control-allow-methods: GET, OPTIONS
x-li-fabric: prod-lva1
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
content-type: application/json
x-li-proto: http/2
x-restli-protocol-version: 1.0.0
access-control-allow-headers: *
x-li-uuid: AAYg3Rt3gIfYrmC6LCcpQw==
x-fs-uuid: 000620dd1b778087d8ae60ba2c272943

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1755754%2C5211716&time=1724983880792&li_adsId=add579ea-b309-4b30-8374-4316292c2f83&url=https%3A%2F%2Fwww.humansecurity.com%2Flearn%2Fblog%2Fsatori...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1755754%2C5211716&time=1724983880792&li_adsId=add579ea-b309-4b30-8374-4316292c2f83&url=https%3A%2F%2Fwww.humansecurity.com%2Flearn%2Fblog%2Fsator...

0
265 B

208ms
111ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1755754%2C5211716&time=1724983880792&li_adsId=add579ea-b309-4b30-8374-4316292c2f83&url=https%3A%2F%2Fwww.humansecurity.com%2Flearn%2Fblog%2Fsatori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content&tm=gtmv2&e_ipv6=AQJT4HzAb3FFGwAAAZGhDSzZvfaklpHfC8DAAF1-19l989ByLUTApor9XMQmFFFP5nLKGJtjAg
Requested by: Host: www.humansecurity.com
URL: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 02:11:20 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 35EDDA1E604942DE81DC1CE510A77D19 Ref B: YMQ01EDGE0510 Ref C: 2024-08-30T02:11:21Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYg3Rt7GlG6Zpubmx80/A==

Redirect headers

date: Fri, 30 Aug 2024 02:11:20 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: C5445C1EF74D4D5CBE1911A8A30096CC Ref B: YMQ01EDGE0606 Ref C: 2024-08-30T02:11:20Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1755754%2C5211716&time=1724983880792&li_adsId=add579ea-b309-4b30-8374-4316292c2f83&url=https%3A%2F%2Fwww.humansecurity.com%2Flearn%2Fblog%2Fsatori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content&tm=gtmv2&e_ipv6=AQJT4HzAb3FFGwAAAZGhDSzZvfaklpHfC8DAAF1-19l989ByLUTApor9XMQmFFFP5nLKGJtjAg
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYg3Rt3FCF9WJd6OoKqbQ==

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/878225418/ 6 KB
2 KB 81ms
79ms Script
text/javascript 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/878225418/?random=1724983880862&cv=11&fst=1724983880862&bg=ffffff&guid=ON&async=1&gtm=45be48s0v9102558839z8830094232za201zb830094232&gcd=13l3l3l3l5l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.humansecurity.com%2Flearn%2Fblog%2Fsatori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content&hn=www.googleadservices.com&frm=0&tiba=Satori%20Threat%20Intelligence%20Alert%3A%20Camu%20cashes%20out%20ads%20on%20piracy%20content&npa=0&pscdl=noapi&auid=2028744126.1724983880&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-878225418&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.162 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

cafe /

Resource Hash

325ac9b250f1a971280097e15ae4420181519791a0b18ed9c46028ce6554f589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Aug 2024 02:11:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2395
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 878225418
td.doubleclick.net/td/rul/ Frame F247 0
0 138ms
55ms Document
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/878225418?random=1724983880862&cv=11&fst=1724983880862&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be48s0v9102558839z8830094232za201zb830094232&gcd=13l3l3l3l5l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.humansecurity.com%2Flearn%2Fblog%2Fsatori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content&hn=www.googleadservices.com&frm=0&tiba=Satori%20Threat%20Intelligence%20Alert%3A%20Camu%20cashes%20out%20ads%20on%20piracy%20content&npa=0&pscdl=noapi&auid=2028744126.1724983880&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-878225418&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 30 Aug 2024 02:11:21 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 551 KB
92 KB 128ms
27ms Script
application/javascript 2606:4700::6812:8d11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsleadflows.net/leadflows.js

Requested by

Host: www.humansecurity.com
URL: https://www.humansecurity.com/hs/scriptloader/3400937.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:8d11 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03acc5c7069d79f53c0902c716cc6c6f1463d8ebb87724d39e5cb03f3f9d7890

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
Origin: https://www.humansecurity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
x-evy-trace-route-service-name: envoyset-translator
age: 19830
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.1436/bundle/main/lead-flows-release.js&cfRay=8a841420ff4cabb8-YYZ
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"b6c788efa3b3fd53687b2c92c85a5a5f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=86400, max-age=0
x-hs-target-asset: lead-flows-js/static-1.1436/bundle/main/lead-flows-release.js
date: Fri, 30 Aug 2024 02:11:21 GMT
x-amz-version-id: TIDmoMti0Vib7LJNFwT63dnpWuuDUZfu
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 fb1dc2e3bf4105b403e3bfa3a5067970.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: f9e01898-db83-4090-892f-671ff70d318e
x-cache: Hit from cloudfront
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 1
x-evy-trace-route-configuration: listener_https/all
x-request-id: f9e01898-db83-4090-892f-671ff70d318e
last-modified: Tue, 23 Jul 2024 12:57:23 UTC
server: cloudflare
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-65f7f7c749-rkwqq
cf-ray: 8bb13fe87d4ba251-YUL
x-amz-cf-id: 0bA1vyEJ-djDj3Fv7ZOLDzpNT-pGhyFb1RgdG4gtAcWsnuSXo9rh9Q==

GET
H2 200 3400937.js Show response
js.hs-analytics.net/analytics/1724983800000/ 68 KB
25 KB 154ms
66ms Script
text/javascript 2606:4700::6811:afc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1724983800000/3400937.js
Requested by: Host: www.humansecurity.com
URL: https://www.humansecurity.com/hs/scriptloader/3400937.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:afc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 642575582c7ccf050a918b334a352c5297250940c12e5fd65c558e1f48e90372

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 02:11:21 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: MAB6WNRKNFHFEDA3
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 43f48755-6900-4478-92f0-7c4945a29756
x-envoy-upstream-service-time: 23
x-amz-id-2: lN/tEkMI+OKMi8nvjzoCpqAIUzSAg2aeB6oiHQMEjgzJy2mOG4TGJzsC3aTb/0/CBWIbWFzVyy8=
x-evy-trace-listener: listener_https
x-request-id: 43f48755-6900-4478-92f0-7c4945a29756
x-evy-trace-route-configuration: listener_https/all
last-modified: Fri, 23 Aug 2024 13:37:43 GMT
server: cloudflare
etag: W/"262b8ee547157d9a726541179fed7fd9"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-6895b58fd6-d8f2p
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 8bb13fe86a1e33fb-YUL
expires: Fri, 30 Aug 2024 02:15:25 GMT

GET
H2 200 3400937.js Show response
js.hs-banner.com/ 61 KB
19 KB 180ms
80ms Script
text/javascript 2606:4700:4400::ac40:9310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/3400937.js
Requested by: Host: www.humansecurity.com
URL: https://www.humansecurity.com/hs/scriptloader/3400937.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9310 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02a711f90cf3fe3f3c91c838aa383dd9bc60d67b59e678328975e2193c1ce1d1

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 02:11:21 GMT
x-amz-version-id: j3Z3MHDFFIrOvQEWaUYKy.NfZW7yr8Jm
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 1DGMFEB9QACF8Q8R
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 631584a6-d64e-4112-9e41-8d9cef425b36
x-envoy-upstream-service-time: 38
x-amz-id-2: grC2MkMbwCxfxKzSLdEMYkKlF7LbOphkZ4tTSaPAeJraVfcaJcBgLGocRPZ3tZqL0KiMZ+g80ss=
x-evy-trace-listener: listener_https
x-request-id: 631584a6-d64e-4112-9e41-8d9cef425b36
x-evy-trace-route-configuration: listener_https/all
last-modified: Fri, 29 Mar 2024 16:23:31 GMT
server: cloudflare
etag: W/"7df6ee72098e64058dcb0f86caf8fbf0"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.humansecurity.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7bfb89fbf6-792r6
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 8bb13fe87dbfa272-YUL
expires: Fri, 30 Aug 2024 02:13:44 GMT

GET
H2 200 10c1c946-3ec8-49a0-92ce-5be53945f2bc.json Show response
cdn.cookielaw.org/consent/10c1c946-3ec8-49a0-92ce-5be53945f2bc/ 4 KB
2 KB 95ms
52ms XHR
application/x-javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/10c1c946-3ec8-49a0-92ce-5be53945f2bc/10c1c946-3ec8-49a0-92ce-5be53945f2bc.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4a42e8f77ed647b32311ffc6b611bdc77b6296726e51cfc958ac736c63a6654

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 30 Aug 2024 02:11:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 44294
content-md5: gKPVf/0JY7LPyMXBubVDLg==
content-length: 1651
x-ms-lease-status: unlocked
last-modified: Mon, 10 Jul 2023 18:48:56 GMT
server: cloudflare
etag: 0x8DB817650AF29D1
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 1d2a2bae-c01e-000f-5871-224fef000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8bb13fe8495ca2ce-YUL
expires: Sat, 31 Aug 2024 02:11:21 GMT

GET
H2 204 has-permission-json Show response
app.hubspot.com/content-tools-menu/api/v1/tools-menu/ 0
1 KB 168ms
100ms XHR
text/plain 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/content-tools-menu/api/v1/tools-menu/has-permission-json?portalId=3400937

Requested by

Host: www.humansecurity.com
URL: https://www.humansecurity.com/hs/hsstatic/HubspotToolsMenu/static-1.354/js/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	no-sniff

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 02:11:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: no-sniff
cf-cache-status: DYNAMIC
x-hs-worker-debug-mode: false
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: bbf10baf-d6d9-4bb3-bcc8-9b4231e2b254
x-envoy-upstream-service-time: 3
x-evy-trace-route-configuration: listener_https/all
reporting-endpoints: default="https://send.hsbrowserreports.com/csp/reports?cfRay=8bb13fe87cdba29f&resource=unknown"
x-evy-trace-listener: listener_https
x-request-id: bbf10baf-d6d9-4bb3-bcc8-9b4231e2b254
server: cloudflare
vary: origin, Accept-Encoding
access-control-allow-methods: GET
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]}
access-control-allow-origin: https://www.humansecurity.com
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-5f4dcb8bc8-mbhwx
cache-control: max-age=0
access-control-allow-credentials: true
x-evy-trace-virtual-host: all
cf-ray: 8bb13fe87cdba29f-YUL

POST
H2 204 collect
analytics.google.com/g/ 0
0 324ms
50ms Fetch
text/plain 2001:4860:4802:32::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-59DHKRCY6M&gtm=45je48s0v881684866z8830094232za200zb830094232&_p=1724983879747&_gaz=1&gcs=G1--&gcd=13l3l3l3l5l1&npa=0&dma=0&tag_exp=0&cid=1365157230.1724983881&ul=en-ca&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1724983881&sct=1&seg=0&dl=https%3A%2F%2Fwww.humansecurity.com%2Flearn%2Fblog%2Fsatori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content&dt=Satori%20Threat%20Intelligence%20Alert%3A%20Camu%20cashes%20out%20ads%20on%20piracy%20content&en=page_view&_fv=1&_ss=1&ep.timestamp=2024-08-29T19%3A11%3A19.916-07%3A00&tfd=1949
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-59DHKRCY6M&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Aug 2024 02:11:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.humansecurity.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 42ms
40ms Ping
text/plain 2607:f8b0:4004:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-59DHKRCY6M&cid=1365157230.1724983881&gtm=45je48s0v881684866z8830094232za200zb830094232&aip=1&dma=0&gcs=G1--&gcd=13l3l3l3l5l1&npa=0&frm=0&tag_exp=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-59DHKRCY6M&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Aug 2024 02:11:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.humansecurity.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 578C 0
0 49ms
47ms Document
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-59DHKRCY6M&gacid=1365157230.1724983881&gtm=45je48s0v881684866z8830094232za200zb830094232&dma=0&gcs=G1--&gcd=13l3l3l3l5l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=357135770

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-59DHKRCY6M&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 30 Aug 2024 02:11:21 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 406ms
179ms Image
image/gif 142.251.40.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-59DHKRCY6M&cid=1365157230.1724983881&gtm=45je48s0v881684866z8830094232za200zb830094232&aip=1&dma=0&gcs=G1--&gcd=13l3l3l3l5l1&npa=0&frm=0&tag_exp=0&tag_exp=0&z=31784264

Requested by

Host: www.humansecurity.com
URL: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.227 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Aug 2024 02:11:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collector Show response
collector-pxxdhgmtcm.px-cloud.net/api/v2/ 536 B
784 B 229ms
62ms XHR
application/json 35.190.10.96
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-pxxdhgmtcm.px-cloud.net/api/v2/collector
Requested by: Host: client.px-cloud.net
URL: https://client.px-cloud.net/PXxDhGmtcm/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 96.10.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 139123baa76429bd487c2db34db3ed482f58034192bef53870934e3fa5d40c41

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 30 Aug 2024 02:11:20 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.humansecurity.com
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 536

GET
H2 200 main.min.js Show response
client.px-cloud.net/PXf69I9fY8/ 166 KB
70 KB 175ms
174ms Script
application/javascript 2600:141b:1c00:30::1739:5a6a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://client.px-cloud.net/PXf69I9fY8/main.min.js
Requested by: Host: www.humansecurity.com
URL: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:30::1739:5a6a Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 6141757da14af6dfc29aea988dd2e2203e0de0471dc48f2e95a5e5002c16891b

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 02:11:21 GMT
content-encoding: gzip
last-modified: Fri, 30 Aug 2024 02:05:04 GMT
server: UploadServer
etag: "54d54133d8e6a5e1452ae43747287a23"
active-cdn: Akamai
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: active-cdn,x-served-by,Akamai-Request-BC
cache-control: max-age=600
x-goog-stored-content-length: 70786
accept-ranges: bytes
expires: Fri, 30 Aug 2024 02:21:21 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 263 KB
93 KB 94ms
93ms Script
application/javascript 142.250.81.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-474QF6N3NS&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.81.232 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e8567a8657bb656ce9c600fecf93ac4a652a8e6df953fdd1c740ec56d55583f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 02:11:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94847
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 30 Aug 2024 02:11:21 GMT

GET
H2 200 i Show response
scout.salesloft.com/ 48 B
468 B 37ms
37ms XHR
application/json 52.73.117.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://scout.salesloft.com/i

Requested by

Host: scout-cdn.salesloft.com
URL: https://scout-cdn.salesloft.com/sl.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.73.117.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-73-117-16.compute-1.amazonaws.com

Software

Resource Hash

e242f5ce40954ed63ef3d88dd1750f427d08cc5d3f746a7e1c580f691889a141

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 02:11:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.humansecurity.com
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 48
x-request-id: 6dc199d078b39008db72fbc600fda009

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
304 B 166ms
36ms XHR
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db0da7efe3ac5fc9e598f71e291326f137ea7bbbf97fed4fee0e86b717b0d9a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 02:11:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 8bb13feb6e523400-YUL
access-control-allow-headers: Content-Type

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 305 KB
87 KB 90ms
36ms Script
application/x-javascript 157.240.241.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=b7ba54732bcb5de048e3063252573c4e

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-lga3.fbcdn.net

Software

Resource Hash

8dd47dcf0b5eed6cc6f55c516e3a4678c511b40b509b65a3f9ce4aade4eea41d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
Origin: https://www.humansecurity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 30 Aug 2024 02:11:21 GMT
content-md5: Mpl+yqtJasXDKJDF/txRWg==
document-policy: force-load-at-top
x-fb-server-load: 29
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 89220
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=33, rtx=0, c=23, mss=1232, tbw=4353, tp=9, tpl=0, uplat=0, ullat=-1
x-fb-debug: JL33bW4//Ms7xrt585pR6qLyx+hMUa5NCroiCkMkS52djF1dXfGtQCYGFEuCE5Z3KDiUYwQu82HqYsXPvFMxCw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: ca1ac0976adabbc2b3decdc61936aed8
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "d2cc2ffb988c70d3b236a9c701f83c75"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Fri, 29 Aug 2025 20:55:20 GMT

GET
H3 200 formcomplete.js Show response
ws-assets.zoominfo.com/ 90 KB
27 KB 188ms
82ms Script
application/javascript 104.16.117.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ws-assets.zoominfo.com/formcomplete.js
Requested by: Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.117.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b1a4915e59e76e65870b9b2fe38250746fd0eaa301b836516e71bc7c6dd8ae4

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 02:11:21 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
age: 3282
x-guploader-uploadid: AHxI1nODM5dm8j6nU0iG2a4uVr_91B86ILQcy1cZINu9Y5ijJJaSqGeNYRK_KFEcmGtViq4tiA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 16 May 2024 10:14:37 GMT
server: cloudflare
etag: W/"006455bd44ed289ddcc403d0ecd96ab0"
x-goog-hash: crc32c=p5SAHw==, md5=AGRVvUTtKJ3cxAPQ7NlqsA==
x-goog-generation: 1715854477710382
content-type: application/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 91778
cf-ray: 8bb13feb7e75ab08-YYZ
expires: Fri, 30 Aug 2024 02:16:39 GMT

GET
H3 200 / Show response
ws.zoominfo.com/pixel/650492e79cc5e659a2211991/ 3 KB
2 KB 179ms
138ms Fetch
text/javascript 104.16.118.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/650492e79cc5e659a2211991/?iszitag=true

Requested by

Host: client.px-cloud.net
URL: https://client.px-cloud.net/PXxDhGmtcm/main.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.118.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

b2f990787e3b1814304c78b2805480c18a8e4ad82605df538e395ec36577fb92

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

visited-url: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
_vtok: MTY3LjExNC4yMDkuMTAz
_zitok: 9da3b0f92537af6f2c7e1724983880
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/javascript

Response headers

date: Fri, 30 Aug 2024 02:11:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://www.humansecurity.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
alt-svc: h3=":443"; ma=86400
cf-ray: 8bb13fec79baa23a-YYZ

GET
H2 204 0
bat.bing.com/action/ 0
360 B 63ms
42ms Image
text/plain 2620:1ec:33:3::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=97050842&Ver=2&mid=8e7809f9-cb77-49df-98c2-85a0bd95ed82&sid=26724bb0667511ef93cda9e6d8f82e13&vid=267272d0667511efaad9cbd4f9933aae&vids=1&msclkid=N&pi=918639831&lg=en-CA&sw=1600&sh=1200&sc=24&tl=Satori%20Threat%20Intelligence%20Alert%3A%20Camu%20cashes%20out%20ads%20on%20piracy%20content&p=https%3A%2F%2Fwww.humansecurity.com%2Flearn%2Fblog%2Fsatori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content&r=&lt=1810&evt=pageLoad&sv=1&cdb=AQAQ&rn=760193

Requested by

Host: www.humansecurity.com
URL: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:3::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 30 Aug 2024 02:11:20 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 406F2A2E3DA441E79E76E27B96F405BD Ref B: BL2AA2010201021 Ref C: 2024-08-30T02:11:21Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK widget_iframe.2f70fb173b9000da126c79afe2098f02.html
platform.twitter.com/widgets/ Frame 0A0D 0
0 110ms
27ms Document
text/html 2606:2800:220:131d:1d30:1f1d:238b:1e56
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fwww.humansecurity.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyd/D140) /
Resource Hash

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 13633189
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105429
Content-Type: text/html; charset=utf-8
Date: Fri, 30 Aug 2024 02:11:21 GMT
Etag: "81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified: Mon, 11 Dec 2023 17:19:49 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (nyd/D140)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

OPTIONS
H3 200 /
ws.zoominfo.com/pixel/650492e79cc5e659a2211991/ Frame 0
0 216ms
114ms Preflight
text/html 104.16.118.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/650492e79cc5e659a2211991/?iszitag=true

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.118.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: _vtok,_zitok,content-type,visited-url
Access-Control-Request-Method: GET
Origin: https://www.humansecurity.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
access-control-allow-origin: https://www.humansecurity.com
allow: GET,HEAD
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8bb13feb7f94aca2-YYZ
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 30 Aug 2024 02:11:21 GMT
server: cloudflare
via: 1.1 google
x-content-type-options: nosniff
x-powered-by: Express
x-robots-tag: noindex, nofollow

POST
H/1.1 200
OK visitWebPage
001-vjx-104.mktoresp.com/webevents/ 2 B
318 B 444ms
87ms Ping
text/plain 192.28.147.68
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://001-vjx-104.mktoresp.com/webevents/visitWebPage?_mchNc=1724983881448&_mchCn=&_mchId=001-VJX-104&_mchTk=_mch-humansecurity.com-1724983881446-11449&_mchHo=www.humansecurity.com&_mchPo=&_mchRu=%2Flearn%2Fblog%2Fsatori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/163/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.147.68 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Fri, 30 Aug 2024 02:11:21 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 3a394e9f-5cad-4179-8c0f-6471f22bc2c1

GET
H3 200 /
www.google.com/pagead/1p-user-list/878225418/ 42 B
64 B 52ms
51ms Image
image/gif 142.250.64.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/878225418/?random=1724983880862&cv=11&fst=1724983200000&bg=ffffff&guid=ON&async=1&gtm=45be48s0v9102558839z8830094232za201zb830094232&gcd=13l3l3l3l5l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.humansecurity.com%2Flearn%2Fblog%2Fsatori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content&hn=www.googleadservices.com&frm=0&tiba=Satori%20Threat%20Intelligence%20Alert%3A%20Camu%20cashes%20out%20ads%20on%20piracy%20content&npa=0&pscdl=noapi&auid=2028744126.1724983880&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfv8urRsYzDYAg0yuvTRZ6dOosnTLSbxL7KBQUl308vBxEp6lU&random=190824483&rmt_tld=0&ipr=y

Requested by

Host: www.humansecurity.com
URL: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.68 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s30-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Aug 2024 02:11:21 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.ca/pagead/1p-user-list/878225418/ 42 B
64 B 50ms
50ms Image
image/gif 142.251.40.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/878225418/?random=1724983880862&cv=11&fst=1724983200000&bg=ffffff&guid=ON&async=1&gtm=45be48s0v9102558839z8830094232za201zb830094232&gcd=13l3l3l3l5l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.humansecurity.com%2Flearn%2Fblog%2Fsatori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content&hn=www.googleadservices.com&frm=0&tiba=Satori%20Threat%20Intelligence%20Alert%3A%20Camu%20cashes%20out%20ads%20on%20piracy%20content&npa=0&pscdl=noapi&auid=2028744126.1724983880&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfv8urRsYzDYAg0yuvTRZ6dOosnTLSbxL7KBQUl308vBxEp6lU&random=190824483&rmt_tld=1&ipr=y

Requested by

Host: www.humansecurity.com
URL: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.227 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Aug 2024 02:11:21 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 view Show response
js.hs-banner.com/cookie-banner-public/v1/activity/ 0
174 B 85ms
73ms XHR
text/plain 2606:4700:4400::ac40:9310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-banner.com/cookie-banner-public/v1/activity/view

Requested by

Host: js.hs-banner.com
URL: https://js.hs-banner.com/3400937.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9310 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 30 Aug 2024 02:11:21 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 0a805c9b-f801-480d-8fca-8acef6db561b
x-envoy-upstream-service-time: 18
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 0a805c9b-f801-480d-8fca-8acef6db561b
server: cloudflare
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://www.humansecurity.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
vary: origin
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-6895b58fd6-d8f2p
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 8bb13febea644bd1-YUL

OPTIONS
H2 200 view
js.hs-banner.com/cookie-banner-public/v1/activity/ Frame 0
0 100ms
50ms Preflight
application/octet-stream 2606:4700:4400::ac40:9310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/cookie-banner-public/v1/activity/view
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9310 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.humansecurity.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://www.humansecurity.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-max-age: 604800
cf-cache-status: DYNAMIC
cf-ray: 8bb13feb8a1f4bd1-YUL
content-length: 0
content-type: application/octet-stream
date: Fri, 30 Aug 2024 02:11:21 GMT
server: cloudflare
timing-allow-origin: *
vary: origin
x-envoy-upstream-service-time: 0
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-6895b58fd6-ts74x
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: c7c0b5de-8354-445b-9fe4-6436851e686a
x-request-id: c7c0b5de-8354-445b-9fe4-6436851e686a

POST
H2 200 / Show response
content.hotjar.io/ 56 B
171 B 706ms
319ms XHR
application/json 34.249.205.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.hotjar.io/?site_id=3389720&gzip=1
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.8da33a8f469c3b5ffcec.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.249.205.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-205-38.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: b6fafec42bd73c72f7999e88f1bc7d395f5386070ddbaff1413998fa07596537

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 30 Aug 2024 02:11:22 GMT
content-length: 56
access-control-max-age: 86400
content-type: application/json

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202303.2.0/ 400 KB
97 KB 35ms
34ms Script
application/javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202303.2.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8e166157d90ed13492b8627e50c606aeab874cd0a5d6ed3b7c8a7988a3d46d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 30 Aug 2024 02:11:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Sw59qQKTUz8IJh2hCY03KQ==
age: 42736
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 98810
x-ms-lease-status: unlocked
last-modified: Tue, 16 May 2023 03:39:51 GMT
server: cloudflare
etag: 0x8DB55BF34FA32B5
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 11653dc3-e01e-0027-0308-7c2e47000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8bb13fed1e77713c-YUL

POST
H2 200 collector Show response
collector-pxf69i9fy8.px-cloud.net/api/v2/ 428 B
484 B 88ms
69ms XHR
application/json 35.190.10.96
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-pxf69i9fy8.px-cloud.net/api/v2/collector
Requested by: Host: client.px-cloud.net
URL: https://client.px-cloud.net/PXf69I9fY8/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 96.10.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 61954d242f58ebaa79974cbba81783116c46ea305be131be0fcd557a20be71f9

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 30 Aug 2024 02:11:21 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.humansecurity.com
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 428

POST
H3 200 forms Show response
ws.zoominfo.com/formcomplete-v2/ 44 KB
4 KB 103ms
102ms Fetch
application/json 104.16.118.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/formcomplete-v2/forms

Requested by

Host: client.px-cloud.net
URL: https://client.px-cloud.net/PXxDhGmtcm/main.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.118.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

4470812cccafc2228171cad13cb84e3aa000b33a0f75110a081aba3f017c8d68

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
Authorization: bearer 3a88c8f1a27e4f0ec92016da0338ac
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 30 Aug 2024 02:11:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
server: cloudflare
etag: W/"aea1-Q42NKSRqx9LsgoM447CV2lp5NqY"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.humansecurity.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,Authorization, visitorId, _zitok
cf-ray: 8bb13fee8b2aa23a-YYZ

POST
H3 204 collect
www.google-analytics.com/g/ 0
0 42ms
42ms Fetch
text/plain 142.250.81.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-474QF6N3NS&gtm=45je48s0v9124658847za200&_p=1724983879747&gcs=G1--&gcd=13l3l3l3l6l1&npa=0&dma=0&tag_exp=0&ul=en-ca&sr=1600x1200&cid=1365157230.1724983881&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fwww.humansecurity.com%2Flearn%2Fblog%2Fsatori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content&dt=Satori%20Threat%20Intelligence%20Alert%3A%20Camu%20cashes%20out%20ads%20on%20piracy%20content&sid=1724983881&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.ua_dimension_1=1365157230.1724983881&ep.ua_dimension_2=Human&tfd=2753
Requested by: Host: client.px-cloud.net
URL: https://client.px-cloud.net/PXxDhGmtcm/main.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.81.238 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s74-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Aug 2024 02:11:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.humansecurity.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H3 200 forms
ws.zoominfo.com/formcomplete-v2/ Frame 0
0 82ms
81ms Preflight
text/html 104.16.118.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/formcomplete-v2/forms

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.118.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.humansecurity.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,Authorization,visitorId,_zitok
access-control-allow-origin: https://www.humansecurity.com
allow: POST
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8bb13fee094faca2-YYZ
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 30 Aug 2024 02:11:21 GMT
server: cloudflare
via: 1.1 google
x-content-type-options: nosniff
x-powered-by: Express
x-robots-tag: noindex, nofollow

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/10c1c946-3ec8-49a0-92ce-5be53945f2bc/97406b3a-009d-4b48-bad5-1eb21c564b7d/ 69 KB
14 KB 41ms
40ms Fetch
application/x-javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/10c1c946-3ec8-49a0-92ce-5be53945f2bc/97406b3a-009d-4b48-bad5-1eb21c564b7d/en.json

Requested by

Host: client.px-cloud.net
URL: https://client.px-cloud.net/PXxDhGmtcm/main.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd27193574494c7c28903f1088f7eba26bf7c29f814e711e006036e733ceef8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 30 Aug 2024 02:11:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 5041
content-md5: PdTtH04dK1QUPBi2biFoKg==
content-length: 14570
x-ms-lease-status: unlocked
last-modified: Mon, 10 Jul 2023 18:48:58 GMT
server: cloudflare
etag: 0x8DB817651F13E61
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 56cb78b3-301e-00ae-28e3-bdb0e7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8bb13feede76a2ce-YUL
expires: Sat, 31 Aug 2024 02:11:22 GMT

GET
H2 200 / Show response
c.6sc.co/ 7 B
197 B 53ms
33ms XHR
text/html 23.34.59.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.34.59.33 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-34-59-33.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 02:11:22 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://www.humansecurity.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 21 B
318 B 203ms
26ms XHR
text/html 2600:141b:1c00:2e::17d1:48d1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:2e::17d1:48d1 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 1cc56e5fc3be68bfe3398b740ea6292fb445def0bfa8ba3d41b377aee41bf6b7

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Aug 2024 02:11:22 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.humansecurity.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2607:5300:60:7867::13
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1724983882136_399550033_3927360295_15_673_23_120_219";dur=1
content-length: 21
expires: Fri, 30 Aug 2024 02:11:22 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 59ms
35ms Image
image/gif 23.34.59.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=20d60e1303ace3bf5d3a031877ae81bd&svisitor=null&visitor=a3a76483-2d0b-4f9b-812a-547288f6708e&session=cf26f0d3-eaf6-436e-8e89-d892093feed5&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Fri%2C%2030%20Aug%202024%2002%3A11%3A20%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22HUMAN%27s%20Satori%20Threat%20Intelligence%20and%20Research%20team%20published%20an%20investigation%20into%20a%20domain%20cloaking%20operation%20named%20Camu%2C%20which%20provided%20a%20cashout%20mechanism%20for%20digital%20pirates.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Satori%20Threat%20Intelligence%20Alert%3A%20Camu%20cashes%20out%20ads%20on%20piracy%20content%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.humansecurity.com%2Flearn%2Fblog%2Fsatori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content&pageViewId=0cd7b308-c3f7-4939-879c-0872435d93d1&v=1.1.23

Requested by

Host: www.humansecurity.com
URL: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.33 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-33.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Aug 2024 02:11:22 GMT
x-content-type-options: nosniff
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 30 Aug 2024 02:11:22 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
258 B 58ms
35ms Image
image/gif 23.34.59.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=20d60e1303ace3bf5d3a031877ae81bd&svisitor=null&visitor=a3a76483-2d0b-4f9b-812a-547288f6708e&session=cf26f0d3-eaf6-436e-8e89-d892093feed5&event=ni%3AasyncSettingsAudit&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2030%20Aug%202024%2002%3A11%3A20%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%2220d60e1303ace3bf5d3a031877ae81bd%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2030%20Aug%202024%2002%3A11%3A20%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEpsilonKey%5C%22%2C%5C%22value%5C%22%3A%5C%220d406420db5f6e6d2e1be79267cc2b18e3de7e44%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2030%20Aug%202024%2002%3A11%3A20%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEndpoint%5C%22%2C%5C%22value%5C%22%3A%5C%22b.6sc.co%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2030%20Aug%202024%2002%3A11%3A20%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableCompanyDetails%5C%22%2C%5C%22value%5C%22%3A%5C%22%5Btrue%2Cnull%2C3%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2030%20Aug%202024%2002%3A11%3A20%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22HUMAN%27s%20Satori%20Threat%20Intelligence%20and%20Research%20team%20published%20an%20investigation%20into%20a%20domain%20cloaking%20operation%20named%20Camu%2C%20which%20provided%20a%20cashout%20mechanism%20for%20digital%20pirates.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Satori%20Threat%20Intelligence%20Alert%3A%20Camu%20cashes%20out%20ads%20on%20piracy%20content%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.humansecurity.com%2Flearn%2Fblog%2Fsatori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content&pageViewId=0cd7b308-c3f7-4939-879c-0872435d93d1&v=1.1.23

Requested by

Host: www.humansecurity.com
URL: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.33 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-33.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Aug 2024 02:11:22 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 30 Aug 2024 02:11:22 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
607 B 92ms
76ms Image
image/gif 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-ca&bfp=1682466047&v=1.1&a=3400937&pi=176829247902&ct=blog-post&ccu=https%3A%2F%2Fwww.humansecurity.com%2Flearn%2Fblog%2Fsatori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content&cpi=176829247902&cgi=5249379964&lpi=176829247902&lvi=176829247902&lvc=en-us&pu=https%3A%2F%2Fwww.humansecurity.com%2Flearn%2Fblog%2Fsatori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content&t=Satori+Threat+Intelligence+Alert%3A+Camu+cashes+out+ads+on+piracy+content&cts=1724983882106&vi=6d2fb91915a5d2120602c315c7bf4b2e&nc=true&ce=false&pt=1&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 02:11:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: d50d08fe-ff8f-490e-b057-c4595d650f33
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 8
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: d50d08fe-ff8f-490e-b057-c4595d650f33
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i7Wz1aTprwqAt7j%2FMES4z3RbKImIzR6JfKFDfEtkPr8au41OQL0EWiQhsMm9ln91j6qhV4BUKR8XOM39mNaw9DarEytPmbcClf1tQdBR7lJxnO8NXDdGgvXvvMtPGwyV6pxaRJWly5WXS41IC6mm"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-7bf556f6f-hnmwd
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 8bb13fef59d6a29f-YUL
x-robots-tag: none

GET
BLOB 200
OK ef93dac0-0cd6-48c4-98d2-7ebd00328dda Show response
https://www.humansecurity.com/ 3 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.humansecurity.com/ef93dac0-0cd6-48c4-98d2-7ebd00328dda
Requested by: Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2f990787e3b1814304c78b2805480c18a8e4ad82605df538e395ec36577fb92

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Length: 3033
Content-Type: text/javascript

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 34ms
33ms Image
image/gif 142.250.81.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=673853905&t=timing&_s=2&dl=https%3A%2F%2Fwww.humansecurity.com%2Flearn%2Fblog%2Fsatori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content&ul=en-ca&de=UTF-8&dt=Satori%20Threat%20Intelligence%20Alert%3A%20Camu%20cashes%20out%20ads%20on%20piracy%20content&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2869&pdt=23&dns=57&rrt=0&srt=81&tcp=49&dit=1722&clt=1805&_gst=717&_gbt=1421&_u=YHDAgEABAAAAAGAEK~&jid=&gjid=&cid=1365157230.1724983881&tid=UA-111948466-2&_gid=296677000.1724983881&gtm=45He48s0n81KVP42DDv830094232za200&cd7=2024-08-29T19%3A11%3A19.924-07%3A00&cd8=616c56a7-c7ec-4afa-b6e3-d5c0a9740ec6&gcs=G1--&gcd=13l3l3l3l5l1&dma=0&tag_exp=0&cd3=1365157230.1724983881&z=1290228032

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.81.238 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Aug 2024 02:42:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 84515
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 details Show response
epsilon.6sense.com/v3/company/ 742 B
716 B 91ms
41ms XHR
application/json 13.248.142.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.142.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ac3ff6aafb2cddae2.awsglobalaccelerator.com
Software: nginx /
Resource Hash: f11383ad7d3c69ffb2045e9c60ddbe79a0e90e1e840d3cf1f8521e3c160ca110

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
Authorization: Token 0d406420db5f6e6d2e1be79267cc2b18e3de7e44
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
X-6s-CustomID: WebTag1.0 20d60e1303ace3bf5d3a031877ae81bd

Response headers

x-trace-id: 2325016447315832450
date: Fri, 30 Aug 2024 02:11:22 GMT
content-encoding: gzip
server: nginx
vary: Origin, Accept-Encoding
content-type: application/json
x-6si-region: us-east-1a
access-control-allow-origin: https://www.humansecurity.com
access-control-expose-headers: X-6si-Region
access-control-allow-credentials: true
timing-allow-origin: https://6sense.com, https://www.ssga.com
content-length: 394

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
258 B 37ms
36ms Image
image/gif 23.34.59.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=20d60e1303ace3bf5d3a031877ae81bd&svisitor=null&visitor=a3a76483-2d0b-4f9b-812a-547288f6708e&session=cf26f0d3-eaf6-436e-8e89-d892093feed5&event=ipv6&q=%7B%22address%22%3A%222607%3A5300%3A60%3A7867%3A%3A13%22%7D&isIframe=false&m=%7B%22description%22%3A%22HUMAN%27s%20Satori%20Threat%20Intelligence%20and%20Research%20team%20published%20an%20investigation%20into%20a%20domain%20cloaking%20operation%20named%20Camu%2C%20which%20provided%20a%20cashout%20mechanism%20for%20digital%20pirates.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Satori%20Threat%20Intelligence%20Alert%3A%20Camu%20cashes%20out%20ads%20on%20piracy%20content%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.humansecurity.com%2Flearn%2Fblog%2Fsatori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content&pageViewId=0cd7b308-c3f7-4939-879c-0872435d93d1&ipv6=2607%3A5300%3A60%3A7867%3A%3A13&v=1.1.23

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.33 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-33.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Aug 2024 02:11:22 GMT
x-content-type-options: nosniff
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 30 Aug 2024 02:11:22 GMT

OPTIONS
H2 200 details
epsilon.6sense.com/v3/company/ Frame 0
0 124ms
38ms Preflight 13.248.142.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.142.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ac3ff6aafb2cddae2.awsglobalaccelerator.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-6s-customid
Access-Control-Request-Method: GET
Origin: https://www.humansecurity.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,x-6s-customid
access-control-allow-methods: OPTIONS,GET
access-control-allow-origin: https://www.humansecurity.com
access-control-expose-headers: X-6si-Region
access-control-max-age: 1800
date: Fri, 30 Aug 2024 02:11:22 GMT
server: nginx
timing-allow-origin: https://6sense.com, https://www.ssga.com
x-6si-region: us-east-1a
x-trace-id: 3147960957483341343

GET
H3 200 Human-Favicon-White-Black%20BKG.png
www.humansecurity.com/hubfs/ 10 KB
11 KB 58ms
58ms Other
image/webp 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.humansecurity.com/hubfs/Human-Favicon-White-Black%20BKG.png

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

efa303262b36a12c1c28503edc4d8852388482855d729b169c9bfb1b969adf45

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-84331736107,P-3400937,FLS-ALL
age: 2353206
x-amz-request-id: WK2XW7775Z7QT8JF
x-amz-server-side-encryption: AES256
edge-cache-tag: F-84331736107,P-3400937,FLS-ALL
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="Human-Favicon-White-Black%20BKG.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
etag: "90f1b1e31f9d8f952a7c9f1b72a4fad6"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1662646750288
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 30 Aug 2024 02:11:22 GMT
strict-transport-security: max-age=31536000
via: 1.1 8b37208e69f78eef4dd958de00423132.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: ReqLDPL4vOVfyNNDhCn51TdwyjSTJzqi
x-amz-cf-pop: YUL62-P2
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=35632
x-cache: RefreshHit from cloudfront
cache-tag: F-84331736107,P-3400937,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 10100
x-amz-id-2: kaM1lPV5TtOmbmi6b7HbXeN9S+359gJ4rEsQXAJvhgQTjn7OcgH9C+8yAVCgbC9k3qYBvjXtAP0=
last-modified: Thu, 08 Sep 2022 14:23:32 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JB20IQ64WiSw8BCHpqAloqhb4b6TDYS69Kp9LTQHyZM1O%2BW7ErrB%2BX3ZvQaEH6wJ%2F1lDIfPik49UCGyC586Gf3a8xDrB6WoJAAkNQW2k%2BuxH9Vjerfdi%2BcD6bmiUib3VYQgkJ50RUw%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8bb13ff09e7c36c5-YYZ
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: Y5ADqwYRLaTdNgGu_6QGXirH0i0k_7ZJD6cZCOgisgZbSXedFjoG0Q==

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/202303.2.0/assets/v2/ 61 KB
13 KB 34ms
33ms Fetch
application/json 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202303.2.0/assets/v2/otPcCenter.json

Requested by

Host: client.px-cloud.net
URL: https://client.px-cloud.net/PXxDhGmtcm/main.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d55ad3bc35664e6ce9dc3e6a71bb6d3a4c8fddeb6af1a195727c0361ddd92a2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 30 Aug 2024 02:11:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: obw5M94dAr0Gi2p2lbQQ/g==
age: 44294
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 12544
x-ms-lease-status: unlocked
last-modified: Tue, 16 May 2023 03:39:48 GMT
server: cloudflare
etag: 0x8DB55BF32AEE4B7
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: d6f8cc22-301e-0069-7468-7900cf000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8bb13ff0fffea2ce-YUL

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202303.2.0/assets/ 21 KB
4 KB 33ms
33ms Fetch
text/css 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202303.2.0/assets/otCommonStyles.css

Requested by

Host: client.px-cloud.net
URL: https://client.px-cloud.net/PXxDhGmtcm/main.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 30 Aug 2024 02:11:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: oWkBTLgDDXvrUsd93y/Zxg==
age: 79839
x-ms-lease-status: unlocked
last-modified: Tue, 16 May 2023 03:39:56 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: c12036af-201e-0093-6a87-cd05c1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8bb13ff0f800a2ce-YUL

POST
H2 200 collector Show response
collector-pxxdhgmtcm.px-cloud.net/api/v2/ 600 B
655 B 112ms
109ms XHR
application/json 35.190.10.96
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-pxxdhgmtcm.px-cloud.net/api/v2/collector
Requested by: Host: client.px-cloud.net
URL: https://client.px-cloud.net/PXxDhGmtcm/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 96.10.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 76aabd5326d4b58f4ad0503d0abe73650b1920f7d4a6d2c28bf50accdd27a712

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 30 Aug 2024 02:11:22 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.humansecurity.com
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 600

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
494 B 30ms
30ms Fetch
image/svg+xml 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: client.px-cloud.net
URL: https://client.px-cloud.net/PXxDhGmtcm/main.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 30 Aug 2024 02:11:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 22598
x-ms-lease-status: unlocked
last-modified: Thu, 29 Aug 2024 02:05:40 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: d2f3992f-701e-006e-52c8-f93aa3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8bb13ff1e8bea2ce-YUL

GET
H2 200 HUMAN_logo_horiz_black.jpg
cdn.cookielaw.org/logos/bdc406fe-f273-4909-9374-53fa72f05678/73a6679b-4f30-4bde-8d8b-9f140d71ffc3/ec625dd3-e584-4556-aaae-79e3c80ba85a/ 108 KB
108 KB 32ms
31ms Image
image/jpeg 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/bdc406fe-f273-4909-9374-53fa72f05678/73a6679b-4f30-4bde-8d8b-9f140d71ffc3/ec625dd3-e584-4556-aaae-79e3c80ba85a/HUMAN_logo_horiz_black.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31bffb649cd812a3e720b1838c910fe359aef60c46ec91149d895dc23708768d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 30 Aug 2024 02:11:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: NhqNgvFSsXYG+FRFrroJLA==
age: 13268
content-length: 110133
x-ms-lease-status: unlocked
cf-bgj: h2pri
last-modified: Mon, 10 Jul 2023 15:09:02 GMT
server: cloudflare
etag: 0x8DB815798A1C292
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 9b7a268c-301e-001b-6e73-790780000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8bb13ff249f9713c-YUL

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 33ms
33ms Image
image/svg+xml 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 30 Aug 2024 02:11:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 14830
x-ms-lease-status: unlocked
last-modified: Thu, 29 Aug 2024 02:05:41 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 335505e7-f01e-0019-5a4e-fabfe2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8bb13ff249fb713c-YUL

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 30ms
29ms Image
image/gif 142.250.81.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=673853905&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.humansecurity.com%2Flearn%2Fblog%2Fsatori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content&ul=en-ca&de=UTF-8&dt=Satori%20Threat%20Intelligence%20Alert%3A%20Camu%20cashes%20out%20ads%20on%20piracy%20content&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=6si_company_details&ea=6si_data_loaded&_u=aHDAgEABAAAAAGAEK~&jid=&gjid=&cid=1365157230.1724983881&tid=UA-111948466-2&_gid=296677000.1724983881&gtm=45He48s0n81KVP42DDv830094232za200&cd6=GA1.1.1365157230.1724983881&cd7=2024-08-29T19%3A11%3A22.613-07%3A00&cd8=492faa27-a1e8-4a18-b31e-2998cde3b354&cd9=&cd10=Canada&cd11=&cd12=&cd13=&cd14=&cd15=&cd16=&gcs=G1--&gcd=13l3l3l3l5l1&dma=0&tag_exp=0&cd3=1365157230.1724983881&z=224235352

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.81.238 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Aug 2024 02:42:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 84515
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collector Show response
collector-pxf69i9fy8.px-cloud.net/api/v2/ 32 B
49 B 79ms
76ms XHR
application/json 35.190.10.96
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-pxf69i9fy8.px-cloud.net/api/v2/collector
Requested by: Host: client.px-cloud.net
URL: https://client.px-cloud.net/PXf69I9fY8/main.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 96.10.190.35.bc.googleusercontent.com
Software: /
Resource Hash: fc28ecbc1ff8a7379cf4e592087ad5b1edddcbc566b1d6a341bed193c94d543a

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 30 Aug 2024 02:11:22 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.humansecurity.com
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 38ms
35ms Image
image/gif 23.34.59.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=20d60e1303ace3bf5d3a031877ae81bd&svisitor=null&visitor=a3a76483-2d0b-4f9b-812a-547288f6708e&session=cf26f0d3-eaf6-436e-8e89-d892093feed5&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2030%20Aug%202024%2002%3A11%3A23%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2030%20Aug%202024%2002%3A11%3A20%20GMT%22%2C%22timeSpent%22%3A%222439%22%2C%22totalTimeSpent%22%3A%222439%22%7D&isIframe=false&m=%7B%22description%22%3A%22HUMAN%27s%20Satori%20Threat%20Intelligence%20and%20Research%20team%20published%20an%20investigation%20into%20a%20domain%20cloaking%20operation%20named%20Camu%2C%20which%20provided%20a%20cashout%20mechanism%20for%20digital%20pirates.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Satori%20Threat%20Intelligence%20Alert%3A%20Camu%20cashes%20out%20ads%20on%20piracy%20content%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.humansecurity.com%2Flearn%2Fblog%2Fsatori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content&pageViewId=0cd7b308-c3f7-4939-879c-0872435d93d1&ipv6=2607%3A5300%3A60%3A7867%3A%3A13&v=1.1.23

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.33 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-33.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Aug 2024 02:11:23 GMT
x-content-type-options: nosniff
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 30 Aug 2024 02:11:23 GMT

POST
H3 200 collector Show response
collector-pxxdhgmtcm.px-cloud.net/api/v2/ 32 B
49 B 54ms
52ms XHR
application/json 35.190.10.96
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-pxxdhgmtcm.px-cloud.net/api/v2/collector
Requested by: Host: client.px-cloud.net
URL: https://client.px-cloud.net/PXxDhGmtcm/main.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 96.10.190.35.bc.googleusercontent.com
Software: /
Resource Hash: fc28ecbc1ff8a7379cf4e592087ad5b1edddcbc566b1d6a341bed193c94d543a

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 30 Aug 2024 02:11:22 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.humansecurity.com
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32

GET undefined
www.humansecurity.com/learn/blog/ 0
0

GET
H3 200 footer.min.css
cdn2.hubspot.net/hub/3400937/hub_generated/template_assets/115387395449/1693233183077/humansecurity-hs/assets/css/ 21 KB
4 KB 474ms
117ms Stylesheet
text/css 104.18.89.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/3400937/hub_generated/template_assets/115387395449/1693233183077/humansecurity-hs/assets/css/footer.min.css
Requested by: Host: cdn2.hubspot.net
URL: https://cdn2.hubspot.net/hub/3400937/hub_generated/template_assets/115307132989/1698698445616/humansecurity-hs/punch/assets/js/lazy-loading.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.89.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46043be637afe914e3a575c2921cd2904b2c4b59388128ed10625628402d46a6

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
age: 143805
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"b4d88ed60cd8e0f1e827de88fcfcc1e8"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1693233183807
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-evy-trace-virtual-host: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 30 Aug 2024 02:11:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 76b0ec2b-4aed-46a4-b325-17ff085f6fdc
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 313
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: 76b0ec2b-4aed-46a4-b325-17ff085f6fdc
last-modified: Mon, 28 Aug 2023 14:33:04 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YFDWbvxglEiWVXEY1TC60jBme3LbmCjUYSCybnD7FhE6FqFm0lhsI%2FhywZxaA3x%2BqAwtbSfa8DbYsMLxzBx9%2F1JZI9dbwDFhST1ry4lggPLowUzCVPqQJJJPXNr%2F0JBSxbk%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-cdn2-td/envoy-proxy-64d59778d6-f6gc6
cf-ray: 8bb13ffafe7bac25-YYZ
timing-allow-origin: cdn2.hubspot.net

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 40ms
38ms Image
image/gif 23.34.59.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=20d60e1303ace3bf5d3a031877ae81bd&svisitor=null&visitor=a3a76483-2d0b-4f9b-812a-547288f6708e&session=cf26f0d3-eaf6-436e-8e89-d892093feed5&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2030%20Aug%202024%2002%3A11%3A24%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2030%20Aug%202024%2002%3A11%3A23%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%223441%22%7D&isIframe=false&m=%7B%22description%22%3A%22HUMAN%27s%20Satori%20Threat%20Intelligence%20and%20Research%20team%20published%20an%20investigation%20into%20a%20domain%20cloaking%20operation%20named%20Camu%2C%20which%20provided%20a%20cashout%20mechanism%20for%20digital%20pirates.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Satori%20Threat%20Intelligence%20Alert%3A%20Camu%20cashes%20out%20ads%20on%20piracy%20content%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.humansecurity.com%2Flearn%2Fblog%2Fsatori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content&pageViewId=0cd7b308-c3f7-4939-879c-0872435d93d1&ipv6=2607%3A5300%3A60%3A7867%3A%3A13&v=1.1.23

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.33 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-33.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Aug 2024 02:11:24 GMT
x-content-type-options: nosniff
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 30 Aug 2024 02:11:24 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 34ms
33ms Image
image/gif 23.34.59.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=20d60e1303ace3bf5d3a031877ae81bd&svisitor=null&visitor=a3a76483-2d0b-4f9b-812a-547288f6708e&session=cf26f0d3-eaf6-436e-8e89-d892093feed5&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2030%20Aug%202024%2002%3A11%3A25%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2030%20Aug%202024%2002%3A11%3A24%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%224442%22%7D&isIframe=false&m=%7B%22description%22%3A%22HUMAN%27s%20Satori%20Threat%20Intelligence%20and%20Research%20team%20published%20an%20investigation%20into%20a%20domain%20cloaking%20operation%20named%20Camu%2C%20which%20provided%20a%20cashout%20mechanism%20for%20digital%20pirates.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Satori%20Threat%20Intelligence%20Alert%3A%20Camu%20cashes%20out%20ads%20on%20piracy%20content%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.humansecurity.com%2Flearn%2Fblog%2Fsatori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content&pageViewId=0cd7b308-c3f7-4939-879c-0872435d93d1&ipv6=2607%3A5300%3A60%3A7867%3A%3A13&v=1.1.23

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.33 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-33.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Aug 2024 02:11:25 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 30 Aug 2024 02:11:25 GMT

GET
H2 200 fullcircle.js Show response
d2i34c80a0ftze.cloudfront.net/ 32 KB
11 KB 414ms
38ms Script
application/json 2600:9000:28b2:f200:9:14eb:6280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2i34c80a0ftze.cloudfront.net/fullcircle.js?cid=c05754bf-2b15-4935-b7c4-cf576218c528&domain=humansecurity.com

Requested by

Host: www.humansecurity.com
URL: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:28b2:f200:9:14eb:6280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

88e7b0718f584603ca29ed368567c07f629f1012e0e4972c3fd95db2e339504d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 05:17:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 776fbf9a4fc4b393f157f9f75dd29a06.cloudfront.net (CloudFront), 1.1 a97e58ffc6f61ef3eab965cbc26fc6f0.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: IAD55-P5, JFK52-P8
age: 75230
x-amzn-trace-id: Root=1-66d00470-1fd088e75b912c70791b6dfb;Parent=3b2ce8815be29136;Sampled=0;lineage=be50798f:0
x-amzn-requestid: d31784c3-4523-4213-8a93-dc1def2484d3
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: dQWhlEyMvHcEKbA=
x-amz-cf-id: 0mHcsMzJz0Gs_tUYfPZzz3zez4EkWayDmsoLP1wB2TX0sWrppZPoew==

GET
H2 200 app.js Show response
acsbapp.com/apps/app/dist/js/ 311 KB
95 KB 533ms
110ms Script
application/javascript 2606:4700:10::6816:1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://acsbapp.com/apps/app/dist/js/app.js
Requested by: Host: www.humansecurity.com
URL: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d9fbfd489416f7fa849b1ef7820d17a7c36a56faca1a0d612a6d61c5c9f08a7

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 02:11:26 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-guploader-uploadid: AHxI1nPqNALnXJFygK8rSvL2tkte1PV80z1JLASUfs7zbz9XmAItljI1RGDhaTdw-Mi36QvmNOQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
last-modified: Sun, 25 Aug 2024 09:29:03 GMT
server: cloudflare
etag: W/"ef9212b6f5108b2ce3f9df9c48bd3592"
vary: Accept-Encoding
x-goog-hash: crc32c=QfsnQg==, md5=75IStvUQiyzj+d+cSL01kg==
x-goog-generation: 1724578142906507
access-control-allow-origin: *
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=300, must-revalidate
x-goog-stored-content-length: 318526
access-control-expose-headers: *
cf-ray: 8bb14007ee9b54cd-YYZ
expires: Sat, 30 Aug 2025 02:11:26 GMT

GET
H3 200 body.min.css
cdn2.hubspot.net/hub/3400937/hub_generated/template_assets/99901597287/1721248587601/humansecurity-hs/assets/css/ 133 KB
21 KB 69ms
58ms Stylesheet
text/css 104.18.89.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/3400937/hub_generated/template_assets/99901597287/1721248587601/humansecurity-hs/assets/css/body.min.css
Requested by: Host: cdn2.hubspot.net
URL: https://cdn2.hubspot.net/hub/3400937/hub_generated/template_assets/115307132989/1698698445616/humansecurity-hs/punch/assets/js/lazy-loading.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.89.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1892bc981117777e575dc1231631c473cc8b57fd0d023c5e883978d5256a85ae

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
age: 1142607
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"133efba53ade4b7f1ba3a07bcea5eca9"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1721248588873
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-evy-trace-virtual-host: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 30 Aug 2024 02:11:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 791e99e9-7407-427a-af89-adc15e855015
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 179
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: 791e99e9-7407-427a-af89-adc15e855015
last-modified: Wed, 17 Jul 2024 20:36:29 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VmxMyZEPFaVPLYGrQmEaj03s%2BGHUXiBs%2FnZUC0m4g%2BsQo1gG%2FzVGf1%2Bhv684FMI%2BO8BG5I2joMHnzS0uaR5ClHE6HD4aSHJo%2BtOtOi6C7eVvdd0QrXkPNLr9L%2BGqeCMHAb4%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-cdn2-td/envoy-proxy-7bc58b7fb6-9fg76
cf-ray: 8bb140056f0dac25-YYZ
timing-allow-origin: cdn2.hubspot.net

GET
H3 200 jquery.magnificpopup.min.js Show response
cdn2.hubspot.net/hub/3400937/hub_generated/template_assets/63656499996/1698698454228/humansecurity-hs/punch/assets/js/dist/ 20 KB
9 KB 89ms
78ms Script
application/javascript 104.18.89.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/3400937/hub_generated/template_assets/63656499996/1698698454228/humansecurity-hs/punch/assets/js/dist/jquery.magnificpopup.min.js
Requested by: Host: www.humansecurity.com
URL: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.89.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a123eebd3f1e4f9b4641216ddc8aee3dd0ecc035cc9d2f6ed7b92c979fccc326

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding: br
age: 1943877
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"23546b2633cc3b557bb3a13ac0d1c719"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1698698454685
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-evy-trace-virtual-host: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 30 Aug 2024 02:11:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: d117c4ea-09ae-4825-9156-158764a86ef8
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 250
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: d117c4ea-09ae-4825-9156-158764a86ef8
last-modified: Mon, 30 Oct 2023 20:40:55 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RdvxrIzHmreaI8IsbQqkWu6q3aH23e5qFM9cFg3O5TpERAIrlln96l975jvyBfM3cLquMqbdQZIULn2SgCm%2BH65iOK9q92TjNxX%2BAsXbM9PvrfXBbNHvfMjpbyqg80DhLvI%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-cdn2-td/envoy-proxy-6f9f79465b-qd96f
cf-ray: 8bb140056f0eac25-YYZ
timing-allow-origin: cdn2.hubspot.net

GET
H3 200 lightbox-combo.min.js Show response
cdn2.hubspot.net/hub/3400937/hub_generated/template_assets/115294898870/1698698465768/humansecurity-hs/punch/assets/js/dist/ 24 KB
10 KB 115ms
104ms Script
application/javascript 104.18.89.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/3400937/hub_generated/template_assets/115294898870/1698698465768/humansecurity-hs/punch/assets/js/dist/lightbox-combo.min.js
Requested by: Host: www.humansecurity.com
URL: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.89.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54922aed651f983596d7c4d47b075f10dfa004fffe6c60c15c59ecdc1856529f

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding: br
age: 1790107
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"687a6f388e56976362f732fa3410027c"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1698698466182
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-evy-trace-virtual-host: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 30 Aug 2024 02:11:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: dc6a0cdb-bd75-43a4-a9f9-4fd2db7504a3
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 132
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: dc6a0cdb-bd75-43a4-a9f9-4fd2db7504a3
last-modified: Mon, 30 Oct 2023 20:41:07 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0dTFxbNIFXz7benrcp6KiDLdDnIfeGjle8MoyEYIrOlVT1BmGySxz0PYt9DiuX7T3KGfoFHKkE0CGBnpMEH2%2BzfZGEdodePqJ0BhPGTQ%2F9gRJ1CUyGLgEl8B6BMC4SrxpaQ%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-cdn2-td/envoy-proxy-6f9f79465b-4f62g
cf-ray: 8bb140056f10ac25-YYZ
timing-allow-origin: cdn2.hubspot.net

GET
H3 200 flickity-combo.min.js Show response
cdn2.hubspot.net/hub/3400937/hub_generated/template_assets/63656625716/1698698450031/humansecurity-hs/punch/assets/js/dist/ 67 KB
19 KB 141ms
130ms Script
application/javascript 104.18.89.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/3400937/hub_generated/template_assets/63656625716/1698698450031/humansecurity-hs/punch/assets/js/dist/flickity-combo.min.js
Requested by: Host: www.humansecurity.com
URL: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.89.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d3b1eb7d0f0f9f6b02dc4d100a34d5ed61b9b22e284ef8b8fc16dee56cb0453

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding: br
age: 131371
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"0b1204d9265290f1b3d4250e491d06dd"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1698698450553
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-evy-trace-virtual-host: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 30 Aug 2024 02:11:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 9f1ac9b8-dd69-495c-b5d8-0380d7cd9e61
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 228
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: 9f1ac9b8-dd69-495c-b5d8-0380d7cd9e61
last-modified: Mon, 30 Oct 2023 20:40:51 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DWZ8M6sXI8Fy9ftT59jXWTzUnmVPTHyoc0zy82mw%2FgzeneGMjFkY3IGUm5fxDWb9ZCKGc73eeUUiaeA0%2FwtE2phencDJJUW%2F9zcNezSwJHJgY0%2BUAcMJCN8%2FvWD0wbLliNs%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-cdn2-td/envoy-proxy-64d59778d6-f6gc6
cf-ray: 8bb140056f12ac25-YYZ
timing-allow-origin: cdn2.hubspot.net

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 50ms
47ms Image
image/gif 23.34.59.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=20d60e1303ace3bf5d3a031877ae81bd&svisitor=null&visitor=a3a76483-2d0b-4f9b-812a-547288f6708e&session=cf26f0d3-eaf6-436e-8e89-d892093feed5&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2030%20Aug%202024%2002%3A11%3A26%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2030%20Aug%202024%2002%3A11%3A25%20GMT%22%2C%22timeSpent%22%3A%221003%22%2C%22totalTimeSpent%22%3A%225445%22%7D&isIframe=false&m=%7B%22description%22%3A%22HUMAN%27s%20Satori%20Threat%20Intelligence%20and%20Research%20team%20published%20an%20investigation%20into%20a%20domain%20cloaking%20operation%20named%20Camu%2C%20which%20provided%20a%20cashout%20mechanism%20for%20digital%20pirates.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Satori%20Threat%20Intelligence%20Alert%3A%20Camu%20cashes%20out%20ads%20on%20piracy%20content%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.humansecurity.com%2Flearn%2Fblog%2Fsatori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content&pageViewId=0cd7b308-c3f7-4939-879c-0872435d93d1&ipv6=2607%3A5300%3A60%3A7867%3A%3A13&v=1.1.23

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.33 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-33.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Aug 2024 02:11:26 GMT
x-content-type-options: nosniff
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 30 Aug 2024 02:11:26 GMT

POST
H2 200 create Show response
st.fullcircleinsights.com/v1/visitors/ 1 KB
2 KB 448ms
447ms XHR
application/json 18.164.96.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://st.fullcircleinsights.com/v1/visitors/create

Requested by

Host: d2i34c80a0ftze.cloudfront.net
URL: https://d2i34c80a0ftze.cloudfront.net/fullcircle.js?cid=c05754bf-2b15-4935-b7c4-cf576218c528&domain=humansecurity.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.96.18 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-96-18.jfk50.r.cloudfront.net

Software

Resource Hash

31bcdccddfca7548459ba25d8e69f45cdbed125d56fb01f69ace5429dfc15c7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

origin-fci: https://www.humansecurity.com
Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
js-version: 1.0.59
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
x-api-key: zCJpG9ai2q4CdEz1TtZtE8XZaM9NCVR329XSil6T
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 30 Aug 2024 02:11:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 c50e3f7de0b772d07240015272b1aff6.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
x-amzn-trace-id: Root=1-66d12a4e-2af67c2f2b32ea25332abc43;Parent=07a5e5c417a57850;Sampled=0;lineage=1:7c392b7c:0
x-amzn-requestid: cf511c47-c79f-4e87-a7b7-8d50ee33990e
vary: Origin
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://www.humansecurity.com
x-amz-apigw-id: dTOMVFrMvHcEQwA=
content-length: 1471
x-amz-cf-id: x3lb9sRUoCAXuIwXEoaHIkoWQ_FM7OdyowfOejHUn3osGp4ewYtsRw==

POST
H3 200 collector Show response
collector-pxxdhgmtcm.px-cloud.net/api/v2/ 32 B
49 B 80ms
78ms XHR
application/json 35.190.10.96
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-pxxdhgmtcm.px-cloud.net/api/v2/collector
Requested by: Host: client.px-cloud.net
URL: https://client.px-cloud.net/PXxDhGmtcm/main.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 96.10.190.35.bc.googleusercontent.com
Software: /
Resource Hash: fc28ecbc1ff8a7379cf4e592087ad5b1edddcbc566b1d6a341bed193c94d543a

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 30 Aug 2024 02:11:25 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.humansecurity.com
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32

OPTIONS
H2 200 create
st.fullcircleinsights.com/v1/visitors/ Frame 0
0 377ms
205ms Preflight
application/json 18.164.96.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://st.fullcircleinsights.com/v1/visitors/create
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.96.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-96-18.jfk50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: js-version,origin-fci,x-api-key
Access-Control-Request-Method: POST
Origin: https://www.humansecurity.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent,origin-fci,js-version
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://www.humansecurity.com
content-length: 1
content-type: application/json
date: Fri, 30 Aug 2024 02:11:26 GMT
via: 1.1 c50e3f7de0b772d07240015272b1aff6.cloudfront.net (CloudFront)
x-amz-apigw-id: dTOMTFONvHcENIA=
x-amz-cf-id: Pu84PDzP7-NS2D1U2RnulI0H-Zf7veIAkYfn-OwI5r8GLtzo6CaLsA==
x-amz-cf-pop: JFK50-P5
x-amzn-requestid: 41b139c8-ffea-44f3-87bf-eab7edf11e83
x-cache: Miss from cloudfront

GET config.json
cdn.acsbapp.com/config/humansecurity.com/ 0
0

OPTIONS queue
st.fullcircleinsights.com/v1/visits/ Frame 0
0

POST queue
st.fullcircleinsights.com/v1/visits/ 0
0

POST
H3 200 collector Show response
collector-pxf69i9fy8.px-cloud.net/api/v2/ 32 B
49 B 57ms
56ms XHR
application/json 35.190.10.96
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-pxf69i9fy8.px-cloud.net/api/v2/collector
Requested by: Host: client.px-cloud.net
URL: https://client.px-cloud.net/PXf69I9fY8/main.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 96.10.190.35.bc.googleusercontent.com
Software: /
Resource Hash: fc28ecbc1ff8a7379cf4e592087ad5b1edddcbc566b1d6a341bed193c94d543a

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 30 Aug 2024 02:11:28 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.humansecurity.com
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 37ms
36ms Image
image/gif 23.34.59.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=20d60e1303ace3bf5d3a031877ae81bd&svisitor=null&visitor=a3a76483-2d0b-4f9b-812a-547288f6708e&session=cf26f0d3-eaf6-436e-8e89-d892093feed5&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2030%20Aug%202024%2002%3A11%3A29%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2030%20Aug%202024%2002%3A11%3A26%20GMT%22%2C%22timeSpent%22%3A%222951%22%2C%22totalTimeSpent%22%3A%228396%22%7D&isIframe=false&m=%7B%22description%22%3A%22HUMAN%27s%20Satori%20Threat%20Intelligence%20and%20Research%20team%20published%20an%20investigation%20into%20a%20domain%20cloaking%20operation%20named%20Camu%2C%20which%20provided%20a%20cashout%20mechanism%20for%20digital%20pirates.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Satori%20Threat%20Intelligence%20Alert%3A%20Camu%20cashes%20out%20ads%20on%20piracy%20content%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.humansecurity.com%2Flearn%2Fblog%2Fsatori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content&pageViewId=0cd7b308-c3f7-4939-879c-0872435d93d1&ipv6=2607%3A5300%3A60%3A7867%3A%3A13&v=1.1.23

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.33 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-33.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Aug 2024 02:11:29 GMT
x-content-type-options: nosniff
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 30 Aug 2024 02:11:29 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
0 47ms
46ms Fetch
text/plain 2001:4860:4802:32::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-59DHKRCY6M&gtm=45je48s0v881684866z8830094232za200zb830094232&_p=1724983879747&gcs=G1--&gcd=13l3l3l3l5l1&npa=0&dma=0&tag_exp=0&cid=1365157230.1724983881&ul=en-ca&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=EA&_s=2&sid=1724983881&sct=1&seg=0&dl=https%3A%2F%2Fwww.humansecurity.com%2Flearn%2Fblog%2Fsatori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content&dt=Satori%20Threat%20Intelligence%20Alert%3A%20Camu%20cashes%20out%20ads%20on%20piracy%20content&en=6sense&ep.timestamp=2024-08-29T19%3A11%3A19.916-07%3A00&ep.company_name=&ep.country=Canada&ep.domain=&ep.employee_range=&ep.industry=&ep.region=&ep.revenue_range=&ep.segments=&_et=1505&tfd=9817
Requested by: Host: client.px-cloud.net
URL: https://client.px-cloud.net/PXxDhGmtcm/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Aug 2024 02:11:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.humansecurity.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 34ms
33ms Image
image/gif 23.34.59.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=20d60e1303ace3bf5d3a031877ae81bd&svisitor=null&visitor=a3a76483-2d0b-4f9b-812a-547288f6708e&session=cf26f0d3-eaf6-436e-8e89-d892093feed5&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2030%20Aug%202024%2002%3A11%3A30%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2030%20Aug%202024%2002%3A11%3A29%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%229398%22%7D&isIframe=false&m=%7B%22description%22%3A%22HUMAN%27s%20Satori%20Threat%20Intelligence%20and%20Research%20team%20published%20an%20investigation%20into%20a%20domain%20cloaking%20operation%20named%20Camu%2C%20which%20provided%20a%20cashout%20mechanism%20for%20digital%20pirates.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Satori%20Threat%20Intelligence%20Alert%3A%20Camu%20cashes%20out%20ads%20on%20piracy%20content%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.humansecurity.com%2Flearn%2Fblog%2Fsatori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content&pageViewId=0cd7b308-c3f7-4939-879c-0872435d93d1&ipv6=2607%3A5300%3A60%3A7867%3A%3A13&v=1.1.23

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.33 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-33.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Aug 2024 02:11:30 GMT
x-content-type-options: nosniff
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 30 Aug 2024 02:11:30 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.humansecurity.com
URL: https://www.humansecurity.com/learn/blog/undefined

Domain: cdn.acsbapp.com
URL: https://cdn.acsbapp.com/config/humansecurity.com/config.json

Domain: st.fullcircleinsights.com
URL: https://st.fullcircleinsights.com/v1/visits/queue

Domain: st.fullcircleinsights.com
URL: https://st.fullcircleinsights.com/v1/visits/queue

Verdicts & Comments Add Verdict or Comment

148 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

36 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.humansecurity.com/	1970-01-20 23:09:45	Name: __cf_bm Value: kxqEM_bWJyI.XiZdRWlz_.p8z257qrql.cx9PjV1JW4-1724983879-1.0.1.1-tWYFLwfqPyGalrogm1k0HJ7_B1140arY32TtSD1Y8Z4RJtEWo1UGyYJgBMjQdRuUEnxikggUdojOFEUsnL1ukA
.www.humansecurity.com/	1969-12-31 23:59:59	Name: __cfruid Value: 1981f7ee1e2602395f262a517d75022f9ccacb2c-1724983879
.humansecurity.com/	1970-01-21 01:19:19	Name: _gcl_au Value: 1.1.2028744126.1724983880
.g2crowd.com/	1970-01-20 23:09:45	Name: __cf_bm Value: 3OcAHrviBPGXujoxJ.pD6r4yf9Xa8jXm6t_GmTkGClI-1724983880-1.0.1.1-TPniVoeUBE5WoCD4FCJ4Q_dcEy9g6Ai2Sze26ryqWntkmKRjDf.3GBGQqeTM6amkr_4CE.oadoonmqBUeWghwg
.humansecurity.com/	1970-01-20 23:11:10	Name: _gid Value: GA1.2.296677000.1724983881
.humansecurity.com/	1970-01-20 23:09:43	Name: _dc_gtm_UA-111948466-2 Value: 1
.humansecurity.com/	1970-01-20 23:09:43	Name: _gat_UA-111948466-3 Value: 1
.linkedin.com/	1970-01-20 23:11:10	Name: lidc Value: "b=OGST02:s=O:r=O:a=O:p=O:g=3336:u=1:x=1:i=1724983880:t=1725070280:v=2:sig=AQFZGiBrnT6tgMvMHpoYu2r3FZcG3LBT"
.linkedin.com/	1970-01-21 07:55:19	Name: bcookie Value: "v=2&a2869170-954e-45b4-8c60-3a770717ad77"
.linkedin.com/	1970-01-21 03:28:55	Name: li_gc Value: MTswOzE3MjQ5ODM4ODA7MjswMjHZKjLFqvpK/0fwjcLpCO7zWo+UP7hyMi0+7Ynji837Tg==
.doubleclick.net/	1970-01-21 08:45:43	Name: IDE Value: AHWqTUm0E_7khQkaCSyzv8p4XvBfKuvYvgRhWO4C9x3WQXblavXUd7HfbeSQdtKJ
.hubspot.com/	1970-01-20 23:09:45	Name: __cf_bm Value: 5TooT3xiXVRwErxe_PxZqHlMMUDzNYbzQqCeJnh9D3w-1724983881-1.0.1.1-h8OVFv6IwxeEqOGhF.KlBq5zfIPaI6Uptc_7vx5jynCh67ZU6X5GumMveN7RF3eqlLKY9SmBh1z3_.K0mybe0Q
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: xMQ50_t1OB867kHLMXpQVeNjXPGy96mJLKzED2vEv2o-1724983881115-0.0.1.1-604800000
www.humansecurity.com/	1970-01-20 23:19:48	Name: slireg Value: https://scout.us3.salesloft.com
.www.humansecurity.com/	1970-01-21 07:55:19	Name: _zitok Value: 9da3b0f92537af6f2c7e1724983880
.humansecurity.com/	1970-01-20 23:11:10	Name: _uetsid Value: 26724bb0667511ef93cda9e6d8f82e13
.humansecurity.com/	1970-01-21 08:31:19	Name: _uetvid Value: 267272d0667511efaad9cbd4f9933aae
.humansecurity.com/	1970-01-21 08:45:43	Name: _mkto_trk Value: id:001-VJX-104&token:_mch-humansecurity.com-1724983881446-11449
.bing.com/	1970-01-21 08:31:19	Name: MUID Value: 15F9527D56E06EBE2CBF4696576C6FF5
.bat.bing.com/	1970-01-20 23:19:48	Name: MR Value: 0
.humansecurity.com/	1970-01-21 07:55:19	Name: _hjSessionUser_3389720 Value: eyJpZCI6IjFlODdkMDdjLThlYTktNWVhOS04OGMyLTUxNzk4MzJlMDc4YyIsImNyZWF0ZWQiOjE3MjQ5ODM4ODE1NDksImV4aXN0aW5nIjp0cnVlfQ==
.zoominfo.com/	1970-01-20 23:09:45	Name: __cf_bm Value: 5OchSwOrVn3cpf6tueVRpxrmM_QLoYWerXzIQP0KU80-1724983881-1.0.1.1-yl5r8Y1mYp0.FKCANWSRktBXEPBirdmfTTN_cwF71PHCetp24ndfmG2MqnlN4bOG_o_vy6l7F1jZ6m2UkJxS8g
.zoominfo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: auPU7B1oBGBH1gYU8HnP8fAga9gKEJVVQ2XsmE5.y3U-1724983881565-0.0.1.1-604800000
.humansecurity.com/	1970-01-20 23:09:45	Name: _hjSession_3389720 Value: eyJpZCI6IjQ4NjQ0ODhiLTc0ZDktNDQ2ZS05ZTZkLWU1ZDQ1NjM1NjEyYyIsImMiOjE3MjQ5ODM4ODE1NTAsInMiOjEsInIiOjEsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.humansecurity.com/	1969-12-31 23:59:59	Name: pxcts Value: 267b216d-6675-11ef-97d9-f5c3dd46d593
.humansecurity.com/	1970-01-21 07:55:19	Name: _pxvid Value: 267b171b-6675-11ef-97d9-c9c205c9ac45
www.humansecurity.com/	1970-01-21 07:55:19	Name: sliguid Value: accf5d47-23bb-42a4-9869-8cc566b6621c
www.humansecurity.com/	1970-01-21 07:55:19	Name: slirequested Value: true
.humansecurity.com/	1970-01-21 08:45:43	Name: _ga_474QF6N3NS Value: GS1.2.1724983881.1.0.1724983881.0.0.0
www.humansecurity.com/	1970-01-21 07:55:19	Name: _pxvid Value: 26c3fbb4-6675-11ef-8b77-3002408f00da
www.humansecurity.com/	1970-01-21 08:45:43	Name: _gd_visitor Value: a3a76483-2d0b-4f9b-812a-547288f6708e
www.humansecurity.com/	1970-01-20 23:09:58	Name: _gd_session Value: cf26f0d3-eaf6-436e-8e89-d892093feed5
.www.humansecurity.com/	1970-01-21 07:55:19	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Thu+Aug+29+2024+19%3A11%3A22+GMT-0700+(Pacific+Daylight+Time)&version=202303.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Fwww.humansecurity.com%2Flearn%2Fblog%2Fsatori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content&groups=C0001%3A1%2CC0003%3A1%2CSPD_BG%3A1%2CC0004%3A1%2CC0002%3A1
.humansecurity.com/	1970-01-21 08:45:43	Name: _ga Value: GA1.2.1365157230.1724983881
.humansecurity.com/	1970-01-21 08:45:43	Name: _ga_59DHKRCY6M Value: GS1.1.1724983881.1.0.1724983882.59.0.0
.humansecurity.com/	1969-12-31 23:59:59	Name: _fcdscst Value: MTcyNDk4Mzg4NjA3Ng==

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-camu-cashes-out-ads-on-piracy-content Message: Refused to apply style from 'https://www.humansecurity.com/learn/blog/undefined' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

001-vjx-104.mktoresp.com
acsbapp.com
analytics.google.com
app.hubspot.com
b.6sc.co
bat.bing.com
c.6sc.co
cdn.acsbapp.com
cdn.cookielaw.org
cdn2.hubspot.net
cdnjs.cloudflare.com
client.px-cloud.net
collector-pxf69i9fy8.px-cloud.net
collector-pxxdhgmtcm.px-cloud.net
connect.facebook.net
content.hotjar.io
d2i34c80a0ftze.cloudfront.net
epsilon.6sense.com
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
googleads.g.doubleclick.net
ipv6.6sc.co
j.6sc.co
js.hs-analytics.net
js.hs-banner.com
js.hsleadflows.net
js.zi-scripts.com
munchkin.marketo.net
platform.linkedin.com
platform.twitter.com
px.ads.linkedin.com
px4.ads.linkedin.com
s.cdnsynd.com
scout-cdn.salesloft.com
scout.salesloft.com
script.hotjar.com
snap.licdn.com
st.fullcircleinsights.com
static.hotjar.com
static.hsappstatic.net
stats.g.doubleclick.net
td.doubleclick.net
track.hubspot.com
tracking.g2crowd.com
ws-assets.zoominfo.com
ws.zoominfo.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.humansecurity.com
cdn.acsbapp.com
st.fullcircleinsights.com
www.humansecurity.com
104.16.117.43
104.16.118.43
104.17.24.14
104.18.37.212
104.18.89.62
108.138.106.49
13.107.42.14
13.248.142.121
142.250.64.68
142.250.65.162
142.250.81.232
142.250.81.238
142.251.40.227
157.240.241.1
18.164.96.18
18.164.96.87
192.28.147.68
199.60.103.227
2001:4860:4802:32::181
23.204.6.193
23.34.59.33
2600:141b:1c00:2e::17d1:48d1
2600:141b:1c00:30::1739:5a6a
2600:141b:1c00:6::17df:d149
2600:9000:28b2:f200:9:14eb:6280:93a1
2606:2800:21f:edfc:49f9:c096:a5a7:75f2
2606:2800:220:131d:1d30:1f1d:238b:1e56
2606:4700:10::6816:1cc
2606:4700:4400::ac40:9310
2606:4700:4400::ac40:9b77
2606:4700::6810:4869
2606:4700::6810:7674
2606:4700::6811:ac5b
2606:4700::6811:afc9
2606:4700::6812:1eb0
2606:4700::6812:562a
2606:4700::6812:8d11
2607:f8b0:4004:c06::9b
2607:f8b0:4006:80f::200a
2607:f8b0:4006:81d::2008
2607:f8b0:4006:81e::2002
2607:f8b0:4006:81e::200e
2607:f8b0:4006:821::2003
2620:1ec:21::14
2620:1ec:33:3::10
34.229.104.150
34.249.205.38
35.190.10.96
52.73.117.16
02a711f90cf3fe3f3c91c838aa383dd9bc60d67b59e678328975e2193c1ce1d1
03acc5c7069d79f53c0902c716cc6c6f1463d8ebb87724d39e5cb03f3f9d7890
067536b3f91d4c08a72a02644605c37436afe7b1e60e0e251f298d5ccb082e49
0d3b1eb7d0f0f9f6b02dc4d100a34d5ed61b9b22e284ef8b8fc16dee56cb0453
12c370f85bda4027f79b47c3aaf3d3afe65b46c57e3085a4c7c2039c7c43f2ac
139123baa76429bd487c2db34db3ed482f58034192bef53870934e3fa5d40c41
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
1892bc981117777e575dc1231631c473cc8b57fd0d023c5e883978d5256a85ae
1bb0e098f5a598b1a0dbd04775c38b0421251adda71dfc6cd7ae673e710da874
1cc56e5fc3be68bfe3398b740ea6292fb445def0bfa8ba3d41b377aee41bf6b7
1cfea949b0b2925d27b84d56d18f2ea1c6b948fdf3ae95c534a14706043da178
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d17bf625f9239f54a3960193a42a07053d7910ca7e755de801ff1a7de74d460
201b591d8778f953b5cde276d197d939dbc151d21e948d0e91d8869901f9eeb8
27d001801da9af0f66dfdc4b42a2a22ef3c91682ec36157d1e38c9c75e16bef6
2b14e8397d552f351a4396dec25ec5da1348865683100e94c4ab0faea4a9a254
2b1a4915e59e76e65870b9b2fe38250746fd0eaa301b836516e71bc7c6dd8ae4
2fc92a4b6bcd0e8fdd8b4939e421646379410fc25266f0fb5f1abf07a843f93e
31bcdccddfca7548459ba25d8e69f45cdbed125d56fb01f69ace5429dfc15c7a
31bffb649cd812a3e720b1838c910fe359aef60c46ec91149d895dc23708768d
325ac9b250f1a971280097e15ae4420181519791a0b18ed9c46028ce6554f589
37fe7ca00c03c71ca015a5c1d197aa6b539d42f01e2848d2b61c2d7532b9ad87
42c7e51d284cd7256caf3bfebf641141876657ea0d6e5588ac7e69dce1e9cf7e
439042e0204db71db38bb4cbe130c3e520d35a14c2d9f65200308eaf1886eb64
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4470812cccafc2228171cad13cb84e3aa000b33a0f75110a081aba3f017c8d68
46043be637afe914e3a575c2921cd2904b2c4b59388128ed10625628402d46a6
4651c8713aee0c750d4cdd973975985e3642666f5a2c41f49a9f1a32b9608342
4a007af67f716c30c8848ab0ad0bfaab8a5fcf3e36dedf918b59c9429d522440
4e8276aea0a3c7fe3600e6718c7f484d49c347c8d5763d89be95900d526a14da
50377d1d3e7dcb2c8298feb8d2505099df1957e3700a358b993b4cf443fd36e8
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc
54922aed651f983596d7c4d47b075f10dfa004fffe6c60c15c59ecdc1856529f
54a00c1f0eaaeb0537a8297cda238d8d96c0441a708ebaba46e4f473ac94e689
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5c782a3315b0801514925ec9113dbe28aed301b31bc2d5c592f71fe1f24b3e37
5ce047ebac8ba3b04f3341691999523778cc095072177b18b0d5757549eb48b9
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
6141757da14af6dfc29aea988dd2e2203e0de0471dc48f2e95a5e5002c16891b
61954d242f58ebaa79974cbba81783116c46ea305be131be0fcd557a20be71f9
642575582c7ccf050a918b334a352c5297250940c12e5fd65c558e1f48e90372
65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e
671367c3c0e84517f31e61945cd9ba416f89eb653dbc3c4d1828518ef5c627e7
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f684971a6600c115bd3d3102c43a0b09ad5a1a3c45a818269445ba888ce8d58
76aabd5326d4b58f4ad0503d0abe73650b1920f7d4a6d2c28bf50accdd27a712
76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14
78142c1a0831423d3fee5308b442b24659445ac8d7c34b92bde6624cc012f4e8
7c0597b1b0c771139c958982210f05b275993037f0f3ba20d7a9300a0741dc80
7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e
81f2e0a9e0cbb9cfcb5d72f56f4eff056370ddd14104251fc7066a8f7d641828
8320299532b4b81498d5b3714d49c9d5938883b55f4c2a1efe6f105bf4a942bd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87d049fc6d16da1f81063235c0e3d31a4656800cbbdca8277d6ae56614a52aba
88a955245e5e007bcd6faa68ebff9026e70a9abc08495ab6f32eb992017d90dc
88e7b0718f584603ca29ed368567c07f629f1012e0e4972c3fd95db2e339504d
8cacf0cf645c21d4537ec12d2f77794bce33f3b0090376a04bf8e4fd952f1513
8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02
8dd47dcf0b5eed6cc6f55c516e3a4678c511b40b509b65a3f9ce4aade4eea41d
90b5415c9893465d50440ac444e50f05c0b5698540c0349b1a820330240b5faa
92cde36d24b66c5bb39231c290e47319cc207455557a1c4ddf0b1c584422db77
98dfeb1d061e8788b320a130a84723813efed0b2518921f30b40cc8a09bf8ecf
9cac5e10bd3d5631c178a838d415c28b126daca61e10e81e6dc36aa18919174f
9d9fbfd489416f7fa849b1ef7820d17a7c36a56faca1a0d612a6d61c5c9f08a7
a123eebd3f1e4f9b4641216ddc8aee3dd0ecc035cc9d2f6ed7b92c979fccc326
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
a61f7c809275b59c33233e94832bbd5b16b6788fd67efa2e2fe83dbbe73cc172
abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb
adfc35d72ea1d0feaa677acecd2dafad7fdda56b02a76d7f51ad1bc067c2d499
afff892691aaab5f3a2c411cb09a2674006120f314eb8ac1fc6efb8c66a1c353
b0392294081a8113d3c077796594484f5354ebb23b518d3337738015bddb70aa
b17ad6eab5f71934277721a0558d12da27ef1c1d7688d3dc8e8440165902526b
b2f990787e3b1814304c78b2805480c18a8e4ad82605df538e395ec36577fb92
b6fafec42bd73c72f7999e88f1bc7d395f5386070ddbaff1413998fa07596537
b84398de46283985db9507da817ab6fd1c66687b7b9f6d1bf3e0de29bc2b3e28
c26663b888f586b079e5616b36f24f3b3294788e3775d3999b0f2e708c38d4ee
c64cddc349202defdca8bcf51d8a905d5f8810cc76f08c1e6561800f1dd5708a
cd27193574494c7c28903f1088f7eba26bf7c29f814e711e006036e733ceef8d
d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719
d4a42e8f77ed647b32311ffc6b611bdc77b6296726e51cfc958ac736c63a6654
d55ad3bc35664e6ce9dc3e6a71bb6d3a4c8fddeb6af1a195727c0361ddd92a2e
d651066ec06c641549632f4776b2cdbf638ca0786adf1c58f44a2728daed9b00
d8e166157d90ed13492b8627e50c606aeab874cd0a5d6ed3b7c8a7988a3d46d3
db0da7efe3ac5fc9e598f71e291326f137ea7bbbf97fed4fee0e86b717b0d9a8
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd5e60442181c68a2711c4a407db551e51e0af167f16b86775ceb7e56679a045
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e08bbd8d11326289feff5496edc2ee3d0d7e905fe69ad7612a63dcd6bc6e8313
e0d54140c9e5b41f4f5f8fd5583a8ae657452e2bec968966ab70c26d5ae77719
e242f5ce40954ed63ef3d88dd1750f427d08cc5d3f746a7e1c580f691889a141
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e779904e434d50e426e79dfac680cdb8a04564e67121c257974278a02979e407
e8567a8657bb656ce9c600fecf93ac4a652a8e6df953fdd1c740ec56d55583f9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa303262b36a12c1c28503edc4d8852388482855d729b169c9bfb1b969adf45
f11383ad7d3c69ffb2045e9c60ddbe79a0e90e1e840d3cf1f8521e3c160ca110
fc28ecbc1ff8a7379cf4e592087ad5b1edddcbc566b1d6a341bed193c94d543a
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a
fe20999e64ebf0bfd1a4957b60b0e79bf6b53759a955a92639d8fd2dadc9a45c
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

www.humansecurity.com Open in urlscan Pro 199.60.103.227 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

144 Requests

95 %HTTPS

51 %IPv6

37 Domains

52 Subdomains

50 IPs

3 Countries

1969 kBTransfer

5988 kBSize

36 Cookies

15 Outgoing links

Redirected requests

144 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.humansecurity.com Open in urlscan Pro
199.60.103.227 Public Scan

Screenshot
Live screenshot

Full Image

144
Requests

95 %
HTTPS

51 %
IPv6

37
Domains

52
Subdomains

50
IPs

3
Countries

1969 kB
Transfer

5988 kB
Size

36
Cookies

144 HTTP transactions
3 data transactions